1. Support information

1.1. Supported operating systems

Phusion Passenger works on any POSIX-compliant operating system. In other words: practically any operating system on earth, except Microsoft Windows.

Phusion Passenger is confirmed on a large number of operating systems and Linux distributions, including, but not limited to, Ubuntu, Debian, CentOS/Fedora/RHEL, Gentoo, Mac OS X, FreeBSD and Solaris. OpenBSD is supported since version 5.2. Both 32-bit and 64-bit platforms are supported.

Please report a bug or join our discussion forum if it doesn’t work on your POSIX-compliant operating system.

1.2. Where to get support

  • Community discussion forum - post a message here if you’re experiencing problems. Support on this forum is provided by the community on a best-effort basis, so a (timely) response is not guaranteed.

  • Issue tracker - report bugs here.

  • Email support@phusion.nl if you are a Phusion Passenger Enterprise customer. Please mention your order reference. If you are not an Enterprise customer, we kindly redirect you to the community discussion forum instead.

  • Commercial support contracts are also available.

  • Report security vulnerabilities to security@phusion.nl. We will do our best to respond to you as quickly as we can, so please do not disclose the vulnerability until then.

Please consult the Phusion Passenger website for a full list of support resources.

2. Installation

2.1. Synopsis

Because Phusion Passenger is designed to run in a wide variety of operating systems and configurations, there are multiple ways to install it. Most users  — especially first-time users — will prefer OS-specific installation instructions. These are not only the easiest, but also allow Phusion Passenger to integrate into the operating system in the best way possible. Other users should consult the generic installation instructions.

The steps for upgrading or downgrading Phusion Passenger is almost the same as the steps for installing. All the installation guides in this section will also teach you how to upgrade and downgrade.

2.2. Installing or upgrading on Mac OS X with Homebrew

Open source

Every time we release a new Phusion Passenger version, we make it available through Homebrew. Please note that the Homebrew maintainers have to merge our pull requests manually, so it may take a day or two before a new version shows up in the official Homebrew repository.

  1. Update the Homebrew recipes:

    brew update
  2. Run one of the following, and follow the instructions:

    brew install passenger nginx --with-passenger
    -OR-
    brew upgrade passenger nginx --with-passenger
    Note
    Upgrade note

    If Phusion Passenger has been updated, but no new Nginx version has been released, then you must also reinstall Nginx against the latest version of Phusion Passenger:

    brew reinstall nginx --with-passenger
Enterprise

Phusion Passenger Enterprise is currently not available through Homebrew. Please try one of the other installation methods instead.

2.3. Installing or upgrading on Debian or Ubuntu

We provide an official Phusion Passenger APT repository. This APT repository contains Phusion Passenger packages for multiple versions of Debian and Ubuntu. These packages are automatically built by our build server after we push out a source release, and thus are always up to date with the official source releases.

If you use these packages to install Phusion Passenger then you do not need to run passenger-install-apache2-module or passenger-install-nginx-module. These packages contain all the binaries that you need.

Packages are available for the x86 and x86_64 architectures. Our policy is to support all Ubuntu LTS releases that are still supported by Canonical, plus the latest non-LTS Ubuntu release, plus all Debian releases that are still supported by Debian.

2.3.1. Adding our APT repository

  1. Install our PGP key. Packages are signed by "Phusion Automated Software Signing (auto-software-signing@phusion.nl)", fingerprint 1637 8A33 A6EF 1676 2922 526E 561F 9B9C AC40 B2F7.

    sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 561F9B9CAC40B2F7
  2. Add HTTPS support for APT. Our APT repository is stored on an HTTPS server.

    sudo apt-get install apt-transport-https ca-certificates
  3. Create a file /etc/apt/sources.list.d/passenger.list and insert one of the following lines, depending on your distribution.

    Open source
    ##### !!!! Only add ONE of these lines, not all of them !!!! #####
    # Ubuntu 13.10
    deb https://oss-binaries.phusionpassenger.com/apt/passenger saucy main
    # Ubuntu 12.04
    deb https://oss-binaries.phusionpassenger.com/apt/passenger precise main
    # Ubuntu 10.04
    deb https://oss-binaries.phusionpassenger.com/apt/passenger lucid main
    # Debian 7
    deb https://oss-binaries.phusionpassenger.com/apt/passenger wheezy main
    # Debian 6
    deb https://oss-binaries.phusionpassenger.com/apt/passenger squeeze main
    Enterprise
    ##### !!!! Only add ONE of these lines, not all of them !!!! #####
    # Ubuntu 13.10
    deb https://download:YOUR_DOWNLOAD_TOKEN@www.phusionpassenger.com/enterprise_apt saucy main
    # Ubuntu 12.04
    deb https://download:YOUR_DOWNLOAD_TOKEN@www.phusionpassenger.com/enterprise_apt precise main
    # Ubuntu 10.04
    deb https://download:YOUR_DOWNLOAD_TOKEN@www.phusionpassenger.com/enterprise_apt lucid main
    # Debian 7
    deb https://download:YOUR_DOWNLOAD_TOKEN@www.phusionpassenger.com/enterprise_apt wheezy main
    # Debian 6
    deb https://download:YOUR_DOWNLOAD_TOKEN@www.phusionpassenger.com/enterprise_apt squeeze main

    You can find the correct value for YOUR_DOWNLOAD_TOKEN in the Customer Area.

  4. Secure passenger.list and update your APT cache:

    sudo chown root: /etc/apt/sources.list.d/passenger.list
    sudo chmod 600 /etc/apt/sources.list.d/passenger.list
    sudo apt-get update

2.3.2. Installing packages

Note You should install nginx-extras even if you have already installed an Nginx package from the official Debian/Ubuntu repository. This is because the Nginx binary that our packages supply is compiled with the Passenger module.
Open source
  1. Add our APT repository.

  2. Install the packages:

    sudo apt-get install nginx-extras passenger
  3. Edit /etc/nginx/nginx.conf and uncomment passenger_root and passenger_ruby.

  4. Restart Nginx:

    sudo service nginx restart
Enterprise
  1. Download your license key from the Customer Area and save it as /etc/passenger-enterprise-license.

  2. Add our APT repository.

  3. Install the packages:

    sudo apt-get install nginx-extras passenger-enterprise
  4. Edit /etc/nginx/nginx.conf and uncomment passenger_root and passenger_ruby.

  5. Restart Nginx:

    sudo service nginx restart

2.4. Installing or upgrading on Red Hat, Fedora, CentOS or ScientificLinux

Warning The RPMs are currently unmaintained. As such, the repository only contains Phusion Passenger 3.x (the latest version is 4.x), which did not support Node.js, Meteor, multiple Rubies, etc. For more recent versions of Phusion Passenger, you are suggested to install from gem or tarball instead.

YUM repositories with RPMs are maintained by Erik Ogan and Stealthy Monkeys Consulting. Only packages for the open source version of Phusion Passenger are provided. Phusion Passenger Enterprise customers should use the generic RubyGems installation method or the generic tarball installation method instead.

If you use YUM to install Phusion Passenger then you do not need to run passenger-install-apache2-module or passenger-install-nginx-module. The YUM packages contain all the binaries that you need. You also don’t need to modify any Apache or Nginx configuration to get them to load Phusion Passenger, the packages provide configuration snippets for you as well.

Step 1: Import the Stealthy Monkeys Consulting’s GPG key

rpm --import http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc

Step 2: Install the release package

Install the passenger-release package from the main repository.

Fedora Core 17:

yum install http://passenger.stealthymonkeys.com/fedora/17/passenger-release.noarch.rpm

Fedora Core 16:

yum install http://passenger.stealthymonkeys.com/fedora/16/passenger-release.noarch.rpm

Fedora Core 15:

yum install http://passenger.stealthymonkeys.com/fedora/15/passenger-release.noarch.rpm

Fedora Core 14:

yum install http://passenger.stealthymonkeys.com/fedora/14/passenger-release.noarch.rpm

RHEL 6 / CentOS 6 / ScientificLinux 6: (Note: these packages depend on EPEL.)

yum install http://passenger.stealthymonkeys.com/rhel/6/passenger-release.noarch.rpm

RHEL 5 / CentOS 5 / ScientificLinux 5: (Note: these packages depend on EPEL.)

rpm -Uvh http://passenger.stealthymonkeys.com/rhel/5/passenger-release.noarch.rpm

Step 3: Install the right Phusion Passenger package

From there you can use YUM to install packages. For example, try one of these:

Phusion Passenger for Apache:

yum install mod_passenger

Phusion Passenger for Nginx:

yum install nginx-passenger

Phusion Passenger Standalone:

yum install passenger-standalone

Building your own packages

There are instructions for building your own packages and Yum repositories in the rpm directory ReadMe within the GitHub repository.

2.5. Generic installation, upgrade and downgrade method: via RubyGems

RubyGems is only used as a method to obtain the Phusion Passenger files, so in case you have multiple Ruby versions it does not matter which Ruby’s RubyGems you use for installation. Once installed, Phusion Passenger can work with all other Ruby versions on your system. This is explained in Phusion Passenger and its relationship with Ruby.

Step 1: figuring out whether your Ruby is installed in the home directory or system-wide

Ruby may either be installed in the home directory, or system-wide. If it’s installed system-wide then we will want to install gems system-wide as well, so you need to switch to a root prompt first. If Ruby is installed in the home directory then we will want to install gems to the home directory as well, as a normal user.

To find out which case applies, run the following command to find out where the ruby command is:

which ruby

Do you see a filename that references /home or /Users? If so then your Ruby interpreter is installed in your home directory and you can proceed to step 2. Otherwise, you need to switch to a root prompt by running one of the following commands:

  • Are you using RVM? Run rvmsudo -s

  • Are you not using RVM, or do you not know what RVM is? Run sudo -s

  • Is sudo not installed on your system? Run su -c bash

You must maintain this root prompt throughout this installation guide.

Step 2: install the gem

Open Source

Install the latest gem to obtain the files for the latest stable version of the open source Phusion Passenger:

gem install passenger
Previous versions and beta versions

Sometimes you will want to obtain the latest beta version of Phusion Passenger. Beta versions are not normally selected by gem install, so to opt-in for beta versions you have to add the --pre argument:

gem install passenger --pre

If you want to obtain a specific version of Phusion Passenger, e.g. because you are downgrading, then specify the version number with --version:

gem install passenger --version 3.0.0

If you want to obtain a specific beta version of Phusion Passenger then you must also pass --pre:

gem install passenger --version 3.9.1.beta --pre
Enterprise

First, download the license key from the Customer Area and save it as /etc/passenger-enterprise-license.

Next, add the Phusion Passenger Enterprise gem server to your RubyGems source list:

gem source --add https://download:YOUR_DOWNLOAD_TOKEN@www.phusionpassenger.com/enterprise_gems/

Substitute YOUR_DOWNLOAD_TOKEN with the one you find in the Customer Area. And notice the trailing slash in the URL! It is very important.

Finally, install the latest gem to obtain the files for the latest stable version of the open source Phusion Passenger:

gem install passenger-enterprise-server
Previous versions and beta versions

Sometimes you will want to obtain the latest beta version of Phusion Passenger Enterprise. Beta versions are not normally selected by gem install, so to opt-in for beta versions you have to add the --pre argument:

gem install passenger-enterprise-server --pre

If you want to obtain a specific version of Phusion Passenger Enterprise, e.g. because you are downgrading, then specify the version number with --version:

gem install passenger-enterprise-server --version 3.0.0

If you want to obtain a specific beta version of Phusion Passenger then you must also pass --pre:

gem install passenger-enterprise-server --version 3.9.1.beta --pre

Step 3: run the Phusion Passenger installer

Nginx is a different from other web servers in that it does not support loadable modules. The only way to extend Nginx is to recompile it entirely from source. Since Phusion Passenger consists of some external executables plus an Nginx module, you must recompile Nginx when first installing Phusion Passenger, but also when upgrading Nginx itself or when upgrading the Phusion Passenger version.

Recompiling Nginx and the Phusion Passenger executables is what we will do in this step. The good news is that Phusion Passenger provides a tool to make this easy for you.

If you’ve already installed Nginx before, but without Phusion Passenger support, then you should uninstall it first. You don’t have to, because you can also install another Nginx with Phusion Passenger support, in parallel to the existing Nginx. We merely recommend uninstalling the existing in order to avoid user confusion, but the choice is yours.

If you had previously installed Nginx with Phusion Passenger support, and you are upgrading, then you don’t have to uninstall your existing Nginx first. Instead we’ll overwrite it this step. But it is important that you recompile Nginx with the configure parameters that you used last time.

Here’s how you can uninstall the original Nginx:

  • If you installed the existing Nginx through APT, run: sudo apt-get remove nginx nginx-full nginx-light nginx-naxsi nginx-common

  • If you installed the existing Nginx through YUM, run yum remove nginx as root.

To proceed with installing or upgrading Phusion Passenger, run the Phusion Passenger Nginx installer and follow the on-screen instructions:

passenger-install-nginx-module

At some point it will ask you which prefix to install Nginx to. If you’re upgrading, then specify the same prefix that you used last time, as well as the same configuration parameters that you used last time.

Step 4: restarting the Flying Passenger daemon

If you are using Flying Passenger then you must restart the Flying Passenger daemon by sending it the SIGTERM signal:

kill `cat /path-to/flying-passenger.pid`

Or, if Flying Passenger is not running with a PID file, look up its PID us ps and then send it SIGTERM:

ps aux | grep flying-passenger
kill PID_OF_FLYING_PASSENGER

Step 5: verifying that Phusion Passenger is running

Restart your web server and run:

passenger-memory-stats

You should see the web server processes as well as a number of Phusion Passenger processes (e.g. PassengerWatchdog, PassengerHelperAgent). Congratulations, Phusion Passenger is now installed and running! At this point you may be interested in creating an Nginx init script.

If the output is not as expected, then please refer to the Troubleshooting section.

2.6. Generic installation, upgrade and downgrade method: via tarball

Step 1: installing Ruby

Phusion Passenger supports multiple languages and its core is written in C++, but its installer and administration tools are written in Ruby, so you must install Ruby.

Even though Ruby is required, Ruby will normally not be loaded during normal operation unless you deploy a Ruby web application on Phusion Passenger. Phusion Passenger’s dependency on Ruby is very minimal. See Phusion Passenger and its relationship with Ruby for details.

Debian, Ubuntu

sudo apt-get update
sudo apt-get install ruby rake

Red Hat, CentOS, ScientificLinux, Amazon Linux

Enable EPEL, then run as root:
yum install ruby rubygem-rake

Mac OS X

No action needed. Ruby is installed by default.

Other operating systems

Install Ruby from the Ruby website.

Step 2: download and extract the tarball

Open Source

Download the open source Phusion Passenger tarball from the Phusion Passenger website.

Older versions can be found in the release archive.

Enterprise

Phusion Passenger Enterprise customers can download the Phusion Passenger Enterprise tarball from the Customer Area.

Also be sure to download the license key and save it as /etc/passenger-enterprise-license.

Once you have downloaded the tarball, pick a location to extract it to. You can pick any location. A good location is /opt/passenger. Create this directory and extract the tarball as follows:

mkdir /opt/passenger
cd /opt/passenger
tar xzvf /location-to/passenger-x.x.x.tar.gz
cd /opt/passenger/passenger-x.x.x

Note that passenger-x.x.x should be passenger-enterprise-server-x.x.x if you’re using Phusion Passenger Enterprise.

Step 3: run the Phusion Passenger installer

Nginx is a different from other web servers in that it does not support loadable modules. The only way to extend Nginx is to recompile it entirely from source. Since Phusion Passenger consists of some external executables plus an Nginx module, you must recompile Nginx when first installing Phusion Passenger, but also when upgrading Nginx itself or when upgrading the Phusion Passenger version.

Recompiling Nginx and the Phusion Passenger executables is what we will do in this step. The good news is that Phusion Passenger provides a tool to make this easy for you.

If you’ve already installed Nginx before, but without Phusion Passenger support, then you should uninstall it first. You don’t have to, because you can also install another Nginx with Phusion Passenger support, in parallel to the existing Nginx. We merely recommend uninstalling the existing in order to avoid user confusion, but the choice is yours.

If you had previously installed Nginx with Phusion Passenger support, and you are upgrading, then you don’t have to uninstall your existing Nginx first. Instead we’ll overwrite it this step. But it is important that you recompile Nginx with the configure parameters that you used last time.

Here’s how you can uninstall the original Nginx:

  • If you installed the existing Nginx through APT, run: sudo apt-get remove nginx nginx-full nginx-light nginx-naxsi nginx-common

  • If you installed the existing Nginx through YUM, run yum remove nginx as root.

