Changes
Fixed S3 authentication for requests that have a query argument including characters (an asterisk (*) or 32-bit Unicode characters). (CLOUD-3592)
Upgrade Impacts
See Upgrading Gateway, to upgrade from a version of Gateway 6. See Upgrading from Gateway 5.x, if migrating from Elasticsearch 2.3.3 and Gateway 5.
Starting from Gateway 7.8, Elasticsearch 6.8.6 is no longer supported. Remain on Gateway 7.7 until the rolling upgrade is completed from Elasticsearch 6.8.6 to 7.5.2.
Address the upgrade impacts for this and each prior version since the currently running version:
Impacts for 7.10.1
Version Requirements
Swarm Storage 14.1.0 or higher
Elasticsearch 7.5.2
Content UI 7.7.0
Impacts for 7.10
Version Requirements
Swarm Storage 14.1.0 or higher
Elasticsearch 7.5.2
Content UI 7.7.0
Impacts for 7.9
Version Requirements
Swarm Storage 14.1.0 or higher
Elasticsearch 7.5.2
Content UI 7.6
Impacts for 7.8
Version Requirements
Swarm Storage 14.0.1 or higher
Elasticsearch 7.5.2
Content UI 7.5
Impacts for 7.7
Version Requirements
Swarm Storage 12.0.1 or higher
Elasticsearch 7.5.2
Content UI 7.4
Impacts for 7.6
Version Requirements
Swarm Storage 12.0.1 or higher
Elasticsearch 7.5.2
Content UI 7.4
Impacts for 7.5
Version Requirements
Swarm Storage 12.0.1 or higher
Elasticsearch 7.5.2
Content UI 7.4
Impacts for 7.4
Version Requirements
Swarm Storage 12.0.1 or higher
Elasticsearch 7.5.2
Content UI 7.4
Impacts for 7.3
Version Requirements
Swarm Storage 12.0 or higher
Elasticsearch 7.5.2
Content UI 7.3
Impacts for 7.2
Version Requirements
Swarm Storage 12.0 or higher
Elasticsearch 7.5.2
Content UI 7.2
Impacts for 7.1
Version Requirements
Swarm Storage 12.0 or higher
Elasticsearch 7.5.2: Migration to Elasticsearch 6 from either Elasticsearch 2 or 5, with reindexing, must be performed before upgrading. Because the ES 6 database is binary-compatible, upgrade in place to the current version is possible. See How to Upgrade Swarm.
Content UI 7.0
Password Security
The script to initialize Gateway (
/opt/caringo/cloudgateway/bin/initgateway), a one-time step after installing Gateway, generates the master encryption key that is used in password security for the Gateway configuration and IDSYS files. The first time upgrading from a version prior to 7.1, run this initialization again to enable the feature.If downgrading from 7.1, errors are encounter related to the inability to authenticate using the encrypted passwords in the configuration and IDSYS files. Replace any encrypted credentials with original versions. (CLOUD-3209)
Impacts for 7.0
Version Requirements
Swarm Storage 11.2 or higher
Elasticsearch 6.8.6 or 5.6.12
Content UI 6.3, if used
Enable the Gateway service manually after upgrading:
systemctl enable cloudgateway. (CLOUD-3193)To support processes requiring repeated bucket PUT requests to succeed, those requests now always return 409 Conflict, regardless of owner, instead of 403 Forbidden for non-owners. This differs from AWS S3 behavior. (CLOUD-3167)
See Content Gateway 6.4 Release for impacts from prior releases.
Watch Items and Issues
These are known operational limitations that exist for Gateway.
When using the default RHEL/CentOS configuration of IPTABLES, traffic to the Gateway will be blocked unless action is taken to disable IPTABLES or to enable inbound traffic to the front-end protocol port(s).
Gateway is not compatible with Linux PAM modules that depend upon interactive validation operations such as OTP or biometric scanners.
See Content Gateway 6.4 Release for known issues from prior releases that are still applicable, apart from those appearing above as Fixed.