Passenger 5.2.0: deterministic config, Ruby 2.5, fixed license warning

Version 5.2.0 of the Passenger application server for Ruby, Node.js, Meteor and Python has been released. We increased the minor version because there are a few breaking changes in the Apache configuration. There's also a few fixes, like Ruby 2.5 compatibility and a false alarm in the log about our licensing server.

The 5.x series of Passenger brings a plethora of improvements in uptime maximization, security and efficiency. Please be aware that you can enjoy enterprise features and sponsor the open source development directly by buying Phusion Passenger Enterprise.

Breaking change overview

There are only two breaking changes, and they apply only to the Apache integration mode:

  1. We've removed PassengerResolveSymlinksInDocumentRoot. It was an old compatibility option for Passenger version 2. Switch to PassengerAppRoot if you are setting the application root via a document root containing symlinks.

  2. The options below, which act on a per-process level (rather than per-request level), can no longer be used in .htaccess files. This is further explained in "Deterministic configuration".

     PassengerAppRoot
     PassengerForceMaxConcurrentRequestsPerProcess
     PassengerAppGroupName
     PassengerRestartDir
     PassengerFriendlyErrorPages
     PassengerSpawnMethod
     PassengerLoadShellEnvvars
     PassengerMaxPreloaderIdleTime
     PassengerMaxRequestQueueSize
     PassengerStartTimeout
     PassengerMaxRequests
     PassengerGroup
     PassengerUser
     PassengerMaxInstancesPerApp
     PassengerMinInstances
     PassengerStartupFile
     PassengerAppType
     PassengerAppEnv
     PassengerBaseURI
     PassengerMeteorAppSettings
     PassengerNodejs
     PassengerPython
     PassengerRuby
    

Deterministic configuration

One of the biggest changes in Passenger 5.2.0 lives under the hood: a large internal refactoring of configuration option handling was completed. Besides global and per-request configuration options, we now also distinguish per-application options, with new restrictions to help prevent configuration ambiguity.

Preventing ambiguity

Global options like the pool idle time are meant to be set only once, but previously you could set them in multiple conflicting sections (e.g. <VirtualHost>), which in practice meant that options from the first section to receive a request would "win" and determine the final value.

Some options may be different for each application handled by Passenger, but may not change for each request. We call these per-application options, an example being the ruby interpreter that is used for spawning Ruby apps. Changing the value based on requests makes no real sense after the app is spawned. For Apache, this means that per-application options cannot be declared in sections like <Files>, <FilesMatch>, <If>, and files like .htaccess.

Per-request options such as whether passenger is enabled didn't need a change: they can still be set anywhere.

Autogeneration & Option tracking

Most of the code that handles parsing, validating and passing configuration options from the three integration modes (Nginx, Apache, Standalone) to the core is now autogenerated!

Besides having done wonders for the consistency and maintainability of the many options (almost 100 per mode), we can now track options from specific configuration files and line numbers through potential overrides to their final effective value. For now this has made it possible to do automated end-to-end testing, but we also imagine future use for easy debugging of integrated Nginx and Apache configs.

Licensing server false alarm

Passenger Enterprise normally logs a warning if it is unable to contact the Phusion licensing server, and then an error if this situation continues for three days. We discovered that a change in version 5.1.8 causes Passenger to immediately log the error instead of after the three day grace period.

In addition, Apache users would get this error once on every startup since version 5.1.11, because of the way Apache loads modules such as Passenger (rapid duplicate initialization).

Both false alarms are harmless and cannot cause any downtime. The issues were fixed in 5.2.0.

No Ubuntu Zesty packages

Ubuntu 17.04 "Zesty" is End-Of-Life per January 2018, so we've stopped releasing updated Passenger packages for this version.

No Ubuntu Trusty 32-bit packages

We have been thus far unable to compile Passenger on Ubuntu 14.04 "Trusty" 32 bit, using our build system. This is due to gcc using more than 3GB of virtual memory while trying to compile the latest codebase, and our build system not being able to use PAE to address more memory. If we can find a way to overcome this problem before Trusty is EOL, the 32-bit Trusty builds will be brought back.

Various improvements & fixes

  • Ruby 2.5 compatibility: handle case where an exception's backtrace may be nil. Closes GH-2011.
  • [Apache] Fixes compilation issues on some systems with macOS 10.13 High Sierra (in addition to the fixes from 5.1.11).
  • [Nginx] Fixes the default for the passenger_app_group_name to start with the passenger_app_root rather than the document root (the end remains the same: passenger_app_env).
  • [Standalone] Adds command line support for start_timeout in Passenger Standalone (also removes unnecessary warning when using it in Passengerfile.json).
  • [Standalone, Nginx] Waits for Nginx to exit before cleaning up temp dir (started happening more since the switch to Nginx graceful shutdown in 5.1.6). Closes GH-1970.
  • Deprecated options for Union Station.
  • Adds JSON mime type for static file serving. Closes GH-2018.

Installing 5.2.0

Please see the installation guide.

Upgrading to 5.2.0

We strongly advise staying up to date with the latest version.

See also the upgrade notes below!


OS X

Debian

Ubuntu

Heroku

Red Hat

CentOS

Ruby gem

Tarball

Docker

If you are upgrading from 4.x, please read the 5.0 upgrade notes to learn about potential upgrade caveats.

Download issue with old gem version

Old versions of gem (below 2.2.0, released in 2013) may fail to download the Passenger Enterprise gem from our rubygem hosting software (Gem in a box).

ERROR: Could not find a valid gem 'passenger-enterprise-server' (= 5.1.4), here is why:
 Unable to download data from https://..@www.phusionpassenger.com/enterprise_gems/
 - bad response Unauthorized 401 

If this happens, please upgrade to a newer version of gem:

gem install rubygems-update; update_rubygems

Special notes about capistrano-passenger

If you are using Capistrano and capistrano-passenger, then it may fail with this error:

SSHKit::Runner::ExecuteError: Exception while executing as user@99.99.99.99: undefined method `[]' for nil:NilClass

NoMethodError: undefined method `[]' for nil:NilClass

Tasks: TOP => passenger:restart

This is due to an incompatibility in capistrano-passenger with Passenger 5.0.22 and later. Please upgrade capistrano-passenger to 0.2.0 or later.