To proceed with installing or upgrading Phusion Passenger, run the Phusion Passenger Nginx installer and follow the on-screen instructions:

./bin/passenger-install-nginx-module

At some point it will ask you which prefix to install Nginx to. If you’re upgrading, then specify the same prefix that you used last time, as well as the same configuration parameters that you used last time.

Step 4: restarting the Flying Passenger daemon

If you are using Flying Passenger then you must restart the Flying Passenger daemon by sending it the SIGTERM signal:

kill `cat /path-to/flying-passenger.pid`

Or, if Flying Passenger is not running with a PID file, look up its PID us ps and then send it SIGTERM:

ps aux | grep flying-passenger
kill PID_OF_FLYING_PASSENGER

Step 5: verifying that Phusion Passenger is running

Restart your web server and run:

./bin/passenger-memory-stats

You should see the web server processes as well as a number of Phusion Passenger processes (e.g. PassengerWatchdog, PassengerHelperAgent). Congratulations, Phusion Passenger is now installed and running! At this point you may be interested in creating an Nginx init script.

If the output is not as expected, then please refer to the Troubleshooting section.

2.7. Upgrading from open source to Enterprise

Phusion Passenger comes in two variants: an open source version, as well as an Enterprise version which introduces a myriad of useful features that can improve stability and performance and efficiency.

Customers who have bought Phusion Passenger Enterprise can upgrade their open source installation to Enterprise as follows:

  1. Uninstall the open source Phusion Passenger.

  2. Install the Enterprise version by following one of the installation guides in this section (e.g. RubyGems generic installation or tarball generic installation).

The uninstallation is necessary because the Enterprise Ruby gem has a different gem name (passenger-enterprise-server instead of passenger), but the same administration command names (e.g. passenger-status). Uninstalling the open source version avoids any conflicts.

2.8. Cryptographic verification of installation files

2.8.1. Synopsis

We digitally sign various files with our GPG key so that you can check whether they’re legit, i.e. whether they really came from Phusion and haven’t been tampered with by a third party. We apply signing since the open source version 4.0.0 RC 4, or the Enterprise version 4.0.0 RC 1.

2.8.2. Importing the Phusion Software Signing key

Phusion’s GPG key for signing software is as follows:

Phusion Software Signing (software-signing@phusion.nl)
Short key ID: 0x0A212A8C
Long key ID: 0x2AC745A50A212A8C
Fingerprint: D5F0 8514 2693 9232 F437  AB72 2AC7 45A5 0A21 2A8C

This key is stored at the Phusion website and at the key servers sks-keyservers.net and keyserver.ubuntu.com. You can import it to your keyring with one of these command:

gpg --keyserver pool.sks-keyservers.net --search-keys 0x2AC745A50A212A8C
# -OR-
gpg --keyserver keyserver.ubuntu.com --search-keys 0x2AC745A50A212A8C

The Phusion Software Signing key is only used for signing software. It’s never used for signing emails or for encrypting files, so please be suspicious if you encounter usage of this key outside the context of signing software, and alert us at support@phusion.nl. Include "notspam" in the message to bypass our spam filter.

The email address software-signing@phusion.nl redirects to info@phusion.nl so it’s safe to send email there.

2.8.3. Verifying the Phusion Software Signing key

The Phusion Software Signing key is also signed by the Phusion founders. Their keys are as follows:

Hongli Lai (hongli@phusion.nl)
Short key ID: 8C59158F
Long key ID: CD70085E8C59158F
Fingerprint: 218A 7255 83D0 2ECE F3A9 C2A7 CD70 085E 8C59 158F
Ninh Bui (ninh@phusion.nl)
Short key ID: 69481265
Long key ID: AE405F7869481265
Fingerprint: A77C 9CEF 766D 0E7D A95B 8778 AE40 5F78 6948 1265

Both keys are stored at both sks-servers.net and keyserver.ubuntu.com. Import them with:

gpg --keyserver pool.sks-servers.net --search-keys 0xCD70085E8C59158F
gpg --keyserver pool.sks-servers.net --search-keys 0xAE405F7869481265
# -OR-
gpg --keyserver keyserver.ubuntu.com --search-keys 0xCD70085E8C59158F
gpg --keyserver keyserver.ubuntu.com --search-keys 0xAE405F7869481265

2.8.4. Verifying the gem and tarball

You can find the open source version’s gem and tarball GPG signatures at https://www.phusionpassenger.com/file_releases. The Enterprise version’s GPG signatures can be found in the Customer Area. All signatures have the .asc extension. Once you have imported our key, you can verify the validity of a file against its signature as follows:

$ gpg --verify passenger-x.x.x.tar.gz.asc passenger-x.x.x.tar.gz
gpg: Signature made Mon Mar 11 09:45:46 2013 CET using RSA key ID 0A212A8C
gpg: Good signature from "Phusion Software Signing <software-signing@phusion.nl>"

2.8.5. Verifying Git signatures

Tags in the Git repository for the open source version are also tagged. You can verify a Git tag as follows:

$ git tag --verify release-x.x.x
object d886f34b5705e4314feccaf0d77b9a38416e15e0
type commit
tag release-4.0.0.rc5
tagger Hongli Lai (Phusion) <hongli@phusion.nl> 1362993117 +0100

This is a tag message.
gpg: Signature made Mon Mar 11 10:12:02 2013 CET using RSA key ID 0A212A8C
gpg: Good signature from "Phusion Software Signing <software-signing@phusion.nl>"

2.8.6. Verifying DEB and RPM packages

The DEB and RPM packages are signed with the signatures of the respective packagers. They are automatically checked upon installation.

2.8.7. Revocation

In the event our key is compromised, we will revoke the key and upload the revocation information to sks-servers.net and keyserver.ubuntu.com. However your system will not know about the revocation until you update the keys from the keyservers. You should update your keys regularly (e.g. once a week) by invoking:

gpg --refresh-keys --keyserver pool.sks-servers.net
# -OR-
gpg --refresh-keys --keyserver keyserver.ubuntu.com

If you installed Phusion Passenger through our APT repository, then you should update APT’s keyring from time to time as well:

sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com

2.9. Non-interactive, automatic, headless installs or upgrades

By default, the installer (passenger-install-nginx-module) is interactive. If you want to automate installation then you can do so by passing various answers to the installer through command line options. Please run the installer with --help for a list of available command line options.

2.10. Customizing the compilation process

The Phusion Passenger compilation process can be customized with environment variables. You can learn more about environment variables in About environment variables.

2.10.1. Setting the compiler

You can force the Phusion Passenger build system to use a specific C or C++ compiler by setting the CC and CXX environment variables. These may be set to any arbitrary shell commands.

For example, contributors who want to hack on Phusion Passenger may want to use Clang for faster compilation and ccache for faster recompilation, and may want to enable more error-catching compilation flags:

export CC='ccache clang -fcolor-diagnostics -Qunused-arguments -fcatch-undefined-behavior -ftrapv'
export CXX='ccache clang++ -fcolor-diagnostics -Qunused-arguments -fcatch-undefined-behavior -ftrapv'
Note If you run the installer with sudo then environment variables may not be passed properly. Learn more at Environment variables and sudo.

2.10.2. Adding additional compiler or linker flags

On some systems, C/C++ libraries and headers that Phusion Passenger requires may be located in a non-standard directory. You can force the Phusion Passenger build system to look in those locations by injecting compiler and linker flags using the following environment variables:

EXTRA_PRE_CFLAGS

These flags are injected into all C compiler invocations that involve compiling C source files. This also covers compiler invocations that compile and link. The flags are injected at the beginning of the command string, even before EXTRA_PRE_LDFLAGS.

EXTRA_CFLAGS

Similar to EXTRA_PRE_CFLAGS, but injected at the end of the command string, before EXTRA_LDFLAGS.

EXTRA_PRE_CXXFLAGS

Similar to EXTRA_PRE_CFLAGS, but for C++ compiler invocations.

EXTRA_CXXFLAGS

Similar to EXTRA_CFLAGS, but for C++ compiler invocations.

EXTRA_PRE_LDFLAGS

These flags are injected into all C/C++ compiler invocations that involve linking. This includes compiler invocations that compile and link. The flags are injected at the beginning of the command string, but after EXTRA_PRE_CFLAGS/EXTRA_PRE_CXXFLAGS.

EXTRA_PRE_C_LDFLAGS

These flags are injected into all C compiler invocations that involve linking, right after EXTRA_PRE_LDFLAGS.

EXTRA_PRE_CXX_LDFLAGS

Similar to EXTRA_PRE_CXX_LDFLAGS, but for C++ compiler invocations.

EXTRA_LDFLAGS

Similar to EXTRA_PRE_LDFLAGS, but injected at the very end of the command string, even after EXTRA_CFLAGS and EXTRA_CXXFLAGS.

EXTRA_C_LDFLAGS

Similar to EXTRA_LDFLAGS, but only injected for C executable linking commands. Injected right after EXTRA_LDFLAGS.

EXTRA_CXX_LDFLAGS

Similar to EXTRA_LDFLAGS, but only injected for C++ executable linking commands. Injected right after EXTRA_LDFLAGS.

PASSENGER_THREAD_LOCAL_STORAGE

Setting this to 1 will enable the PASSENGER_THREAD_LOCAL_STORAGE macro, which forcefully disables the use of thread-local storage inside the Phusion Passenger codebase. Setting this environment variable is useful on systems that have broken support for thread-local storage, despite passing our build system’s check for proper thread-local storage support. At the time of writing, one user has reported that Ubuntu 12.04 32-bit has broken thread-local storage report although neither the reporter nor us were able to reproduce the problem on any other systems running Ubuntu 12.04 32-bit. Note that this flag has no effect on non-Phusion Passenger code.

Note If you run the installer with sudo then environment variables may not be passed properly. Learn more at Environment variables and sudo.

2.10.3. Forcing location of command line tools and dependencies

The Phusion Passenger build system attempts to autodetect many things by locating relevant helper tools. For example, to find out which compiler flags it should use for compiling Apache modules, it locates the apxs2 command and queries it. To find out which compiler flags it should use for libcurl, it queries the curl-config command. These commands may not be in $PATH, or even when they are you may want to use a different one.

You can force the build to find certain command line tools at certain locations by using the following environment variables:

HTTPD

The location of the httpd executable (the Apache server executable).

APXS2

The location of the apxs2 executable (the Apache module developer tool). Only used by passenger-install-apache2-module.

This environment variable, together with HTTPD, are what you need to customize if you have multiple Apache installations on your system, or if your Apache is located in a non-standard location which Phusion Passenger cannot detect. By setting APXS2 and HTTP to the right paths, you can force Phusion Passenger to be compiled against that specific Apache installation.

For example, if your Apache installation is located in /opt/lamp/apache2, then you can run the installer as follows:

$ sudo bash
# export HTTPD=/opt/lampp/apache2/bin/apache
# export APXS2=/opt/lampp/apache2/bin/apxs
# passenger-install-apache2-module
APR_CONFIG

The location of the apr-config executable (the Apache Portable Runtime developer tool).

APU_CONFIG

The location of the apu-config executable (the Apache Portable Runtime Utility developer tool).

MAKE

The location of a make tool. It does not matter which implementation of make this is.

GMAKE

The location of the GNU-compatible make tool.

Tip If you do not know what environment variables are, or how to use them, then please read Environment variables and sudo.
Note If you run the installer with sudo then environment variables may not be passed properly. Learn more at Environment variables and sudo.

2.11. Installing as a normal Nginx module without using the installer

You can also install Phusion Passenger the way you install any other Nginx module, e.g. with --add-module. This installation mode is useful if you already have an Nginx tarball somewhere.

You need to run Nginx’s configure script with --add-module=/path-to-passenger-nginx-addon-dir. The right value for /path-to-passenger-nginx-addon-dir can be obtained with the command:

passenger-config --nginx-addon-dir

After having installed Nginx with Phusion Passenger support, you must paste the following line into your Nginx configuration file:

passenger_root /path-to-passenger-root;

The right value for /path-to-passenger-root can be obtained by running the following command:

passenger-config --root

After having modified the Nginx configuration file, restart Nginx.

2.12. Creating an Nginx init script

If you installed Nginx with one of the generic installation methods then you won’t have an init script to start, stop and restart Nginx with. A bare Nginx installation works with signals: you start it by invoking it from the command line, you stop it by sending SIGTERM to it and you gracefully restart it by sending SIGHUP to it.

If you prefer to use an init script then please refer to the following resources:

When using one of those init scripts, please make sure that the paths inside the init script are correct. In particular, the paths to the Nginx binary, to the PID file and to the configuration file must match the actual locations of your Nginx installation.

2.13. Disabling without uninstalling

You can temporarily unload (disable) Phusion Passenger from the web server, without uninstalling the Phusion Passenger files, so that the web server behaves as if Phusion Passenger was never installed in the first place. This might be useful to you if - for example - you seem to be experiencing a problem caused by Phusion Passenger, but you want to make sure whether that’s actually the case without having to go through the hassle of uninstalling Phusion Passenger completely. When disabled, Phusion Passenger will not occupy any memory or CPU or otherwise interfere with the web server.

To unload Phusion Passenger, edit your Nginx configuration file(s) and comment out all Phusion Passenger configuration directives.

For example, if your configuration file looks like this…

...

http {
    passenger_root /somewhere/passenger-x.x.x;
    passenger_ruby /usr/bin/ruby;
    passenger_max_pool_size 10;

    gzip on;

    server {
        server_name www.foo.com;
        listen 80;
        root /webapps/foo/public;
        passenger_enabled on;
    }
}

…then comment out the relevant directives, so that it looks like this:

...

http {
    # passenger_root /somewhere/passenger-x.x.x;
    # passenger_ruby /usr/bin/ruby;
    # passenger_max_pool_size 10;

    gzip on;

    server {
        server_name www.foo.com;
        listen 80;
        root /webapps/foo/public;
        # passenger_enabled on;
    }
}

After you’ve done this, save the configuration file and restart the web server.

2.14. Uninstalling

To uninstall Phusion Passenger, please first remove all Phusion Passenger configuration directives from your web server configuration file(s). After you’ve done this, you need to remove the Phusion Passenger files.

  • If you installed Phusion Passenger via a Ruby gem, then run gem uninstall passenger (or, if you’re a Phusion Passenger Enterprise user, gem uninstall passenger-enterprise-server). You might have to run this as root.

  • If you installed Phusion Passenger via a source tarball, then remove the directory in which you placed the extracted Phusion Passenger files. This directory is the same as the one pointed to the by PassengerRoot/passenger_root configuration directive.

  • If you installed Phusion Passenger through APT or YUM, then use them to uninstall Phusion Passenger.

  • If you installed Phusion Passenger through Homebrew, then run brew uninstall passenger.

Nginx does not have to be recompiled. Altough it contains Phusion Passenger code, it will not do anything when all Phusion Passenger configuration directives are removed.

2.15. Moving to a different directory

If you installed Phusion Passenger through a tarball then you can move the Phusion Passenger directory to another location. This is not possible if you used any of the other installation methods.

First, move the directory to whereever you like:

mv /opt/passenger/passenger-4.0.0 /usr/local/passenger-4.0.0

Next you must tell Nginx that Phusion Passenger has moved. Open your Nginx configuration file and set the passenger_root directive to the new location:

passenger_root /usr/local/passenger-4.0.0;

Restart your web server to finalize the change.

If you used the tarball installation method and you added Phusion Passenger’s bin subdirectory to PATH, then you must update your PATH with the new location. Open /etc/bashrc (or /etc/bash.bashrc on some systems) and change:

export PATH=/opt/passenger/passenger-4.0.0/bin:$PATH

to:

export PATH=/usr/local/passenger-4.0.0/bin:$PATH

Finally, restart all your shell sessions to activate the PATH change.

3. Deploying a Ruby on Rails 1.x or 2.x (but NOT Rails >= 3) application

Suppose you have a Ruby on Rails application in /webapps/mycook, and you own the domain www.mycook.com. You can either deploy your application to the virtual host’s root (i.e. the application will be accessible from the root URL, http://www.mycook.com/), or in a sub URI (i.e. the application will be accessible from a sub URL, such as http://www.mycook.com/railsapplication).

Note The default RAILS_ENV environment in which deployed Rails applications are run, is “production”. You can change this by changing the rails_env configuration option.

3.1. Deploying to a virtual host’s root

Add a server virtual host entry to your Nginx configuration file. The virtual host’s root must point to your Ruby on Rails application’s public folder.

Inside the server block, set passenger_enabled on.

For example:

http {
    ...

    server {
        listen 80;
        server_name www.mycook.com;
        root /webapps/mycook/public;
        passenger_enabled on;
    }

    ...
}

Then restart Nginx. The application has now been deployed.

