Changes
S3 Object Locking: Object locking feature in Gateway 7.6 prevents object versions from being deleted or overwritten – for a fixed amount of time or indefinitely. (CLOUD-3247)
CIDR Support in [scsp]allowSwarmAdminIP: This Gateway parameter now supports CIDR formatting in its values (CLOUD-1191)
Upgrade Impacts
See Upgrading Gateway to upgrade from a version of Gateway 6. See Upgrading from Gateway 5.x if migrating from Elasticsearch 2.3.3 and Gateway 5.
Address the upgrade impacts for this and each prior version since currently running version:
Impacts for 7.6
Version Requirements
Swarm Storage 12.0.1 or higher
Elasticsearch 7.5.2
Content UI 7.4
Version Requirements Swarm Storage 12.0.1 or higher Elasticsearch 7.5.2 Content UI 7.4Impacts for 7.5
Version Requirements Swarm Storage 12.0.1 or higher Elasticsearch 7.5.2 Content UI 7.4Impacts for 7.4
Version Requirements Swarm Storage 12.0 or higher Elasticsearch 7.5.2 Content UI 7.3Impacts for 7.3
Version Requirements Swarm Storage 12.0 or higher Elasticsearch 7.5.2 Content UI 7.2Impacts for 7.2
Version Requirements Swarm Storage 12.0 or higher Elasticsearch 7.5.2: Migration to Elasticsearch 6 from either Elasticsearch 2 or 5, with reindexing, must be performed before upgrading. Because the ES 6 database is binary-compatible, upgrade in place to the current version is possible. See How to Upgrade Swarm. Content UI 7.0 Password Security The script to initialize Gateway ( If downgrading from 7.1, errors are encounter related to the inability to authenticate using the encrypted passwords in the configuration and IDSYS files. Replace any encrypted credentials with original versions. (CLOUD-3209)Impacts for 7.1
/opt/caringo/cloudgateway/bin/initgateway
), a one-time step after installing Gateway, generates the master encryption key that is used in password security for the Gateway configuration and IDSYS files. The first time upgrading from a version prior to 7.1, run this initialization again to enable the feature.
Version Requirements Swarm Storage 11.2 or higher Elasticsearch 6.8.6 or 5.6.12 Content UI 6.3, if used Enable the Gateway service manually after upgrading: To support processes requiring repeated bucket PUT requests to succeed, those requests now always return 409 Conflict, regardless of owner, instead of 403 Forbidden for non-owners. This differs from AWS S3 behavior. (CLOUD-3167)Impacts for 7.0
systemctl enable cloudgateway
. (CLOUD-3193)
See Content Gateway 6 Release Notes for impacts from prior releases.
Watch Items and Issues
These are known operational limitations that exist for Gateway.
When using the default RHEL/CentOS configuration of IPTABLES, traffic to the Gateway is blocked unless action is taken to disable IPTABLES or to enable inbound traffic to the front-end protocol port(s).
Gateway is not compatible with Linux PAM modules that depend upon interactive validation operations such as OTP or biometric scanners.
See Content Gateway 6 Release Notes for known issues from prior releases that are still applicable, apart from those appearing above as Fixed.