We've just released version 5.0.0 beta 3 of the Phusion Passenger application server for Ruby, Python and Node.js. The 5.x series is also unofficially known under the codename "Raptor", and introduces many major improvements such as performance enhancements, better tools for application-level visibility and a new HTTP JSON API for accessing Passenger’s internals.
So far, we've discouraged using 5.0 in production because it's still in beta and because it was known to be unstable. But this changes with beta 3, which we consider "more or less ready for production". This means that we're confident that most of the major issues have been solved, but you should still exercise caution if you roll it out to production.
In February, we will release the first Release Candidate version. If everything goes well, 5.0 final -- which is officially ready for production -- will also be released in February.
Changes in this version
Main article: Turbocaching security changes
One of the major features in Phusion Passenger 5 is the turbocache, an integrated and high-performance HTTP response cache. It is responsible for a large part of the performance improvements in version 5. In beta 3, we've given the turbocache a few major updates:
We've been researching ways to improve the turbocache. Based on community feedback on the turbocache, we've found that the turbocache in its previous form wasn't so useful. So we've come up with a few ways to allow apps to be better cacheable. These techniques are well-established and have been extensively used in advanced Varnish setups.
We've made the turbocache more secure and more conservative, based on excellent feedback from Chris Heald and the community. In previous versions, default cacheable responses (as defined by RFC 7234) were cached unless caching headers tell us not to. Now, default cacheable responses are only cached if caching headers explicitly tell us to. This change was introduced because there are many applications that set incorrect caching headers on private responses. This new behavior is currently not configurable, but there are plans to make it configurable in 5.0.0 release candidate 1.
Heroku support restored
Beta 1 and beta 2 didn't work on Heroku because of bugs. With beta 3, Heroku support has been fixed. This closes GH-1329.
Nginx < 1.6 support dropped
Nginx versions earlier than 1.6 are no longer supported.
Many major bugs have been fixed. These bugs include crashers, cookie handling issues, connection handling issues, etc:
- Fixed various turbocache header handling issues.
- Fixed cookie handling issues. Closes GH-1310.
- Fixed various WebSocket issues. Closes GH-1306.
- Fixed some crashes caused by race conditions. Closes GH-1326.
- Fixed issues with handling POST data. Closes GH-1331.
- Fixed some integer overflows. Fix contributed by Go Maeda. Closes GH-1357.
- Fixed the
passenger-status --show=union_stationcommand. Closes GH-1336.
A new configuration option,
passenger_response_buffer_high_watermark (Nginx) and
PassengerResponseBufferHighWatermark (Apache), has been introduced. This allows for configuring the behavior of the response buffering system. Closes GH-1300.
State introspection has been improved. This means that
passenger-status --show=requests shows better and more detailed output now.
Installing or upgrading
Here's a quickstart:
gem install passenger --pre -v 5.0.0.beta3
The above is a very short excerpt of how to install or upgrade Phusion Passenger. For detailed instructions (which, for example, take users and permissions into account), please refer to the “RubyGems” section of the installation manuals:
- 5.0.0 beta 3 is a beta release. There are no major bugs left, but please exercise caution and report any issues.
- There are no Homebrew or Debian packages for this release, because this release is still in beta!
- There is also a 5.0.0 beta 3 release of Phusion Passenger Enterprise available. Please refer to the Customer Area.