3.2. Deploying to a sub URI

Suppose that you already have a virtual host for the application /websites/phusion:

http {
    ...

    server {
        listen 80;
        server_name www.phusion.nl;
        root /websites/phusion;
        passenger_enabled on;
    }

    ...
}

And you want your Rails application, located in /websites/rails, to be accessible from the URL http://www.phusion.nl/subapp.

To do this, you need to perform the following:

  1. Create a location with parameter ~ ^/<SUBURI>(/.*|$). This is a regular expression that says: "match everything that is exactly <SUBURI>, or starts with <SUBDURI>/".

  2. Inside the location block, set alias <PATH TO YOUR APPLICATION'S PUBLIC DIRECTORY>$1.

  3. Inside the location block, set passenger_base_uri <SUBURI>.

  4. Inside the location block, set passenger_app_root <PATH TO YOUR APPLICATION ROOT>.

  5. Inside the location block, set passenger_document_root <PATH TO YOUR APPLICATION'S PUBLIC DIRECTORY>.

  6. Inside the location block, re-specify passenger_enabled on.

Here is an example:

http {
    ...

    server {
        listen 80;
        server_name www.phusion.nl;
        root /websites/phusion;

        # This block has been added.
        location ~ ^/subapp(/.*|$) {
            alias /websites/rails/public$1;  # <-- be sure to point to 'public'!
            passenger_base_uri /subapp;
            passenger_app_root /websites/rails;
            passenger_document_root /websites/rails/public;
            passenger_enabled on;
        }
    }

    ...
}

Then restart Nginx. The application has now been deployed on the sub-URI.

3.3. Redeploying (restarting the Ruby on Rails application)

Deploying a new version of a Ruby on Rails application is as simple as re-uploading the application files, and restarting the application.

There are two ways to restart the application:

  1. By restarting Nginx.

  2. By creating or modifying the file tmp/restart.txt in the Rails application’s root folder. Phusion Passenger will automatically restart the application during the next request.

For example, to restart our example MyCook application, we type this in the command line:

touch /webapps/mycook/tmp/restart.txt

Please note that, unlike earlier versions of Phusion Passenger, restart.txt is not automatically deleted. Phusion Passenger checks whether the timestamp of this file has changed in order to determine whether the application should be restarted.

3.4. Migrations

Phusion Passenger is not related to Ruby on Rails migrations in any way. To run migrations on your deployment server, please login to your deployment server (e.g. with ssh) and type rake db:migrate RAILS_ENV=production in a shell console, just like one would normally run migrations.

3.5. Capistrano integration

4. Deploying a Rack-based Ruby application (including Rails >= 3)

Phusion Passenger supports arbitrary Ruby web applications that follow the Rack interface.

Phusion Passenger assumes that Rack application directories have a certain layout. Suppose that you have a Rack application in /webapps/rackapp. Then that folder must contain at least three entries:

  • config.ru, a Rackup file for starting the Rack application. This file must contain the complete logic for initializing the application.

  • public/, a folder containing public static web assets, like images and stylesheets.

  • tmp/, used for restart.txt (our application restart mechanism). This will be explained in a following subsection.

So /webapps/rackapp must, at minimum, look like this:

/webapps/rackapp
  |
  +-- config.ru
  |
  +-- public/
  |
  +-- tmp/

Suppose you own the domain www.rackapp.com. You can either deploy your application to the virtual host’s root (i.e. the application will be accessible from the root URL, http://www.rackapp.com/), or in a sub URI (i.e. the application will be accessible from a sub URL, such as http://www.rackapp.com/rackapp).

Note The default RACK_ENV environment in which deployed Rack applications are run, is “production”. You can change this by changing the rack_env configuration option.

4.1. Tutorial/example: writing and deploying a Hello World Rack application

First we create a Phusion Passenger-compliant Rack directory structure:

$ mkdir /webapps/rack_example
$ mkdir /webapps/rack_example/public
$ mkdir /webapps/rack_example/tmp

Next, we write a minimal "hello world" Rack application:

$ cd /webapps/rack_example
$ some_awesome_editor config.ru
...type in some source code...
$ cat config.ru
app = proc do |env|
    [200, { "Content-Type" => "text/html" }, ["hello <b>world</b>"]]
end
run app

Finally, we deploy it by adding the following configuration options to the Nginx configuration file:

http {
    ...
    server {
        listen 80;
        server_name www.rackexample.com;
        root /webapps/rack_example/public;
        passenger_enabled on;
    }
    ...
}

And we’re done! After an Nginx restart, the above Rack application will be available under the URL http://www.rackexample.com/.

4.2. Deploying to a virtual host’s root

Add a server virtual host entry to your Nginx configuration file. The virtual host’s root must point to your Rack application’s public folder. You must also set passenger_enabled on in the server block.

For example:

http {
    ...
    server {
        listen 80;
        server_name www.rackapp.com;
        root /webapps/rackapp/public;
        passenger_enabled on;
    }
    ...
}

Then restart Nginx. The application has now been deployed.

4.3. Deploying to a sub URI

Suppose that you already have a virtual host for the application /websites/phusion:

http {
    ...

    server {
        listen 80;
        server_name www.phusion.nl;
        root /websites/phusion;
        passenger_enabled on;
    }

    ...
}

And you want your Rack application, located in /websites/rack, to be accessible from the URL http://www.phusion.nl/subapp.

To do this, you need to perform the following:

  1. Create a location with parameter ~ ^/<SUBURI>(/.*|$). This is a regular expression that says: "match everything that is exactly <SUBURI>, or starts with <SUBDURI>/".

  2. Inside the location block, set alias <PATH TO YOUR APPLICATION'S PUBLIC DIRECTORY>$1.

  3. Inside the location block, set passenger_base_uri <SUBURI>.

  4. Inside the location block, set passenger_app_root <PATH TO YOUR APPLICATION ROOT>.

  5. Inside the location block, set passenger_document_root <PATH TO YOUR APPLICATION'S PUBLIC DIRECTORY>.

  6. Inside the location block, re-specify passenger_enabled on.

Here is an example:

http {
    ...

    server {
        listen 80;
        server_name www.phusion.nl;
        root /websites/phusion;

        # This block has been added.
        location ~ ^/subapp(/.*|$) {
            alias /websites/rack/public$1;  # <-- be sure to point to 'public'!
            passenger_base_uri /subapp;
            passenger_app_root /websites/rack;
            passenger_document_root /websites/rack/public;
            passenger_enabled on;
        }
    }

    ...
}

Then restart Nginx. The application has now been deployed on the sub-URI.

4.4. Redeploying (restarting the Rack application)

Deploying a new version of a Rack application is as simple as re-uploading the application files, and restarting the application.

There are two ways to restart the application:

  1. By restarting Nginx.

  2. By creating or modifying the file tmp/restart.txt in the Rack application’s root folder. Phusion Passenger will automatically restart the application.

For example, to restart our example application, we type this in the command line:

touch /webapps/rackapp/tmp/restart.txt

4.5. Rackup specifications for various web frameworks

This subsection shows example config.ru files for various web frameworks.

4.5.1. Camping

require 'rubygems'
require 'rack'
require 'camping'

##### Begin Camping application
Camping.goes :Blog

...your application code here...
##### End Camping application

run Rack::Adapter::Camping.new(Blog)

For Camping versions 2.0 and up, using run Blog as the final line will do.

4.5.2. Halcyon

require 'rubygems'
require 'halcyon'
$LOAD_PATH.unshift(Halcyon.root / 'lib')
Halcyon::Runner.load_config Halcyon.root/'config'/'config.yml'
run Halcyon::Runner.new

4.5.3. Mack

ENV["MACK_ENV"] = ENV["RACK_ENV"]
load("Rakefile")
require 'rubygems'
require 'mack'
run Mack::Utils::Server.build_app

4.5.4. Merb

require 'rubygems'
require 'merb-core'

Merb::Config.setup(
  :merb_root   => ::File.expand_path(::File.dirname(__FILE__)),
  :environment => ENV['RACK_ENV']
)
Merb.environment = Merb::Config[:environment]
Merb.root = Merb::Config[:merb_root]
Merb::BootLoader.run

run Merb::Rack::Application.new

4.5.5. Ramaze

require "rubygems"
require "ramaze"
Ramaze.trait[:essentials].delete Ramaze::Adapter
require "start"
Ramaze.start!
run Ramaze::Adapter::Base

4.5.6. Sinatra

require 'rubygems'
require 'sinatra'

set :environment, ENV['RACK_ENV'].to_sym
disable :run, :reload

require 'app.rb'

run Sinatra::Application

5. Deploying a WSGI (Python) application

Phusion Passenger supports all WSGI-compliant Python web applications. Suppose that you have a WSGI application in /webapps/wsgiapp. Then that folder must contain at least three entries:

  • passenger_wsgi.py, which Phusion Passenger will use as the main entry point for your application. This file must export a WSGI object called application.

  • public/, a folder containing public static web assets, like images and stylesheets.

  • tmp/, used for restart.txt (our application restart mechanism). This will be explained in a following subsection.

So /webapps/wsgiapp must, at minimum, look like this:

/webapps/wsgiapp
  |
  +-- config.ru
  |
  +-- public/
  |
  +-- tmp/

5.1. Tutorial/example: writing and deploying a Hello World WSGI application

First we create a Phusion Passenger-compliant WSGI directory structure:

$ mkdir /webapps/wsgi_example
$ mkdir /webapps/wsgi_example/public
$ mkdir /webapps/wsgi_example/tmp

Next, we write a minimal "hello world" WSGI application:

$ cd /webapps/wsgi_example
$ some_awesome_editor passenger_wsgi.py
...type in some source code...
$ cat passenger_wsgi.py
def application(environ, start_response):
  start_response('200 OK', [('Content-Type', 'text/plain')])
  return [b"hello world!\n"]

Finally, we deploy it by adding the following configuration options to the Nginx configuration file:

http {
    ...
    server {
        listen 80;
        server_name www.wsgiexample.com;
        root /webapps/wsgi_example/public;
        passenger_enabled on;
    }
    ...
}

And we’re done! After an Nginx restart, the above WSGI application will be available under the URL http://www.wsgiexample.com/.

5.2. Deploying to a virtual host’s root

Add a server virtual host entry to your Nginx configuration file. The virtual host’s root must point to your WSGI application’s public folder. You must also set passenger_enabled on in the server block.

For example:

http {
    ...
    server {
        listen 80;
        server_name www.wsgiapp.com;
        root /webapps/wsgiapp/public;
        passenger_enabled on;
    }
    ...
}

Then restart Nginx. The application has now been deployed.

5.3. Deploying to a sub URI

Suppose that you already have a virtual host for the application /websites/phusion:

http {
    ...

    server {
        listen 80;
        server_name www.phusion.nl;
        root /websites/phusion;
        passenger_enabled on;
    }

    ...
}

And you want your WSGI application, located in /websites/wsgi, to be accessible from the URL http://www.phusion.nl/subapp.

To do this, you need to perform the following:

  1. Create a location with parameter ~ ^/<SUBURI>(/.*|$). This is a regular expression that says: "match everything that is exactly <SUBURI>, or starts with <SUBDURI>/".

  2. Inside the location block, set alias <PATH TO YOUR APPLICATION'S PUBLIC DIRECTORY>$1.

  3. Inside the location block, set passenger_base_uri <SUBURI>.

  4. Inside the location block, set passenger_app_root <PATH TO YOUR APPLICATION ROOT>.

  5. Inside the location block, set passenger_document_root <PATH TO YOUR APPLICATION'S PUBLIC DIRECTORY>.

  6. Inside the location block, re-specify passenger_enabled on.

Here is an example:

http {
    ...

    server {
        listen 80;
        server_name www.phusion.nl;
        root /websites/phusion;

        # This block has been added.
        location ~ ^/subapp(/.*|$) {
            alias /websites/wsgi/public$1;  # <-- be sure to point to 'public'!
            passenger_base_uri /subapp;
            passenger_app_root /websites/wsgi;
            passenger_document_root /websites/wsgi/public;
            passenger_enabled on;
        }
    }

    ...
}

Then restart Nginx. The application has now been deployed on the sub-URI.

5.4. Redeploying (restarting the WSGI application)

Deploying a new version of a WSGI application is as simple as re-uploading the application files, and restarting the application.

There are two ways to restart the application:

  1. By restarting Nginx.

  2. By creating or modifying the file tmp/restart.txt in the WSGI application’s root folder. Phusion Passenger will automatically restart the application.

For example, to restart our example application, we type this in the command line:

touch /webapps/wsgiapp/tmp/restart.txt

6. Deploying a Node.js application

Please refer to the Node.js tutorial.

7. Deploying a Meteor application

Please refer to the Meteor tutorial.

8. Configuring Phusion Passenger

After installation, Phusion Passenger does not need any further configurations. Nevertheless, the system administrator may be interested in changing Phusion Passenger’s behavior. Phusion Passenger supports the following configuration options in the Nginx configuration file:

8.1. passenger_root <directory>

The location to the Phusion Passenger root directory. This configuration option is essential to Phusion Passenger, and allows Phusion Passenger to locate its own data files. The correct value is given by the installer.

If you’ve moved Phusion Passenger to a different directory then you need to update this option as well. Please read Moving Phusion Passenger to a different directory for more information.

This required option may only occur once, in the http configuration block.

Note This option has no effect when you are using Flying Passenger.

8.2. Deployment options

8.2.1. passenger_enabled <on|off>

This option may be specified in the http configuration block, a server configuration block, a location configuration block or an if configuration scope, to enable or disable Phusion Passenger for that server or that location.

Phusion Passenger is disabled by default, so you must explicitly enable it for server blocks that you wish to serve through Phusion Passenger. Please see Deploying a Rack-based Ruby application and Deploying a WSGI (Python) application for examples.

When using location blocks, you must re-specify passenger_enabled in each location block that you want to enable Phusion Passenger. This is because each location block has passenger_enabled turned off by default. For example:

server {
    listen 80;
    server_name www.foo.com;
    root /webapps/foo/public;
    passenger_enabled on;

    location /attachments {
        # Re-specify passenger_enabled here!
        passenger_enabled on;
    }
}

8.2.2. passenger_ruby <filename>

The passenger_ruby option allows one to specify the Ruby interpreter to use. Similarly, the passenger_python and passenger_nodejs options are for specifying the Python interpreter and Node.js commands, respectively.

In versions prior to 4.0.0, only a single Ruby version was supported for the entire Nginx instance, so passenger_ruby may only occur in the global server configuration. Also, the passenger_python/passenger_nodejs options were not supported.

Since version 4.0.0, Phusion Passenger supports multiple Ruby interpreters in the same Nginx instance. And so, since version 4.0.0, this option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

The passenger_ruby in the http block - that is, the one that passenger-install-nginx-module outputs - is used for invoking certain Phusion Passenger tools that are written in Ruby, e.g. the internal helper script used by passenger_pre_start. It is okay if the value refers to a different Ruby interpreter than the one you originally installed Phusion Passenger with. You can learn more about all this in Phusion Passenger and its relationship with Ruby.

The passenger_ruby directive in the http block is also used as the default Ruby interpreter for Ruby web apps. You don’t have to specify a passenger_ruby in the http block though, because the default is to use the first ruby command found in $PATH.

The passenger_python and passenger_nodejs options work in a similar manner, but apply to Python and Node.js instead.

You can also override passenger_ruby and other directives in specific contexts if you want to use a different interpreter for that web app. For example:

http {
    passenger_root ...;

    # Use Ruby 1.8.7 by default.
    passenger_ruby /usr/bin/ruby1.8;
    # Use Python 2.6 by default.
    passenger_python /usr/bin/python2.6;
    # Use /usr/bin/node by default.
    passenger_nodejs /usr/bin/node;

    server {
        # This Rails web app will use Ruby 1.8.7
        listen 80;
        server_name www.foo.com;
        root /webapps/foo/public;
    }

    server {
        # This Rails web app will use Ruby 1.9.3, as installed by RVM
        passenger_ruby /usr/local/rvm/wrappers/ruby-1.9.3/ruby;

        listen 80;
        server_name www.bar.com;
        root /webapps/bar/public;

        # If you have a web app deployed in a sub-URI, customize
        # passenger_ruby/passenger_python inside a `location` block.
        # The web app under www.bar.com/blog will use JRuby 1.7.1
        location ~ ^/blog(/.*|$) {
            alias /websites/blog/public$1;
            passenger_base_uri /blog;
            passenger_app_root /websites/blog;
            passenger_document_root /websites/blog/public;
            passenger_enabled on;
            passenger_ruby /usr/local/rvm/wrappers/jruby-1.7.1/ruby;
        }
    }

    server {
        # This Flask web app will use Python 3.0
        passenger_python /usr/bin/python3.0;

        listen 80;
        server_name www.baz.com;
        root /webapps/baz/public;
    }
}
RVM helper tool

Phusion Passenger provides the passenger-config --ruby-command tool for figuring out the correct command for invoking a specific Ruby interpreter. This is especially useful for RVM users. Suppose that you have both Ruby 1.8.7 and Ruby 1.9.3 installed through RVM, and you want to know the correct commands for each Ruby interpreter.

