Stackato 2.8 Released (And It Rocks!)
by Brent Smithurst

Brent Smithurst, February 27, 2013

Stackato 2.8 Just in time for Stackato's first birthday on February 28, we are absolutely thrilled to make Stackato 2.8 available today. As usual, the forum announcement and release notes have the change list.

This was our longest development cycle to date (10 weeks!). I feel extremely proud and lucky to be part of a team talented enough to add so many features and capabilities to Stackato in such a short period of time. It's pretty amazing to realize this is our seventh feature release -- eighth if you count 2.6.7 -- in just less than a year!


We've added a lot of large enterprise customers over the past year, and many more are involved in Stackato proof of concepts (POCs). We try to keep in touch with all of those users regularly via phone calls, email, and in the #stackato IRC channel. Some of these customers are black holes in that they do not really share specific details with us of how they are using Stackato. Defense contractors and others can be like that. However, most users are eager to share feedback on specific use cases and request new features and capabilities. We really like hearing what users are telling us, and we like hearing everything: specific feature requests, but also the daily frustrations customers experience. This feedback inspire us to make users' work lives easier.

We have a long-term vision for Stackato, and as long as what users ask for fits that vision, we are happy to consider their feedback to prioritize new features and functionality. This is what guided us when we developed 2.8 -- even more so than with any previous release. Here is a sampling of what's new.

Harbor Port Service and Router 2g

Harbor is Stackato's new "ports as a service" feature. A Harbor node sits on the edge of a Stackato cluster network and efficiently proxies traffic from any app to the outside world and vice versa. Harbor learns about new routes for each provisioned service from the DEAs and automatically provisions TCP, UDP, or dual TCP/UDP ports from a pre-configured range.

Of course, this all works with multiple instances of an application. It also enables another new capability. Java applications can now be interactively debugged through a Harbor port. Aside from enterprise use cases such as deploying non-web network applications that use protocols other than HTTP(S), Harbor also allows for fun things like Minecraft to be easily deployed to Stackato. Look for a blog post on this soon.

Harbor also allows for multiple SSL certificates to be used in Stackato. Even better, a Stackato user can upload their own SSL certificates and keys when they push their application instead of having to bother a Stackato administrator.

Finally, Stackato's Router 2g becomes the default router in 2.8. Router 2g was originally introduced in Stackato 2.2 back in August 2012. It added support for WebSockets and performed much better than the stock Cloud Foundry-based router. We have continued to improve it with each Stackato release since then, adding SPDY support along the way. Just after Stackato 2.6 was released, we discovered that a majority of our customers were using Router 2g in production, so it is now the default option as of 2.8.

LDAP User Authentication

Previous versions of Stackato allowed for LDAP user authentication via an "LDAP shim" created by Mozilla. This was effective, and we have several customers using it in production. However, it still requires a bit of manual work, and it is not really native to Stackato. To address this issue, we built our own user authentication server called AOK in to our cloud controller. Two of our developers in Seattle originally dubbed it "Eh-OK" as a friendly dig at us, Canadian Activators, but we renamed it at the last minute.

Anyway, AOK is now built-in to Stackato, works with a load balancer (and multiple Stackato Routers), and allows for authentication via an LDAP server. Most importantly, AOK is a general user authentication framework that can be extended fairly simply to support authentication mechanisms other than LDAP. Please let me know if you need to authenticate to something other than LDAP.


Fence is one of those non user-facing, behind-the-scenes features that are nonetheless extremely important. Stackato has used LXC containerization for application security and performance reasons from the beginning. Fence improves on this by offering significant performance improvements, with streamlined container creation and deletion, lower memory usage, and even better security than before.

Most importantly, it enables some exciting user-facing features that will be coming over our next couple of releases.

Other Changes

There are many other changes in 2.8, including more usability enhancements in our industry-leading web console, a new version of Redis (2.6), and a lot more. 

Once again, I encourage you to let us know what you would like to see added to Stackato. What problems are you having that Stackato is not currently solving? How can we make your life easier? Please let me know via Twitter, brents+feedback [at] activestate [dot] com (subject: Stackato%20feedback) (email), or our Stackato discussion forum.

Subscribe to ActiveState Blogs by Email

Share this post:

About the Author: RSS

Brent is ActiveState's Vice President of Product Management & Marketing. He's interested in helping enterprise IT departments and developers work together more effectively. Prior to joining ActiveState, he held leadership positions in software product management, IT, operations, and marketing for organizations in security/computer management, motion picture/television, food services, and hardware retail/online industries. But you already knew that after checking him out on LinkedIn, didn't you?