For this purpose we’ll want to invoke passenger-config using its full path, because each time you rvm use a different Ruby interpreter, RVM changes $PATH. If you did not install Phusion Passenger through the generic tarball installation method, then here’s how you can figure out where passenger-config is:

$ which passenger-config
/opt/passenger/bin/passenger-config

Now, switch to all the RVM Ruby interpreters you want to use. In each interpreter, invoke passenger-config --ruby-command. For Ruby 1.8.7:

$ rvm use 1.8.7
$ /opt/passenger/bin/passenger-config --ruby-command
passenger-config was invoked through the following Ruby interpreter:
  Command: /usr/local/rvm/wrappers/ruby-1.8.7-p358/ruby
  Version: ruby 1.8.7 (2012-02-08 patchlevel 358) [universal-darwin12.0]
  To use in Apache: PassengerRuby /usr/local/rvm/wrappers/ruby-1.8.7-p358/ruby
  To use in Nginx : passenger_ruby /usr/local/rvm/wrappers/ruby-1.8.7-p358/ruby
  To use with Standalone: /usr/local/rvm/wrappers/ruby-1.8.7-p358/ruby /opt/passenger/bin/passenger start


## Notes for RVM users
Do you want to know which command to use for a different Ruby interpreter? 'rvm use' that Ruby interpreter, then re-run 'passenger-config --ruby-command'.

Then, for Ruby 1.9.3:

$ rvm use 1.9.3
$ /opt/passenger/bin/passenger-config --ruby-command
passenger-config was invoked through the following Ruby interpreter:
  Command: /usr/local/rvm/wrappers/ruby-1.9.3-p392/ruby
  Version: ruby 1.9.3p392 (2013-02-22 revision 39386) [x86_64-darwin12.2.1]
  To use in Apache: PassengerRuby /usr/local/rvm/wrappers/ruby-1.9.3-p392/ruby
  To use in Nginx : passenger_ruby /usr/local/rvm/wrappers/ruby-1.9.3-p392/ruby
  To use with Standalone: /usr/local/rvm/wrappers/ruby-1.9.3-p392/ruby /opt/passenger/bin/passenger start


## Notes for RVM users
Do you want to know which command to use for a different Ruby interpreter? 'rvm use' that Ruby interpreter, then re-run 'passenger-config --ruby-command'.

8.2.3. passenger_python <filename>

Introduced in version 4.0.0.

This option allows one to specify the Python interpreter to use. See passenger_ruby for more information. The default value is python, meaning that the Python interpreter will be looked up according to the PATH environment variable.

8.2.4. passenger_nodejs <filename>

Introduced in version 4.0.24.

This option allows one to specify the Node.js command to use. See passenger_ruby for more information. The default value is node, meaning that the Node.js command will be looked up according to the PATH environment variable.

8.2.5. passenger_app_env <string>

This option sets the value of the following environment variables:

  • RAILS_ENV

  • RACK_ENV

  • WSGI_ENV

  • NODE_ENV

  • PASSENGER_APP_ENV

Some web frameworks, for example Rails and Connect.js, adjust their behavior according to the value in one of these environment variables.

Phusion Passenger for Nginx sets the default value to production. If you’re developing an Rails application then you should set this to development.

If you want to set other environment variables, please refer to Setting environment variables for Phusion Passenger-served apps.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is production.

8.2.6. rails_env <string>

An alias for passenger_app_env.

8.2.7. rack_env <string>

An alias for passenger_app_env.

8.2.8. passenger_app_root <path/to/root>

Introduced in version 4.0.0. By default, Phusion Passenger assumes that the application’s root directory is the parent directory of the public directory. This option allows one to specify the application’s root independently from the Nginx root, which is useful if the public directory lives in a non-standard place.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once.

Example:

server {
    server_name test.host;
    root /var/rails/zena/sites/example.com/public;
    # normally Phusion Passenger would
    # have assumed that the application
    # root is "/var/rails/zena/sites/example.com"
    passenger_app_root /var/rails/zena;
}

8.2.9. passenger_base_uri <uri>

Used to specify that the given URI is an distinct application that should be served by Phusion Passenger. Please refer to the following sections for more information:

It is allowed to specify this option multiple times. Do this to deploy multiple applications in different sub-URIs under the same virtual host.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

8.2.10. passenger_document_root <path>

Used in sub-URI deployment scenarios to tell Phusion Passenger where it should look for static files. Please refer to the following sections for more information:

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once.

8.2.11. passenger_spawn_method <string>

Tip
"What spawn method should I use?"

This subsection attempts to describe spawn methods, but it’s okay if you don’t (want to) understand it, as it’s mostly a technical detail. You can basically follow this rule of thumb:

If your application works on Mongrel or Thin, but not on Phusion Passenger, then set passenger_spawn_method to direct. Otherwise, leave it at smart (the default).

However, we do recommend you to try to understand it. The smart spawn method brings many benefits.

Internally, Phusion Passenger spawns multiple Ruby application processes in order to handle requests. But there are multiple ways with which processes can be spawned, each having its own set of pros and cons. Supported spawn methods are:

smart

This spawning method caches code using the app preloader. Framework code is not cached between multiple applications, although it is cached within instances of the same application. Please read Spawning methods explained for a more detailed explanation of what smart spawning exactly does.

Pros: Smart spawning caches code where possible to speed up the respawn process and is compatible with most applications

Cons: It is possible that it may be incompatible with some applications

direct

This spawning method is similar to the one used in Mongrel Cluster. It does not perform any code caching at all. Please read Spawning methods explained for a more detailed explanation of what direct spawning exactly does.

Pros: Direct spawning is guaranteed to be compatible with all applications and libraries.

Cons: Much slower than smart spawning. Every spawn action will be equally slow, though no slower than the startup time of a single server in Mongrel Cluster. Direct spawning will also render Ruby Enterprise Edition’s memory reduction technology useless.

As of Phusion Passenger 4.0, conservative spawning was renamed to direct and smart-lv2 was renamed to smart. The old smart spawning has been removed in favor of the new version.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is smart.

8.2.12. passenger_load_shell_envvars <on|off>

Introduced in version 4.0.20.

Enables or disables the loading of shell environment variables before spawning the application.

If this option is turned on, and the user’s shell is bash, then applications are loaded by running them with bash -l -c. Otherwise, they are loaded by running them directly from the PassengerHelperAgent process.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is on.

8.2.13. passenger_rolling_restarts <on|off>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 3.0.0. Buy Phusion Passenger Enterprise here.

Enables or disables support for rolling restarts through restart.txt. Normally when you restart an application by touching restart.txt, Phusion Passenger would shut down all application processes and spawn a new one. The spawning of a new application process could take a while, and any requests that come in during this time will be blocked until this first application process has spawned.

But when rolling restarts are enabled, Phusion Passenger Enterprise will:

  1. Spawn a new process in the background.

  2. When it’s done spawning, Phusion Passenger Enterprise will replace one of the old processes with this newly spawned one.

  3. Step 1 and 2 are repeated until all processes have been replaced.

This way, visitors will not experience any delays when you are restarting your application. This allows you to, for example, upgrade your application often without degrading user experience.

Rolling restarts have a few caveat however that you should be aware of:

  • Upgrading an application sometimes involves upgrading the database schema. With rolling restarts, there may be a point in time during which processes belonging to the previous version and processes belonging to the new version both exist at the same time. Any database schema upgrades you perform must therefore be backwards-compatible with the old application version.

  • Because there’s no telling which process will serve a request, users may not see changes brought about by the new version until all processes have been restarted. It is for this reason that you should not use rolling restarts in development, only in production.

If Passenger Enterprise could not rolling restart a process (let’s call it A) because it is unable to spawn a new process (let’s call it B), then Passenger Enterprise will give up trying to rolling restart that particular process A. What happens next depends on whether deployment error resistance is enabled:

  • If deployment error resistance is disabled (the default), then Passenger Enterprise will proceed with trying to restart the remaining processes.

  • If deployment error resistance is enabled, the Passenger Enterprise will give up rolling restarting immediately. The application group will be put into Deployment Error Resistance Mode.

Please note that passenger_rolling_restarts is completely unrelated to the passenger-config restart-app command. That command always initiates a blocking restart, unless --rolling-restart is given.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is off.

8.2.14. passenger_resist_deployment_errors <on|off>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 3.0.0. Buy Phusion Passenger Enterprise here.

Enables or disables resistance against deployment errors.

Suppose you’ve upgraded your application and you’ve issues a command to restart it (by touching restart.txt), but the application code contains an error that prevents Phusion Passenger from successfully spawning a process (e.g. a syntax error). Phusion Passenger would normally display an error message in response to this.

By enabling deployment error resistance, Phusion Passenger Enterprise would instead do this:

  • It passes the request to one of the existing application processes (that belong to the previous version of the application). The visitor will not see a Phusion Passenger process spawning error message.

  • It logs the error to the global web server error log file.

  • It sets an internal flag so that no processes for this application will be spawned (even when the current traffic would normally result in more processes being spawned) and no processes will be idle cleaned. Processes could still be shutdown because of other events, e.g. because their memory limit have been reached. You can see whether the flag is set by invoking passenger-status. If you see the message "Resisting deployment error" then the flag is set.

This way, visitors will suffer minimally from deployment errors. Phusion Passenger will attempt to restart the application again next time restart.txt is touched.

Enabling deployment error resistance only works if rolling restart is also enabled.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is off.

8.3. Connection handling options

8.3.1. passenger_ignore_client_abort <on|off>

Normally, when the HTTP client aborts the connection (e.g. when the user clicked on "Stop" in the browser), the connection with the application process will be closed too. If the application process continues to send its response, then that will result in EPIPE errors in the application, which will be printed in the error log if the application doesn’t handle them gracefully.

If this option is turned on then upon client abort Phusion Passenger will continue to read the application process’s response while discarding all the read data. This prevents EPIPE errors but it’ll also mean the backend process will be unavailable for new requests until it is done sending its response.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is off.

8.3.2. passenger_set_cgi_param <CGI environment name> <value>

Allows one to define additional CGI environment variables to pass to the web application. This is comparable to ngx_http_fastcgi_module’s fastcgi_param directive, and to ngx_http_proxy_module’s proxy_set_header option. Nginx variables in the value are interpolated.

These variables passed in the following manner:

  • On every request, in the form of a request variable.

  • During application spawning, in the form of a system environment variable that can be looked up through getenv().

Example usage:

# Application will see a CGI environment "APP_NAME" with value "my super blog".
passenger_set_cgi_param APP_NAME "my super blog";

# Nginx variables are interpolated.
passenger_set_cgi_param EXTRA_REQUEST_METHOD method=$request_method;
Note
Use CGI environment names

If you want to set an HTTP header, then you must set it in the CGI environment name format, i.e. HTTP_*:

# !!!THIS IS WRONG!!! Don't do this!
passenger_set_cgi_param X-Forwarded-For 127.0.0.2;

# Instead, write it like this:
passenger_set_cgi_param HTTP_X_FORWARDED_FOR 127.0.0.2;
Warning
This configuration option is NOT inherited across contexts

In each new context (e.g. in each new location block), you must re-specify passenger_set_cgi_param. Values set in parent contexts have no effect on subcontexts. For example:

server {
    ...
    passenger_set_cgi_param FOO foo;

    location /users {
        passenger_enabled_on;
        # !!!THIS IS WRONG!!! The 'FOO' CGI variable will not
        # be passed URLs beginning with /users because you didn't
        # re-specify passenger_set_cgi_param.
    }

    location /apps {
        passenger_enabled on;
        # This is correct. Here we re-specify passenger_set_cgi_param,
        # so the 'FOO' CGI variable will be correctly passed to URLs
        # starting with /apps.
        passenger_set_cgi_param FOO foo;
    }
}

This option may occur in the following places:

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

8.3.3. passenger_pass_header <header name>

Some headers generated by backend applications are not forwarded to the HTTP client, e.g. X-Accel-Redirect which is directly processed by Nginx and then discarded from the final response. This directive allows one to force Nginx to pass those headers anyway, similar to how proxy_pass_header works.

For example:

location / {
   passenger_pass_header X-Accel-Redirect;
}

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

8.3.4. passenger_buffer_response <on|off>

When turned on, application-generated responses are buffered by Nginx. Buffering will happen in memory and also on disk if the response is larger than a certain threshold.

Before we proceed with explaining this configuration option, we want to state the following to avoid confusion. If you use Phusion Passenger for Nginx, there are in fact two response buffering systems active:

  1. The Nginx response buffering system. passenger_buffer_response turns this on or off.

  2. The Phusion Passenger response buffering system, a.k.a. real-time disk-backed response buffering. This buffering system is always on, regardless of the value of passenger_buffer_response.

Response buffering is useful because it protects against slow HTTP clients that do not read responses immediately or quickly enough. Buffering prevents such slow clients from blocking web applications that have limited concurrency. Because Phusion Passenger’s response buffering is always turned on, you are always protected. Therefore, passenger_buffer_response is off by default, and you never should have to turn it on.

If for whatever reason you want to turn Nginx-level response buffering on, you can do so with this option.

Nginx’s response buffering works differently from Phusion Passenger’s. Nginx’s buffering system buffers the entire response before attempting to send it to the client, while Phusion Passenger’s attempts to send the data to the client immediately. Therefore, if you turn on passenger_buffer_response, you may interfere with applications that want to stream responses to the client.

How does response buffering - whether it’s done by Nginx or by Phusion Passenger - exactly protect against slow clients? Consider an HTTP client that’s on a dial-up modem link, and your application process generates a 2 MB response. If the response is buffered then your application process will be blocked until the entire 2 MB has been sent out to the HTTP client. This disallows your application process to do any useful work in the mean time. By buffering responses, Phusion Passenger or Nginx will read the application response as quickly as possible and will take care of forwarding the data to slow clients.

So keep in mind that enabling passenger_buffering_response will make streaming responses impossible. Consider for example this piece of Rails code:

render :text => lambda { |response, output|
    10.times do |i|
        output.write("entry #{i}\n")
        output.flush
        sleep 1
    end
}

…or this piece of Rack code:

class Response
    def each
        10.times do |i|
            yield("entry #{i}\n")
            sleep 1
        end
    end
end

app = lambda do |env|
    [200, { "Content-Type" => "text/plain" }, Response.new]
end

When passenger_buffer_response is turned on, Nginx will wait until the application is done sending the entire response before forwarding it to the client. The client will not receive anything for 10 seconds, after which it receives the entire response at once. When passenger_buffer_response is turned off, it works as expected: the client receives an "entry X" message every second for 10 seconds.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is off.

8.3.5. passenger_buffer_size

8.3.6. passenger_buffers

8.3.7. passenger_busy_buffer_size

These options have the same effect as proxy_module’s similarly named options. They can be used to modify the maximum allowed HTTP header size.

8.3.8. passenger_intercept_errors <on|off>

Introduced in version 4.0.15.

Decides if Nginx will intercept responses with HTTP status codes of 400 and higher.

By default, all responses are sent as-is from the application or from the Phusion Passenger core. If you turn this option on then Nginx will be able to handle such responses using the Nginx error_page option. Responses with status codes that do not match an error_page option are sent as-is.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is off.

8.3.9. passenger_max_request_queue_size <number>

Introduced in version 4.0.15.

When all application processes are already handling their maximum number of concurrent requests, Phusion Passenger will queue all incoming requests. This option specifies the maximum size for that queue. If the queue is already at this specified limit, then Phusion Passenger will immediately send a "503 Service Unavailable" error to any incoming requests. You may use passenger_request_queue_overflow_status_code to customize the response status.

A value of 0 means that the queue is unbounded.

This article on StackOverflow explains how the request queue works, what it means for the queue to grow or become full, why that is bad, and what you can do about it.

You may combine this option with passenger_intercept_errors and error_page to set a custom error page whenever the queue is full. In the following example, Nginx will serve /error503.html whenever the queue is full:

passenger_intercept_errors on;
error_page 503 /error503.html;

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 100.

8.3.10. passenger_request_queue_overflow_status_code <code>

Introduced in version 4.0.15.

This option allows you to customize the HTTP status code that is sent back when the request queue is full. See passenger_max_request_queue_size for more information.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 503.

8.4. Security options

8.4.1. passenger_user_switching <on|off>

Whether to enable user switching support.

This option may only occur once, in the http configuration block. The default value is on.

Note This option has no effect when you are using Flying Passenger. You can disable user switching for Flying Passenger by starting the Flying Passenger daemon as a non-root user.

8.4.2. passenger_user <username>

If user switching support is enabled, then Phusion Passenger will by default run the web application as the owner of the file config/environment.rb (for Rails apps) or config.ru (for Rack apps). This option allows you to override that behavior and explicitly set a user to run the web application as, regardless of the ownership of environment.rb/config.ru.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once.

8.4.3. passenger_group <group name>

If user switching support is enabled, then Phusion Passenger will by default run the web application as the primary group of the owner of the file config/environment.rb (for Rails apps) or config.ru (for Rack apps). This option allows you to override that behavior and explicitly set a group to run the web application as, regardless of the ownership of environment.rb/config.ru.

<group name> may also be set to the special value !STARTUP_FILE!, in which case the web application’s group will be set to environment.rb/config.ru's group.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once.

8.4.4. passenger_default_user <username>

Phusion Passenger enables user switching support by default. This configuration option allows one to specify the user that applications must run as, if user switching fails or is disabled.

This option may only occur once, in the http configuration block. The default value is nobody.

Note This option has no effect when you are using Flying Passenger. There is currently no way to set this option when using Flying Passenger, but if you want to disable user switching for Flying Passenger then you can do so by starting the Flying Passenger daemon as a non-root user.

8.4.5. Passenger_default_group <group name>

Phusion Passenger enables user switching support by default. This configuration option allows one to specify the group that applications must run as, if user switching fails or is disabled.

This option may only occur once, in the http configuration block. The default value is the primary group of the user specifified by passenger_default_user.

Note This option has no effect when you are using Flying Passenger. There is currently no way to set this option when using Flying Passenger, but if you want to disable user switching for Flying Passenger then you can do so by starting the Flying Passenger daemon as a non-root user.

8.4.6. passenger_show_version_in_header <on|off>

When turned on, Phusion Passenger will output its version number in the Server and X-Powered-By header in all Phusion Passenger-served requests:

Server: nginx/1.3.11 + Phusion Passenger 4.0.0
X-Powered-By: Phusion Passenger 4.0.0

When turned off, the version number will be hidden:

Server: nginx/1.3.11 + Phusion Passenger
X-Powered-By: Phusion Passenger

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is on.

8.4.7. passenger_friendly_error_pages <on|off>

Phusion Passenger can display friendly error pages whenever an application fails to start. This friendly error page presents the startup error message, some suggestions for solving the problem, and a backtrace. This feature is very useful during application development and useful for less experienced system administrators, but the page might reveal potentially sensitive information, depending on the application. Experienced system administrators who are using Phusion Passenger on serious production servers should consider turning this feature off.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is on.

8.5. Resource control and optimization options

8.5.1. passenger_max_pool_size <integer>

The maximum number of application processes that may simultanously exist. A larger number results in higher memory usage, but improves the ability to handle concurrent HTTP requests.

The optimal value depends on your system’s hardware and your workload. You can learn more at the Phusion article Tuning Phusion Passenger’s concurrency settings.

If you find that your server is running out of memory then you should lower this value.

This option may only occur once, in the http configuration block. The default value is 6.

Note This option has no effect when you are using Flying Passenger. Instead, you should configure this by passing the --max-pool-size command line option to the Flying Passenger daemon.

8.5.2. passenger_min_instances <integer>

This specifies the minimum number of application processes that should exist for a given application. You should set this option to a non-zero value if you want to avoid potentially long startup times after a website has been idle for an extended period.

Please note that this option does not pre-start application processes during Nginx startup. It just makes sure that when the application is first accessed:

  1. at least the given number of processes will be spawned.

  2. the given number of processes will be kept around even when processes are being idle cleaned (see passenger_pool_idle_time).

If you want to pre-start application processes during Nginx startup, then you should use the passenger_pre_start directive, possibly in combination with passenger_min_instances. This behavior might seem counter-intuitive at first sight, but passenger_pre_start explains the rationale behind it.

For example, suppose that you have the following configuration:

http {
    ...
    passenger_max_pool_size 15;
    passenger_pool_idle_time 10;

    server {
        listen 80;
        server_name foobar.com;
        root /webapps/foobar/public;
        passenger_min_instances 3;
    }
}

When you start Nginx, there are 0 application processes for foobar.com. Things will stay that way until someone visits foobar.com. Suppose that there is only 1 visitor. 1 application process will be started immediately to serve the visitor, while 2 will be spawned in the background. After 10 seconds, when the idle timeout has been reached, these 3 application processes will not be cleaned up.

Now suppose that there’s a sudden spike of traffic, and 100 users visit foobar.com simultanously. Phusion Passenger will start 12 more application processes. After the idle timeout of 10 seconds have passed, Phusion Passenger will clean up 12 application processes, keeping 3 processes around.

The passenger_min_instances option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 1.

8.5.3. passenger_max_instances <integer>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 3.0.0. Buy Phusion Passenger Enterprise here.

The maximum number of application processes that may simultaneously exist for an application. This helps to make sure that a single application will not occupy all available slots in the application pool.

This value must be less than passenger_max_pool_size. A value of 0 means that there is no limit placed on the number of processes a single application may spawn, i.e. only the global limit of passenger_max_pool_size will be enforced.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 0.

Tip
Practical usage example

Suppose that you’re hosting two web applications on your server, a personal blog and an e-commerce website. You’ve set passenger_max_pool_size to 10. The e-commerce website is more important to you. You can then set passenger_max_instances to 3 for your blog, so that it will never spawn more than 3 processes, even if it suddenly gets a lot of traffic. Your e-commerce website on the other hand will be free to spawn up to 10 processes if it gets a lot of traffic.

8.5.4. passenger_max_instances_per_app <integer>

The maximum number of application processes that may simultaneously exist for a single application. This helps to make sure that a single application will not occupy all available slots in the application pool.

This value must be less than passenger_max_pool_size. A value of 0 means that there is no limit placed on the number of processes a single application may use, i.e. only the global limit of passenger_max_pool_size will be enforced.

This option may only occur once, in the http configuration block. The default value is 0.

8.5.5. passenger_pool_idle_time <integer>

The maximum number of seconds that an application process may be idle. That is, if an application process hasn’t received any traffic after the given number of seconds, then it will be shutdown in order to conserve memory.

Decreasing this value means that applications will have to be spawned more often. Since spawning is a relatively slow operation, some visitors may notice a small delay when they visit your Rails/Rack website. However, it will also free up resources used by applications more quickly.

The optimal value depends on the average time that a visitor spends on a single Rails/Rack web page. We recommend a value of 2 * x, where x is the average number of seconds that a visitor spends on a single Rails/Rack web page. But your mileage may vary.

When this value is set to 0, application processes will not be shutdown unless it’s really necessary, i.e. when Phusion Passenger is out of worker processes for a given application and one of the inactive application processes needs to make place for another application process. Setting the value to 0 is recommended if you’re on a non-shared host that’s only running a few applications, each which must be available at all times.

This option may only occur once, in the http configuration block. The default value is 300.

Note This option has no effect when you are using Flying Passenger. Instead, you should configure this by passing the --pool-idle-time command line option to the Flying Passenger daemon.

8.5.6. passenger_max_preloader_idle_time <integer>

The ApplicationSpawner server (explained in Spawning methods explained) has an idle timeout, just like the backend processes spawned by Phusion Passenger do. That is, it will automatically shutdown if it hasn’t done anything for a given period.

This option allows you to set the ApplicationSpawner server’s idle timeout, in seconds. A value of 0 means that it should never idle timeout.

Setting a higher value will mean that the ApplicationSpawner server is kept around longer, which may slightly increase memory usage. But as long as the ApplicationSpawner server is running, the time to spawn a Ruby on Rails backend process only takes about 10% of the time that is normally needed, assuming that you’re using the smart or smart-lv2 spawning method. So if your system has enough memory, is it recommended that you set this option to a high value or to 0.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 300 (5 minutes).

Note This option has no effect when you are using Flying Passenger. Instead, you should configure this by passing the --max-preloader-idle-time command line option to the Flying Passenger daemon.

8.5.7. passenger_start_timeout <seconds>

Introduced in version 4.0.15.

Specifies a timeout for the startup of application processes. If an application process fails to start within the timeout period then it will be forcefully killed with SIGKILL, and the error will be logged.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 90.

8.5.8. passenger_concurrency_model <process|thread>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 4.0.0. Buy Phusion Passenger Enterprise here.

Specifies the I/O concurrency model that should be used for application processes. Phusion Passenger supports two concurrency models:

  • process - single-threaded, multi-processed I/O concurrency. Each application process only has a single thread and can only handle 1 request at a time. This is the concurrency model that Ruby applications traditionally used. It has excellent compatiblity (can work with applications that are not designed to be thread-safe) but is unsuitable for workloads in which the application has to wait for a lot of external I/O (e.g. HTTP API calls), and uses more memory because each process has a large memory overhead.

  • thread - multi-threaded, multi-processed I/O concurrency. Each application process has multiple threads (customizable via passenger_thread_count). This model provides much better I/O concurrency and uses less memory because threads share memory with each other within the same process. However, using this model may cause compatibility problems if the application is not designed to be thread-safe.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is process.

8.5.9. passenger_thread_count <number>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 4.0.0. Buy Phusion Passenger Enterprise here.

Specifies the number of threads that Phusion Passenger should spawn per application process. This option only has effect if passenger_concurrency_model is thread.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 1.

8.5.10. passenger_max_requests <integer>

The maximum number of requests an application process will process. After serving that many requests, the application process will be shut down and Phusion Passenger will restart it. A value of 0 means that there is no maximum: an application process will thus be shut down when its idle timeout has been reached.

This option is useful if your application is leaking memory. By shutting it down after a certain number of requests, all of its memory is guaranteed to be freed by the operating system.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 0.

Caution

The passenger_max_requests directive should be considered as a workaround for misbehaving applications. It is advised that you fix the problem in your application rather than relying on these directives as a measure to avoid memory leaks.

8.5.11. passenger_max_request_time <seconds>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 3.0.0. Buy Phusion Passenger Enterprise here.

The maximum amount of time, in seconds, that an application process may take to process a request. If the request takes longer than this amount of time, then the application process will be forcefully shut down, and possibly restarted upon the next request. A value of 0 means that there is no time limit.

This option is useful for preventing your application from freezing for an indefinite period of time.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 0.

Example

Suppose that most of your requests are known to finish within 2 seconds. However, there is one URI, /expensive_computation, which is known to take up to 10 seconds. You can then configure Phusion Passenger as follows:

server {
    listen 80;
    server_name www.example.com;
    root /webapps/my_app/public;
    passenger_enabled on;
    passenger_max_request_time 2;
    location /expensive_compuation {
        passenger_enabled on;
        passenger_max_request_time 10;
    }
}

If a request to /expensive_computation takes more than 10 seconds, or if a request to any other URI takes more than 2 seconds, then the corresponding application process will be forced to shutdown.

Caution

The passenger_max_request_time directive should be considered as a workaround for misbehaving applications. It is advised that you fix the problem in your application rather than relying on these directives as a measure to avoid freezing applications.

8.5.12. passenger_memory_limit <integer>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 3.0.0. Buy Phusion Passenger Enterprise here.

The maximum amount of memory that an application process may use, in megabytes. Once an application process has surpassed its memory limit, it will process all the requests currently present in its queue and then shut down. A value of 0 means that there is no maximum: the application’s memory usage will not be checked.

This option is useful if your application is leaking memory. By shutting it down, all of its memory is guaranteed to be freed by the operating system.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is 0.

Note
A word about permissions

The passenger_memory_limit directive uses the ps command to query memory usage information. On Linux, it further queries /proc to obtain additional memory usage information that’s not obtainable through ps. You should ensure that the ps works correctly and that the /proc filesystem is accessible by the PassengerHelperAgent process.

Caution

The passenger_max_requests and passenger_memory_limit directives should be considered as workarounds for misbehaving applications. It is advised that you fix the problem in your application rather than relying on these directives as a measure to avoid memory leaks.

8.5.13. passenger_pre_start <url>

By default, Phusion Passenger does not start any application processes until said web application is first accessed. The result is that the first visitor of said web application might experience a small delay as Phusion Passenger is starting the web application on demand. If that is undesirable, then this directive can be used to pre-started application processes during Nginx startup.

A few things to be careful of:

  • This directive accepts the URL of the web application you want to pre-start, not a on/off value! This might seem a bit weird, but read on for rationale. As for the specifics of the URL:

    • The domain part of the URL must be equal to the value of the server_name directive of the server block that defines the web application.

    • Unless the web application is deployed on port 80, the URL should contain the web application’s port number too.

    • The path part of the URL must point to some URI that the web application handles.

  • You will probably want to combine this option with passenger_min_instances because application processes started with passenger_pre_start are subject to the usual idle timeout rules. See the example below for an explanation.

This option may only occur in the http configuration block. It may be specified any number of times.

Note This option is currently not available when using Flying Passenger.
Example 1: basic usage

Suppose that you have the following web applications.

server {
    listen 80;
    server_name foo.com;
    root /webapps/foo/public;
    passenger_enabled on;
}

server {
    listen 3500;
    server_name bar.com;
    root /webapps/bar/public;
    passenger_enabled on;
}

You want both of them to be pre-started during Nginx startup. The URL for foo.com is http://foo.com/ (or, equivalently, http://foo.com:80/) and the URL for bar.com is http://bar.com:3500/. So we add two passenger_pre_start directives, like this:

server {
    listen 80;
    server_name foo.com;
    root /webapps/foo/public;
    passenger_enabled on;
}

server {
    listen 3500;
    server_name bar.com;
    root /webapps/bar/public;
    passenger_enabled on;
}

passenger_pre_start http://foo.com/;           # <--- added
passenger_pre_start http://bar.com:3500/;      # <--- added
Example 2: pre-starting apps that are deployed in sub-URIs

Suppose that you have a web application deployed in a sub-URI /store, like this:

server {
    listen 80;
    server_name myblog.com;
    root /webapps/wordpress;
    passenger_base_uri /store;
}

Then specify the server_name value followed by the sub-URI, like this:

server {
    listen 80;
    server_name myblog.com;
    root /webapps/wordpress;
    passenger_base_uri /store;
}

passenger_pre_start http://myblog.com/store;    # <----- added

The sub-URI must be included; if you don’t then the directive will have no effect. The following example is wrong and won’t pre-start the store web application:

passenger_pre_start http://myblog.com/;    # <----- WRONG! Missing "/store" part.
Example 3: combining with passenger_min_instances

Application processes started with passenger_pre_start are also subject to the idle timeout rules as specified by passenger_pool_idle_time! That means that by default, the pre-started application processes for foo.com are bar.com are shut down after a few minutes of inactivity. If you don’t want that to happen, then you should combine passenger_pre_start with passenger_min_instances, like this:

server {
    listen 80;
    server_name foo.com;
    root /webapps/foo/public;
    passenger_enabled on;
    passenger_min_instances 1;      # <--- added
}

server {
    listen 3500;
    server_name bar.com;
    root /webapps/bar/public;
    passenger_enabled on;
    passenger_min_instances 1;      # <--- added
}

passenger_pre_start http://foo.com/;
passenger_pre_start http://bar.com:3500/;
So why a URL? Why not just an on/off flag?

A directive that accepts a simple on/off flag is definitely more intuitive, but due technical difficulties w.r.t. the way Nginx works, it’s very hard to implement it like that:

It is very hard to obtain a full list of web applications defined in the Nginx configuration file(s). In other words, it’s hard for Phusion Passenger to know which web applications are deployed on Nginx until a web application is first accessed, and without such a list Phusion Passenger wouldn’t know which web applications to pre-start. So as a compromise, we made it accept a URL.

What does Phusion Passenger do with the URL?

During Nginx startup, Phusion Passenger will send a dummy HEAD request to the given URL and discard the result. In other words, Phusion Passenger simulates a web access at the given URL. However this simulated request is always sent to localhost, not to the IP that the domain resolves to. Suppose that bar.com in example 1 resolves to 209.85.227.99; Phusion Passenger will send the following HTTP request to 127.0.0.1 port 3500 (and not to 209.85.227.99 port 3500):

HEAD / HTTP/1.1
Host: bar.com
Connection: close

Similarly, for example 2, Phusion Passenger will send the following HTTP request to 127.0.0.1 port 80:

HEAD /store HTTP/1.1
Host: myblog.com
Connection: close
Do I need to edit /etc/hosts and point the domain in the URL to 127.0.0.1?

No. See previous subsection.

My web application consists of multiple web servers. What URL do I need to specify, and in which web server’s Nginx config file?

Put the web application’s server_name value and the server block’s port in the URL, and put passenger_pre_start on all machines that you want to pre-start the web application on. The simulated web request is always sent to 127.0.0.1, with the domain name in the URL as value for the Host HTTP header, so you don’t need to worry about the request ending up at a different web server in the cluster.

Does passenger_pre_start support https:// URLs?

Yes. And it does not perform any certificate validation.

8.6. Logging and debugging options

8.6.1. passenger_log_level <integer>

This option allows one to specify how much information Phusion Passenger should write to the Nginx error log file. A higher log level value means that more information will be logged.

Possible values are:

  • 0: Show only errors and warnings.

  • 1: Show the most important debugging information. This might be useful for system administrators who are trying to figure out the cause of a problem.

  • 2: Show more debugging information. This is typically only useful for developers.

  • 3: Show even more debugging information.

This option may only occur once, in the http configuration block. The default is 0.

8.6.2. passenger_debug_log_file <filename>

By default Phusion Passenger debugging and error messages are written to the global web server error log. This option allows one to specify the file that debugging and error messages should be written to instead.

This option may only occur once, in the http configuration block.

Note This option has no effect when you are using Flying Passenger. Instead, you should configure this by passing the --log-file command line option to the Flying Passenger daemon.

8.6.3. passenger_debugger <on|off>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 3.0.0. Buy Phusion Passenger Enterprise here.

Turns support for application debugging on or off. In case of Ruby applications, turning this option on will cause them to load the ruby-debug gem (when on Ruby 1.8), the debugger gem (when on Ruby 1.9) or the byebug gem (when on Ruby 2.0). If you’re using Bundler, you should add this to your Gemfile:

gem 'ruby-debug', :platforms => :ruby_18
gem 'debugger', :platforms => :ruby_19
gem 'byebug', :platforms => :ruby_20

Once debugging is turned on, you can use the command passenger-irb --debug <PID> to attach an rdebug console to the application process with the given PID. Attaching will succeed once the application process executes a debugger command.

This option may occur in the following places:

  • In the http configuration block.

  • In a server configuration block.

  • In a location configuration block.

  • In an if configuration scope.

In each place, it may be specified at most once. The default value is off.

8.7. Advanced options

8.7.1. passenger_temp_dir <directory>

Specifies the directory that Phusion Passenger should use for storing temporary files. This includes things such as Unix socket files.

This option may only be specified in the http configuration block. The default temp directory that Phusion Passenger uses is /tmp.

This option is especially useful if Nginx is not allowed to write to /tmp (which is the case on some systems with strict SELinux policies) or if the partition that /tmp lives on doesn’t have enough disk space.

Command line tools

Some Phusion Passenger command line administration tools, such as passenger-status, must know what Phusion Passenger’s temp directory is in order to function properly. You can pass the directory through the PASSENGER_TMPDIR environment variable, or the TMPDIR environment variable (the former will be used if both are specified).

For example, if you set passenger_temp_dir to /my_temp_dir, then invoke passenger-status after you’ve set the PASSENGER_TMPDIR or TMPDIR environment variable, like this:

export PASSENGER_TMPDIR=/my_temp-dir
sudo -E passenger-status
# The -E option tells 'sudo' to preserve environment variables.
Note This option has no effect when you are using Flying Passenger. Instead, you should configure this by passing the --temp-dir command line option to the Flying Passenger daemon.

8.7.2. passenger_fly_with <socket filename>

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 4.1.0. Buy Phusion Passenger Enterprise here.

Enables Flying Passenger mode, and configures Nginx to connect to the Flying Passenger daemon that’s listening on the given socket filename.

This option may only occur once, in the http configuration block. When not set, Flying Passenger is not enabled.

8.8. Deprecated options

The following options have been deprecated, but are still supported for backwards compatibility reasons.

8.8.1. rails_spawn_method

Deprecated in favor of passenger_spawn_method.

9. Troubleshooting

9.1. Generic troubleshooting tips

One of the first things you should do upon encountering a problem, is to check the global Nginx error log file. This is one specified by the error_log directive in the main context (not the one inside the http context). The file is typically located in /var/log/nginx/error.log. This log file contains:

  • Phusion Passenger error messages.

  • Everything that the application writes to STDERR. This typically consists of errors that the application encounters during startup, but not errors that it encounters when it’s handling requests.

If you’re using Ruby on Rails, then you should also check out log/development.log and log/production.log. When an error occurs during request handling, it is typically logged here. This file does not contain errors that Rails encounters during startup.

Finally, you should be aware that Phusion Passenger runs your application under the production environment by default, not development. You can change this using the rails_env option.

If neither the logs nor this troubleshooting guide can help you, then please check out our support resources.

9.2. Why does the first request take a long time?

Symptoms

The first request to your application takes more time than usual. Subsequent requests have the normal speed.

Cause

Phusion Passenger starts your application the first time it is accessed, not during web server startup. Some applications can take several seconds to start. If you’re using Ruby on Rails, then needing 10 seconds to start your application is normal. On slow or heavily loaded servers, or in case of large and heavy applications, the startup time may be even longer.

Solution

Use the passenger_pre_start configuration option.

9.3. Upon accessing the web app, Nginx reports a "Permission denied" error

Symptoms

A typical error message looks like this:

2013/10/21 17:16:03 [alert] 98687#0: *1 Cannot stat
'/Users/phusion/Sites/rack.test/config.ru': Permission denied (errno=13); This
error means that the Nginx worker process (PID 99064, running as UID 70) does
not have permission to access this file. Please read the manual to learn how to
fix this problem: section 'Troubleshooting' -> 'Upon accessing the web app,
Nginx reports a "Permission denied" error'; Extra info, client: 127.0.0.1,
server: www.foo.com, request: "GET / HTTP/1.1", host: "www.foo.com"
Cause

Phusion Passenger tries to access your application directory in order to find out what language it’s written in. This access is initiated from inside an Nginx worker process. This error indicates that the Nginx worker process does not have the proper permissions to access your application’s root directory.

Solution

You need to relax permissions to that the Nginx worker process can access your application directory, by making the directory group- and world-executable:

sudo chmod g+x,o+x /Users/phusion/Sites/rack.test

You also need to ensure that all parent directories are also executable by the Nginx process:

sudo chmod g+x,o+x /Users/phusion/Sites
sudo chmod g+x,o+x /Users/phusion
sudo chmod g+x,o+x /Users
Note
Why executable permission and not readable?
On Unix, the executable permission on directories dictates whether a process is allowed to access files or subdirectories within that directory. The readable permission dictates whether a process is allowed to see what files are inside the directory, but does not necessarily allow access to them. You can learn more at Wikipedia.

9.4. The application thinks its not on SSL even though it is

Rails and many other frameworks infers whether it’s running on SSL through the CGI environment variable HTTPS. This variable is only set if you set ssl on. Setting just listen 443 ssl is not enough.

9.5. Ruby on Rails-specific troubleshooting

9.5.1. The "About your application’s environment" link does not work

The "About your application’s environment" link only works if the application is started in the development environment. Phusion Passenger starts the application in the production environment by default. Please use rails_env to change it.

9.5.2. The Rails application reports that it’s unable to start because of a permission error

Please check whether your Rails application’s folder has the correct permissions. By default, Rails applications are started as the owner of the file config.ru, except if the file is owned by root. If the file is owned by root, then the Rails application will be started as nobody (or as the user specify by RailsDefaultUser, if that’s specified).

Please read User switching (security) for details.

9.5.3. The Rails application’s log file is not being written to

There are a couple things that you should be aware of:

  • By default, Phusion Passenger runs Rails applications in production mode, so please be sure to check production.log instead of development.log.

    See rails_env for configuration. - By default, Phusion Passenger runs Rails applications as the owner of config.ru. So the log file can only be written to if that user has write permission to the log file. Please chmod or chown your log file accordingly.

    See User switching (security) for details.

If you’re using a RedHat-derived Linux distribution (such as Fedora or CentOS) then it is possible that SELinux is interfering. RedHat’s SELinux policy only allows Apache to read/write directories that have the httpd_sys_content_t security context. Please run the following command to give your Rails application folder that context:

chcon -R -h -t httpd_sys_content_t /path/to/your/rails/app

10. Analysis and system maintenance

Phusion Passenger provides a set of tools, which are useful for system analysis, maintenance and troubleshooting.

10.1. Inspecting memory usage

Process inspection tools such as ps and top are useful, but they rarely show the correct memory usage. The real memory usage is usually lower than what ps and top report.

There are many technical reasons why this is so, but an explanation is beyond the scope of this Users Guide. We kindly refer the interested reader to operating systems literature about virtual memory and copy-on-write.

The tool passenger-memory-stats allows one to easily analyze Phusion Passenger’s and the web server’s real memory usage. For example:

[bash@localhost root]# passenger-memory-stats
------------- Apache processes --------------.
PID    PPID  Threads  VMSize   Private  Name
---------------------------------------------.
5947   1     9        90.6 MB  0.5 MB   /usr/sbin/apache2 -k start
5948   5947  1        18.9 MB  0.7 MB   /usr/sbin/fcgi-pm -k start
6029   5947  1        42.7 MB  0.5 MB   /usr/sbin/apache2 -k start
6030   5947  1        42.7 MB  0.5 MB   /usr/sbin/apache2 -k start
6031   5947  1        42.5 MB  0.3 MB   /usr/sbin/apache2 -k start
6033   5947  1        42.5 MB  0.4 MB   /usr/sbin/apache2 -k start
6034   5947  1        50.5 MB  0.4 MB   /usr/sbin/apache2 -k start
23482  5947  1        82.6 MB  0.4 MB   /usr/sbin/apache2 -k start
### Processes: 8
### Total private dirty RSS: 3.50 MB

----------- Nginx processes ------------.
PID    PPID   VMSize     Resident  Name
----------------------------------------.
51766  51764  82.7 MB    3.9 MB    nginx: master process ./objs/nginx
51773  51766  82.9 MB    0.9 MB    nginx: worker process

--------- Passenger processes ---------.
PID    Threads  VMSize   Private  Name
---------------------------------------.
6026   1        10.9 MB  4.7 MB   Passenger spawn server
23481  1        26.7 MB  3.0 MB   Passenger FrameworkSpawner: 2.0.2
23791  1        26.8 MB  2.9 MB   Passenger ApplicationSpawner: /var/www/projects/app1-foobar
23793  1        26.9 MB  17.1 MB  Rails: /var/www/projects/app1-foobar
### Processes: 4
### Total private dirty RSS: 27.76 M

The Private or private dirty RSS field shows the real memory usage of processes. Here, we see that all the Apache and Nginx worker processes only take less than 1 MB memory each. This is a lot less than the 50-80 MB-ish memory usage as shown in the VMSize column (which is what a lot of people think is the real memory usage, but is actually not).

Note Private dirty RSS reporting only works on Linux. Unfortunately other operating systems don’t provide facilities for determining processes' private dirty RSS. On non-Linux systems, the Resident Set Size is reported instead.

10.2. Inspecting Phusion Passenger’s internal status

One can inspect Phusion Passenger’s internal status with the tool passenger-status. This tool must typically be run as root. For example:

[bash@localhost root]# passenger-status
----------- General information -----------
max      = 6
count    = 1
active   = 0
inactive = 1

----------- Domains -----------
/var/www/projects/app1-foobar:
  PID: 9617      Sessions: 0    Processed: 7       Uptime: 2m 23s

The general information section shows the following information:

max

The maximum number of application instances that Phusion Passenger will spawn. This equals the value given for PassengerMaxPoolSize (Apache) or passenger_max_pool_size (Nginx).

count

The number of application instances that are currently alive. This value is always less than or equal to max.

active

The number of application instances that are currently processing requests. This value is always less than or equal to count.

inactive

The number of application instances that are currently not processing requests, i.e. are idle. Idle application instances will be shutdown after a while, as can be specified with PassengerPoolIdleTime (Apache)/passenger_pool_idle_time (Nginx) (unless this value is set to 0, in which case application instances are never shut down via idle time). The value of inactive equals count - active.

The domains section shows, for each application directory, information about running application instances:

Sessions

Shows how many HTTP client are currently in the queue of that application Instance, waiting to be processed.

Processed

Indicates how many requests the instance has served until now. Tip: it’s possible to limit this number with the PassengerMaxRequests configuration directive.

Uptime

Shows for how long the application instance has been running.

Since Phusion Passenger uses fair load balancing by default, the number of sessions for the application instances should be fairly close to each other. For example, this is fairly normal:

  PID: 4281      Sessions: 2      Processed: 7      Uptime: 5m 11s
  PID: 4268      Sessions: 0      Processed: 5      Uptime: 4m 52s
  PID: 4265      Sessions: 1      Processed: 6      Uptime: 5m 38s
  PID: 4275      Sessions: 1      Processed: 7      Uptime: 3m 14s

But if you see a "spike", i.e. an application instance has an unusually high number of sessions compared to the others, then there might be a problem:

  PID: 4281      Sessions: 2      Processed: 7      Uptime: 5m 11s
  PID: 17468     Sessions: 8 <-+  Processed: 2      Uptime: 4m 47s
  PID: 4265      Sessions: 1   |  Processed: 6      Uptime: 5m 38s
  PID: 4275      Sessions: 1   |  Processed: 7      Uptime: 3m 14s
                               |
                               +---- "spike"

The most likely reason why a spike occurs is because your application is frozen, i.e. it has stopped responding. See Debugging frozen applications for tips.

10.3. Debugging frozen applications

If one of your application processes is frozen (stopped responding), then you can figure out where it is frozen by killing it with SIGABRT. This will cause the processs to print a backtrace, after which it aborts. The backtrace information is logged into the web server error log file.

In case of Ruby applications, you can also send the SIGQUIT signal to have it print a backtrace without aborting.

10.4. Accessing individual application processes

When a request is sent to the web server, Phusion Passenger will automatically forward the request to the most suitable application process, but sometimes it is desirable to be able to directly access the individual application processes. Use cases include, but are not limited to:

  • One wants to debug a memory leak or memory bloat problem that only seems to appear on certain URIs. One can send a request to a specific process to see whether that request causes the process’s memory usage to rise.

  • The application caches data in local memory, and one wants to tell a specific application process to clear that local data.

  • Other debugging use cases.

All individual application processes are accessible via HTTP, so you can use standard HTTP tools like curl. The exact addresses can be obtained with the command passenger-status --verbose. These sockets are all bound to 127.0.0.1, but the port number is dynamically assigned. As a security measure, the sockets are also protected with a process-specific random password, which you can see in the passenger-status --verbose output. This password must be sent through the “X-Passenger-Connect-Password” HTTP header.

Example:

bash# passenger-status --verbose
----------- General information -----------
max      = 6
count    = 2
active   = 0
inactive = 2
Waiting on global queue: 0

----------- Application groups -----------
/Users/hongli/Sites/rack.test:
  App root: /Users/hongli/Sites/rack.test
  * PID: 24235   Sessions: 0    Processed: 7       Uptime: 17s
      URL     : http://127.0.0.1:58122
      Password: nFfVOX1F8LjZ90HJh28Sd_htJOsgRsNne2QXKf8NIXw
  * PID: 24250   Sessions: 0    Processed: 4       Uptime: 1s
      URL     : http://127.0.0.1:57933
      Password: _RGXlQ9EGDGJKLevQ_qflUtF1KmxEo2UiRzMwIE1sBY

Here we see that the web application rack.test has two processes. Process 24235 is accessible via http://127.0.0.1:58122, and process 24250 is accessible via http://127.0.0.1:57933.

To access 24235 we must send its password, nFfVOX1F8LjZ90HJh28Sd_htJOsgRsNne2QXKf8NIXw, through the X-Passenger-Connect-Password HTTP header, like this:

bash# curl -H "X-Passenger-Connect-Password: nFfVOX1F8LjZ90HJh28Sd_htJOsgRsNne2QXKf8NIXw" http://127.0.0.1:58122/

10.5. Attaching an IRB console to an application process

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 3.0.0. Buy Phusion Passenger Enterprise here.

You can attach an IRB console to any application process and inspect its state by executing arbitrary Ruby code. Do this by invoking passenger-irb <PID> where <PID> is the PID of the application process you wish to inspect. Note that the IRB console is currently only available for Ruby apps, not for apps in any other languages.

11. Tips

11.1. User Switching (security feature)

Phusion Passenger supports automatic user switching: by default, it attempts to run applications as the "right" user, instead of running all applications as the same user.

To better understand the problem, let us consider the situation with PHP. There is a problem that plagues most PHP web hosts, namely the fact that all PHP applications are run in the same user context as the web server. So for example, Joe’s PHP application will be able to read Jane’s PHP application’s passwords. This is obviously undesirable on many servers.

Phusion Passenger’s user switching feature solves this problem. Applications are run as the owner of their "startup file". For Ruby apps, the startup file is config.ru (Rack and Rails >= 3) or config/environment.rb (Rails 1 and 2). For Python apps, the startup file is passenger_wsgi.py. So suppose that config.ru is owned by user joe, then Phusion Passenger will spawn the corresponding application as joe as well. The exact rules are a little bit more complicated, and they’re explained further down in this section.

11.1.1. Requirements

User switching is only enabled when all of the following conditions are met:

  • When not using Flying Passenger (this is probably the case):

    • The passenger_user_switching option must be enabled.

    • The web server’s control process must have root privileges. This is the case on most installations.

  • When using Flying Passenger:

    • The Flying Passenger daemon must be run with root privileges.

11.1.2. Effects

When not using Flying Passenger, the following table illustrates the effect for different combinations of the requirements.

passenger_user_switching on

passenger_user_switching off

Web server has root privileges

User switching enabled.

User switching disabled. Apps are run as passenger_default_user and passenger_default_group.

Web server has no root privileges

User switching disabled. Apps are run as the web server’s user.

User switching disabled. Apps are run as the web server’s user.

When using Flying Passenger, the effect is as follows:

Daemon run with root privileges

User switching enabled.

Daemon run without root privileges

User switching disabled. Apps are run as the daemon’s user.

When user switching is enabled, the following rules are followed to determine what user an application should be run as. The first matching rule is the rule that will be followed.

  1. If passenger_user or passenger_group are set, then the application will be run as the specified user/group. Thus, these options are a good way to override user switching settings.

  2. If the startup file is owned by root or an unknown user, then the application will run as the user specified by passenger_default_user and passenger_default_group.

  3. Otherwise, the application is run as the owner of the startup file.

11.1.3. Caveats & troubleshooting

If your application regularly encounters permission errors or fails to find certain files, then this is an indication that your application is started as a user that you did not intent it to be run as. Other symptoms include:

  • The application fails to start because Bundler complains that it cannot find gems. This probably indicates that Bundler does not have read access to the directory that contains Bundler-installed gems.

  • The application fails to start and its error message mentions the path /nonexistent. This probably indicates that your application is started as the nobody user. This is because on many systems, the nobody user’s home directory is /nonexistent.

To check whether it is indeed the case that your application is started as a different user than you intended to, see Finding out what user an application is running as.

The most likely reason why your application is started as nobody is probably because your startup file is owned by root, by nobody or by an unknown user. To fix this, change the owner of the startup file to the owner that you want to run the application as.

Whatever user your application runs as, it must have read access to the application root, and read/write access to the application’s logs directory.

11.1.4. Finding out what user an application is running as

To find our what user an application is started as, first access its URL in your browser so that Phusion Passenger starts the application. For example:

http://www.example.local/

The application will now either successfully start or fail to start. If it fails to start then you will see an error page that tells you what user the application was being started as. If you do not see the error page in the browser then set passenger_friendly_error_pages on.

If the application successfully started, then run passenger-status to find the process’s PID:

.---------- General information -----------
Max pool size : 6
Processes     : 1
Requests in top-level queue : 0

.---------- Application groups -----------
/webapps/example.local#default:
  App root: /webapps/example.local
  Requests in queue: 0
  * PID: 16915   Sessions: 0       Processed: 1       Uptime: 2s
    CPU: 0%      Memory  : 9M      Last used: 2s ago

In the above example we see that the PID is 16915. Next, use ps to find out the user that it is running as:

# ps -o pid,user,comm -p 16915
  PID USER    COMM
16915 phusion Passenger RackApp: /webapps/example.local

As you can see, the application in this example is being run as user phusion.

11.2. Copy-on-write memory support (reducing memory consumption of Ruby applications)

Phusion Passenger automatically leverages operating system virtual memory copy-on-write features in order to reduce the memory usage of Ruby applications. Experience has shown that this reduces memory usage by 33% on average. For this mechanism to work, a Ruby interpreter with a copy-on-write friendly garbage collector is required. The following Ruby interpreters have copy-on-write friendly garbage collectors:

  • MRI Ruby >= 2.0. Versions prior to 2.0 did not have a copy-on-write friendly garbage collector.

  • Ruby Enterprise Edition, which was Phusion’s branch of MRI Ruby 1.8 with a copy-on-write friendly garbage collector and other enhancement. It has reached End-Of-Life as of 2012, but remains available for legacy systems.

11.3. Capistrano recipe

Phusion Passenger can be combined with Capistrano. The following Capistrano recipe demonstrates Phusion Passenger support. It assumes that you’re using Git as version control system.

set :application, "myapp"
set :domain,      "example.com"
set :repository,  "ssh://#{domain}/path-to-your-git-repo/#{application}.git"
set :use_sudo,    false
set :deploy_to,   "/path-to-your-web-app-directory/#{application}"
set :scm,         "git"

role :app, domain
role :web, domain
role :db,  domain, :primary => true

namespace :deploy do
  task :start, :roles => :app do
    run "touch #{current_release}/tmp/restart.txt"
  end

  task :stop, :roles => :app do
    # Do nothing.
  end

  desc "Restart Application"
  task :restart, :roles => :app do
    run "touch #{current_release}/tmp/restart.txt"
  end
end

11.4. Bundler support

Phusion Passenger has automatic support for Bundler. The support consists of loading your application under the environment defined by your Gemfile. In other words, Phusion Passenger loads your application as if bundle exec was used.

The Bundler support works as follows:

  • If you have a .bundle/environment.rb in your application root, then Phusion Passenger will require that file before loading your application.

  • Otherwise, if you have a Gemfile, then Phusion Passenger will automatically call Bundler.setup() before loading your application.

It’s possible that your application also calls Bundler.setup during loading, e.g. in config.ru or in config/boot.rb. This is the case with Rails 3, and is also the case if you modified your config/boot.rb according to the Bundler Rails 2.3 instructions. This leads to Bundler.setup being called twice, once before the application startup file is required and once during application startup. However this is harmless and doesn’t have any negative effects.

Phusion Passenger assumes that you’re using Bundler >= 0.9.5. If you don’t want Phusion Passenger to run its Bundler support code, e.g. because you need to use an older version of Bundler with an incompatible API or because you use a system other than Bundler, then you can override Phusion Passenger’s Bundler support code by creating an empty file config/setup_load_paths.rb. If this file exists then it will be required before loading the application startup file. In this file you can do whatever you need to setup Bundler or a similar system.

11.4.1. Does Phusion Passenger itself need to be added to the Gemfile?

It is never necessary to add Phusion Passenger to the application’s Gemfile. In case of Phusion Passenger Standalone, it is not necessary to execute the passenger command through bundle exec. The reason for this is because Phusion Passenger automatically loads the Gemfile environment. Most other Ruby application servers do not automatically load the Gemfile environment, which is why they must be added to the Gemfile and be executed with bundle exec.

Even when your application uses any of the Phusion Passenger APIs, you still do not need to add Phusion Passenger to the Gemfile. The only thing you need to do is to put Phusion Passenger API calls inside if blocks that check whether Phusion Passenger is active, by checking whether the PhusionPassenger namespace is defined:

if defined?(PhusionPassenger)
    ...
end

11.5. Installing multiple Ruby on Rails versions

Each Ruby on Rails applications that are going to be deployed may require a specific Ruby on Rails version. You can install a specific version with this command:

gem install rails -v X.X.X

where X.X.X is the version number of Ruby on Rails.

All of these versions will exist in parallel, and will not conflict with each other. Phusion Passenger will automatically make use of the correct version.

11.6. Making the application restart after each request

In some situations it might be desirable to restart the web application after each request, for example when developing a non-Rails application that doesn’t support code reloading, or when developing a web framework.

To achieve this, simply create the file tmp/always_restart.txt in your application’s root folder. Unlike restart.txt, Phusion Passenger does not check for this file’s timestamp: Phusion Passenger will always restart the application, as long as always_restart.txt exists.

Note If you’re just developing a Rails application then you probably don’t need this feature. If you set rails_env development in your web server configuration, then Rails will automatically reload your application code after each request. always_restart.txt is mostly useful when you’re using a web framework that doesn’t support code reloading by itself, of when you’re working on a web framework yourself.

11.7. How to fix broken images/CSS/JavaScript URIs in sub-URI deployments

Some people experience broken images and other broken static assets when they deploy their application to a sub-URI (i.e. http://mysite.com/railsapp/). The reason for this usually is that you used a static URI for your image in the views. This means your img source probably refers to something like /images/foo.jpg. The leading slash means that it’s an absolute URI: you’re telling the browser to always load http://mysite.com/images/foo.jpg no matter what. The problem is that the image is actually at http://mysite.com/railsapp/images/foo.jpg. There are two ways to fix this.

The first way (not recommended) is to change your view templates to refer to images/foo.jpg. This is a relative URI: note the lack of a leading slash). What this does is making the path relative to the current URI. The problem is that if you use restful URIs, then your images will probably break again when you add a level to the URI. For example, when you’re at http://mysite.com/railsapp the browser will look for http://mysite.com/railsapp/images/foo.jpg. But when you’re at http://mysite.com/railsapp/controller. the browser will look for http://mysite.com/railsapp/controller/images/foo.jpg. So relative URIs usually don’t work well with layout templates.

The second and highly recommended way is to always use Rails helper methods to output tags for static assets. These helper methods automatically take care of prepending the base URI that you’ve deployed the application to. For images there is image_tag, for JavaScript there is javascript_include_tag and for CSS there is stylesheet_link_tag. In the above example you would simply remove the <img> HTML tag and replace it with inline Ruby like this:

<%= image_tag("foo.jpg") %>

This will generate the proper image tag to $RAILS_ROOT/public/images/foo.jpg so that your images will always work no matter what sub-URI you’ve deployed to.

These helper methods are more valuable than you may think. For example they also append a timestamp to the URI to better facilitate HTTP caching. For more information, please refer to the Rails API docs.

11.8. Out-of-Band Work and Out-of-Band Garbage Collection

Available since Phusion Passenger 4.0.0.

At this time, this feature is only available on Ruby.

The Out-of-Band Work feature allows you to run arbitrary long-running tasks outside normal request cycles. This works by letting current requests to the process finish, then telling the process to perform the out-of-band work, then resuming passing requests to the process after said work is finished.

A specific (and perhaps primary) use case of of Out-of-Band Work is Out-of-Band Garbage Collection. The garbage collector is run outside normal request cycles so that garbage collection runs inside normal request cycles can finish a lot faster. This can potentially save tens to hundreds of milliseconds of latency in requests.

Because Out-of-Band Work is implemented at the Phusion Passenger inter-process request routing level, and not by, say, spawning a thread inside the application process, Out-of-Band Work has the following useful properties:

  • It works well even with tasks that can pause all threads. The MRI Ruby garbage collector is a stop-the-world mark-and-sweep garbage collector.

  • Phusion Passenger can spawn more processes as necessary, in order to prevent situations in which all application processes are busy performing out-of-band work. Phusion Passenger guarantees that there’s at least one process that’s ready to process requests.

  • Phusion Passenger guarantees that no more than 1 process is performing out-of-band work at the same time.

Applications can use Out-of-Band Work as follows:

  1. Ensure that passenger_max_pool_size and passenger_min_instances are both larger than 1. Out-of-band work only works if there are at least 2 application processes.

  2. Request out-of-band work by outputting the X-Passenger-Request-OOB-Work header during a request. It does not matter what the value is. At this time, it is not possible to request out-of-band work from outside requests.

  3. You can actually perform out-of-band work when you receive a :oob_work Phusion Passenger event.

Note that even though you can request out-of-band work, there’s no guarantee that Phusion Passenger will send an oob_work event in a timely manner, if at all. It is also possible that Phusion Passenger sends an oob_work event without you ever having requested one. This latter could for example happen if the OOB work is administrator-initiated. Do not make any assumptions in your code.

Here’s an example which implements out-of-band garbage collection using the Out-of-Band framework. This example code doesn’t do anything when the code is not being run in Phusion Passenger, thanks to the if block.

# Somewhere in a controller method:
# Tell Phusion Passenger we want to perform OOB work.
response.headers["X-Passenger-Request-OOB-Work"] = "true"

# Somewhere during application initialization:
if defined?(PhusionPassenger)
    PhusionPassenger.on_event(:oob_work) do
        # Phusion Passenger has told us that we're ready to perform OOB work.
        t0 = Time.now
        GC.start
        Rails.logger.info "Out-Of-Bound GC finished in #{Time.now - t0} sec"
    end
end

For your convenience, Phusion Passenger provides a Rack middleware for out-of-band garbage collection. Add the following to your config.ru. Likewise, this example code doesn’t do anything when the code is not being run in Phusion Passenger, thanks to the if block.

if defined?(PhusionPassenger)
    PhusionPassenger.require_passenger_lib 'rack/out_of_band_gc'

    # Trigger out-of-band GC every 5 requests.
    use PhusionPassenger::Rack::OutOfBandGc, 5
end

It should be noted that, although the application uses the Phusion Passenger API, it is not necessary to add Phusion Passenger to the Gemfile.

References:

11.9. Hooks

Introduced in version 4.0.28.

Phusion Passenger provides a powerful but simple hooking system, which allows you to extend many aspects of Phusion Passenger’s behavior. The hooking system works by executing commands during certain events. Event parameters are passed to the command in the form of environment variables.

You can define hooks by setting the configuration option passenger_ctl hook_<HOOK NAME> <COMMAND TO EXECUTE>;.

11.9.1. Example

The hook system is best demonstrated with a simple example. In the following example we will hook into the attached_process event. This event is called whenever Phusion Passenger has successfully spawned an application processes and added it to the process pool. We print the process’s PID and application root.

First, let’s create a script /home/phusion/attached.sh which is to be called during the hook.

#!/bin/sh
echo "Attached process $PASSENGER_PROCESS_PID for app $PASSENGER_APP_ROOT."

Then we make it executable:

chmod +x /home/phusion/attached.sh

And we define the hook in the configuration file:

passenger_ctl hook_attached_process /home/phusion/attached.sh;

Now restart the web server and access a web app hosted by Phusion Passenger. You should see our message in the web server error log:

[ 2013-12-10 16:12:21.6456 28934/0x1064cb000 Hooks.h:129 ]: Running attached_process hook script: /home/phusion/attached.sh
Attached process 28303 for app /webapps/foobar.
[ 2013-12-10 16:12:21.6580 28934/0x1064cb000 Hooks.h:161 ]: Hook script /home/phusion/attached.sh (PID 28948) exited with status 0

11.9.2. Environment

A lot of information is passed to hook scripts in the form of environment variables. They are all uppercase and begin with PASSENGER_. Some environment variables are passed to all hook scripts, others are passed depending on the hook.

Here are some of the environment variables which are passed to all hooks, unless documented otherwise:

  • PASSENGER_VERSION

  • PASSENGER_PASSENGER_ROOT

  • PASSENGER_SERVER_INSTANCE_DIR

  • PASSENGER_GENERATION_PATH

11.9.3. Blocking and concurrency

All hooks block in the background. That is, while your hook command is running, Phusion Passenger can still handle web requests, but the background thread which is running your hook will be blocked and won’t be able to perform any further operations. For example, if you wrote a hook script for the attached_process event, then Phusion Passenger won’t be able to attach further processes until your hook script finishes. You should therefore be careful when writing hook scripts.

If you have a bug in your script and it blocks, then you will be able to see that using the command passenger-status --show=backtraces which prints the backtraces of all threads in the Phusion Passenger HelperAgent. Look for the runSingleHookScript function in the backtrace. The following example shows at line 2 that Phusion Passenger is waiting for the hook script /home/phusion/badscript.sh.

Thread 'Group process spawner: /home/phusion/webapp.test#default' (0x1062d4000):
     in 'bool Passenger::runSingleHookScript(Passenger::HookScriptOptions &, const string &, const vector<pair<string, string> > &)' (Hooks.h:116) -- /home/phusion/badscript.sh
     in 'bool Passenger::runHookScripts(Passenger::HookScriptOptions &)' (Hooks.h:159)
     in 'void Passenger::ApplicationPool2::Group::spawnThreadRealMain(const SpawnerPtr &, const Passenger::ApplicationPool2::Options &, unsigned int)' (Implementation.cpp:878)

Hooks may be called concurrently, because Phusion Passenger sometimes uses multiple background threads. For example, while the attached_process hook is being called, a detached_process hook may be called, perhaps even for the same application. It is your responsibility to ensure that your hook scripts are concurrency-safe, e.g. by employing locks and other concurrency control techniques.

11.9.4. Error handling

If a hook script fails — that is, if it exits with anything other than exit code 0 — then the error handling depends on the hook. Some hooks will abort, other hooks will ignore the error. In all cases, the result of the hook script is printed to the log.

11.9.5. Compatibility

Because hooks are inherently tied to the implementation of Phusion Passenger, there is no guarantee that hooks that currently work will continue to be available in the future versions of Phusion Passenger. The availability of hooks is very much tied to the specific version of Phusion Passenger.

11.9.6. Available hooks

before_watchdog_initialization

Called at the very beginning of Phusion Passenger’s life cycle, during the start of the Watchdog process. The first hook is called before initialization is performed (before the HelperAgent is started). Errors in the hook script cause Phusion Passenger to abort.

after_watchdog_initialization

Like before_watchdog_initialization, but called after initialization of all Phusion Passenger agent processes. Errors in the hook script cause Phusion Passenger to abort.

attached_process

Called when Phusion Passenger has successfully spawned an application processes and added it to the process pool. Extra environment variables: PASSENGER_PROCESS_PID, PASSENGER_APP_ROOT. Errors in the hook script are ignored.

detached_process

Called when Phusion Passenger has removed an application process from the process pool. This could happen when:

  • The process has crashed, and Phusion Passenger noticed it.

  • Phusion Passenger has shut down a process because it’s been idle for too long.

  • The administrator configured different resource limits, and Phusion Passenger is starting or shutting down processes in response.

  • Phusion Passenger itself is shutting down.

Extra environment variables: PASSENGER_PROCESS_PID, PASSENGER_APP_ROOT. Errors in the hook script are ignored.

after_initialize_supergroup

Called right after Phusion Passenger has allocated data structures for an application, and is about to spawn a process for the first time for this application. Errors in the hook script are ignored. Extra environment variables: PASSENGER_APP_ROOT.

before_destroy_supergroup

Called right before Phusion Passenger decallocates data structures for an application. Errors in the hook script are ignored.

Note that the after_initialize_supergroup hook may be called while this hook is still being executed, so make sure that operations don’t conflict with each other.

Extra environment variables: PASSENGER_APP_ROOT.

11.10. Flying Passenger

This feature is only available in Phusion Passenger Enterprise. It was introduced in version 4.0.6. Buy Phusion Passenger Enterprise here.

Flying Passenger allows one to decouple Phusion Passenger’s life time from the web server’s life time, so that the web server can be independently restarted from Phusion Passenger, and from any of the application processes served by Phusion Passenger.

Normally, Phusion Passenger starts together with the web server, and shuts down together with the web server. The advantages of this default behavior is that it makes Phusion Passenger easy to administer: one only has to deal with the web server process and can expect all relevant processes to be cleaned up after a web server shut down. However this also brings about a disadvantage: every time one restarts the web server (e.g. to make a minor configuration change), Phusion Passenger and all its application processes also get restarted.

This problem is solved by Flying Passenger, which is an advanced mode of operation in Phusion Passenger that allows the web server to be indepedently restarted from Phusion Passenger. When this mode is enabled:

  • One must start Phusion Passenger separately from the web server, namely by starting the Flying Passenger daemon. This daemon must - to an extent - be separately configured and managed from the web server.

  • The web server must be configured to forward requests to the Flying Passenger daemon.

  • You should beware of the caveats and limitations.

11.10.1. Requirements

At this time, this feature is only available in the Enterprise version of Phusion Passenger for Nginx. You must have Phusion Passenger for Nginx properly installed.

11.10.2. Basic usage

Start the Flying Passenger daemon by invoking the flying-passenger command. The only required option is --socket-file. Depending on whether you wish to enable User Switching, you have to start flying-passenger with root privileges or not.

$ sudo flying-passenger --socket-file=/var/run/flying-passenger.sock
I, [2013-06-14T09:10:13.095339 #77179]  INFO -- : Welcome to Flying Passenger 4.1.0
I, [2013-06-14T09:10:13.095339 #77179]  INFO -- : Starting PassengerWatchdog...
I, [2013-06-14T09:10:13.097036 #77179]  INFO -- : PassengerWatchdog started on PID 77181
...
I, [2013-06-14T09:10:13.129017 #77179]  INFO -- : PassengerWatchdog initialized properly
I, [2013-06-14T09:10:13.129127 #77179]  INFO -- : Flying Passenger up and listening on /var/run/flying-passenger.sock!

Now configure Phusion Passenger for Nginx to make use of the Flying Passenger daemon, by setting the passenger_fly_with option to the socket filename:

http {
    ...
    passenger_fly_with /var/run/flying-passenger.sock;
    ...
}

After (re)starting Nginx, Nginx + Flying Passenger is fully operational:

$ sudo /path-to/nginx

You can test it by adding a virtual host for a web app:

http {
    ...

    server {
        listen 80;
        server_name www.foo.local;
        root /webapps/foo/public;
        passenger_enabled on;
    }
}

Verify that it works by making an HTTP request to it:

$ curl http://www.foo.local/

Now let’s verify that restarting the web server does not restart the just-spawned application process. Run passenger-status to obtain the PID of the application process:

$ sudo passenger-status
Version: 4.1.0
Date   : 2013-06-14 09:21:51 -0400
.---------- General information -----------
Max pool size : 6
Processes     : 1
Requests in top-level queue : 0

.---------- Application groups -----------
/webapps/foo#default:
  App root: /webapps/foo
  Requests in queue: 0
  * PID: 77283   Sessions: 0       Processed: 1       Uptime: 2s
    CPU: 1%      Memory  : 8M      Last used: 2s ago

As you can see, the PID of the application process is 77283. Now let’s see what happens if we restart Nginx:

$ sudo /path-to/nginx -s stop
$ sudo /path-to/nginx
$ sudo passenger-status

The application process should remain there, unchanged:

$ sudo passenger-status
Version: 4.1.0
Date   : 2013-06-14 09:21:51 -0400
.---------- General information -----------
Max pool size : 6
Processes     : 1
Requests in top-level queue : 0

.---------- Application groups -----------
/webapps/foo#default:
  App root: /webapps/foo
  Requests in queue: 0
  * PID: 77283   Sessions: 0       Processed: 1       Uptime: 18s
    CPU: 1%      Memory  : 8M      Last used: 18s ago

11.10.3. Configuring Flying Passenger

Flying Passenger gets some configuration from the web server, but not all. In particular, most web server directives that are only valid in the http context, e.g. passenger_log_level, have no effect when using Flying Passenger. Instead, you are supposed to pass these configuration directives through command line options to the Flying Passenger daemon. Configuration directives that have no effect on Flying Passenger are documented as such. You can assume that configuration directives that are not documented as such, work fine on Flying Passenger.

For example, to achieve the same effect as setting passenger_log_level to 2, run the Flying Passenger daemon as follows:

$ sudo flying-passenger --socket-file=/var/run/flying-passenger.sock --log-level=2

Currently, not all configuration directives have a Flying Passenger equivalent. Run the following command to see an overview of available options:

$ flying-passenger --help

11.10.4. Managing the Flying Passenger daemon

The Flying Passenger daemon runs in the foreground by default. This is undesirable on server environments. You can make it go into the background by passing --daemonize, --log-file and --pid-file:

$ sudo flying-passenger --socket-file=/var/run/flying-passenger.sock \
    --daemonize --log-file=/var/log/flying-passenger.log \
    --pid-file=/var/run/flying-passenger.pid

You can shut down a Flying Passenger daemon by sending SIGINT or SIGTERM to it:

$ kill `cat /var/run/flying-passenger.pid`

We recommend using daemontools or runit for managing the Flying Passenger daemon. These tools will allow automatically starting the Flying Passenger daemon at boot, and will automatically restart the daemon if it crashes. You can create and enable a daemontools/runit service as folows:

$ sudo mkdir /etc/service/flying-passenger
$ sudo nano /etc/service/flying-passenger/run
#!/bin/sh
exec /path-to/flying-passenger \
    --socket-file=/var/run/flying-passenger.sock \
    --log-file=/var/log/flying-passenger.log \
    --pid-file=/var/run/flying-passenger.pid

Immediately after creating the run file, daemontools/runit automatically runs it to start the daemon. Note that the location (/etc/service) depends on the OS or Linux distros. Sometimes it’s /service. Also note that we start the Flying Passenger daemon without --daemonize.

To shut down a daemontools/runit-managed daemon, you need to use svc -d /etc/service/flying-passenger (daemontools) or sv stop /etc/service/flying-passenger (runit) instead of sending a signal to the process.

11.10.5. Using Flying Passenger with MRI 1.8 or JRuby

Using Flying Passenger in combination with MRI Ruby 1.8 or with JRuby requires special attention. This is because the Flying Passenger daemon is written in Ruby, and requires proper Process.spawn support, which neither MRI 1.8 nor JRuby support.

It is however possible to use Flying Passenger with MRI Ruby 1.8 and JRuby. You can’t run the Flying Passenger daemon in MRI 1.8 or JRuby, but you can still run the web applications - hosted under Flying Passenger - in MRI 1.8 or JRuby.

First, edit your Nginx configuration file and specify a Ruby interpreter for your web applications. For example:

# Connect to the Flying Passenger daemon on the following socket
passenger_fly_with /var/run/flying-passenger.sock;
...

server {
    listen 80;
    server_name www.foo.com;
    root /webapps/foo/public;
    passenger_enabled on;
    # Use JRuby for this web application
    passenger_ruby /opt/jruby/bin/jruby;
}

Then you need to install a Ruby 1.9-compatible Ruby interpeter with POSIX spawn support, alongside JRuby/MRI 1.8. Ruby interpreters which can be used for running the Flying Passenger daemon include:

  • MRI Ruby >= 1.9.

  • Rubinius.

The following example demonstrates how you can install MRI Ruby 1.9 in parallel with your MRI Ruby 1.8 or JRuby installation.

Example for Debian/Ubuntu users:

# Install Ruby 1.9
sudo apt-get install ruby1.9.3
# Run the Flying Passenger daemon in Ruby 1.9
ruby1.9 -S flying-passenger --socket-file=/var/run/flying-passenger.sock

Example for RVM users:

# Install Ruby 1.9
rvm install 1.9.3
# Run the Flying Passenger daemon in Ruby 1.9
$ rvm-exec 1.9.3 ruby -S flying-passenger --socket-file=/var/run/flying-passenger.sock

The Flying Passenger daemon will now be run on Ruby 1.9, while the web application www.foo.com will be run on JRuby.

11.10.6. Caveats and limitations

Beware of the following caveats and limitations when using Flying Passenger:

  • The Nginx executable must be compiled with the same version of Phusion Passenger as the Flying Passenger daemon. Failing to meet this requirement may result in cryptic errors, or may result in certain features not working, until you’ve fixed the situation. When upgrading Phusion Passenger, you must restart both Nginx and the Flying Passenger daemon.

  • The passenger_root directive has no effect. When using Flying Passenger, you are not supposed to set passenger_root.

  • The Flying Passenger daemon is written in Ruby. It requires a Ruby interpreter with proper Process#spawn support. At the time of writing, all Ruby interpreters in existance satisfy this requirement, except for MRI Ruby 1.8 and JRuby. See Using Flying Passenger with MRI 1.8 or JRuby for more information.

  • When you add a new application to the web server configuration, Flying Passenger will automatically pick up the application’s settings and spawn this new application upon the first request to it. However it is not capable of automatically starting the new app before a request has been sent to it (i.e. passenger_pre_start-like behavior is not available in this case). As a workaround, you can send an HTTP request to your application after starting the daemon, which forces it to spawn application processes.

  • When you remove an application from the web server configuration, Flying Passenger will not detect the removal and will not shut down the associated application processes. Killing the application processes will also not help, because Flying Passenger will restart them per the (now-removed, but still in the Flying Passenger daemon’s memory) passenger_min_instances settings. At the moment, there are two ways to get rid of those processes:

    • Before removing the application from the web server configuration, explicitly set its passenger_min_instances to 0. Next, send a request to it, which will cause the Flying Passenger daemon to take over the new passenger_min_instances 0 option. You can then proceed with removing the application from the web server configuration, and restarting the web server. Finally, kill the PIDs associated to those application processes and remove the application configuration.

    • Restart the Flying Passenger daemon.

12. Under the hood

Phusion Passenger hides a lot of complexity for the end user (i.e. the web server system administrator), but sometimes it is desirable to know what is going on. This section describes a few things that Phusion Passenger does under the hood.

12.1. Page caching support

For each HTTP request, Phusion Passenger will automatically look for a corresponding page cache file, and serve that if it exists. It does this by appending ".html" to the filename that the URI normally maps to, and checking whether that file exists. This check occurs after checking whether the original mapped filename exists (as part of static asset serving). All this is done without the need for special mod_rewrite rules.

For example, suppose that the browser requests /foo/bar.

  1. Phusion Passenger will first check whether this URI maps to a static file, i.e. whether the file foo/bar exists in the web application’s public directory. If it does then Phusion Passenger will serve this file through the web server immediately.

  2. If that doesn’t exist, then Phusion Passenger will check whether the file foo/bar.html exists. If it does then Phusion Passenger will serve this file through the web server immediately.

  3. If foo/bar.html doesn’t exist either, then Phusion Passenger will forward the request to the underlying web application.

Note that Phusion Passenger’s page caching support doesn’t work if your web application uses a non-standard page cache directory, i.e. if it doesn’t cache to the public directory. In that case you’ll need to use mod_rewrite to serve such page cache files.

12.2. Phusion Passenger and its relationship with Ruby

12.2.1. How Ruby is used

Phusion Passenger’s core is written in C++ for performance and memory efficiency. It supports web applications written in any language. Phusion Passenger requires Ruby, its usage of Ruby is minimal in order to maximize performance and to minimize memory usage.

  • Phusion Passenger’s installer, build system and administration tools are written in Ruby.

  • Certain internally used tools, such as the crash handler (which generates a backtrace in case Phusion Passenger crash) and the prespawn script (used to implement passenger_pre_start) are written in Ruby as well.

  • Ruby web application support is implemented in Ruby.

  • If you use Flying Passenger, then the Flying Passenger daemon is written in Ruby. The daemon is a small (less than 500 lines of code) and offloads most tasks to the C++ core.

  • If you use Phusion Passenger Standalone, then the frontend (the passenger command) is written in Ruby. The frontend is small (less than 1500 lines of code) and offloads most tasks to the C++ core.

Other than the aforementioned aspects, Phusion Passenger does not use Ruby during normal operation. For example, if you run Python WSGI web applications on Phusion Passenger, then there will be (almost) no Ruby code running on the system.

12.2.2. When the system has multiple Ruby interpreters

Phusion Passenger may be installed with any Ruby interpreter. Once installed, you can run Phusion Passenger’s Ruby parts under any Ruby interpreter you want, even if that Ruby interpreter was not the one you originally installed Phusion Passenger with.

The reason for this is that Phusion Passenger does not dynamically link to Ruby: Phusion Passenger uses Ruby entirely out-of-process. Thus you can switch to any Ruby interpreter you want during runtime, without recompiling Phusion Passenger, and without worrying about what Ruby you used to install Phusion Passenger.

Phusion Passenger is also capable of running Ruby web applications under any Ruby interpreter you want. So it is not important which Ruby you use to install Phusion Passenger: it will work regardless. Please refer to the documentation for the passenger_ruby directive to learn how run different web applications under different Ruby interpreters.

Caveat: RVM and RVM gemsets

There is however one caveat if you happen to be using RVM or RVM gemsets. When you gem install Phusion Passenger using RVM, then RVM will install Phusion Passenger into the currently active RVM Ruby and gemset. This means that Phusion Passenger commands - such as passenger, passenger-install-xxx-module and passenger-status - are available in that same RVM Ruby and gemset only. When you switch Ruby interpreter, or when you switch gemset, the Phusion Passenger commands will no longer be available, and you will get a command not found error. Here’s an example which demonstrates the problem.

"Command not found" problem demonstration
## Install Phusion Passenger (open source edition) using Ruby 1.9.3
## and the 'business' gemset
$ rvm use 1.9.3
Using /home/phusion/.rvm/gems/ruby-1.9.3-p429
$ rvm gemset create business
$ rvm gemset use business
Using ruby-1.9.3-p429 with gemset business
$ curl -O https://s3.amazonaws.com/phusion-passenger/releases/gem_bootstrap.sh
$ eval "`sh gem_bootstrap.sh`"
$ gem install passenger

## Verify that passenger works
$ passenger --version
Phusion Passenger version 4.0.14

## Switch to a different RVM gemset. You will get a `command not found`
$ rvm gemset use default
Using ruby-1.9.3-p429 with gemset default
$ passenger --version
bash: passenger: command not found

## Switch to a different Ruby interpreter. You will also get
## a `command not found`
$ rvm use 2.0.0
Using /home/phusion/.rvm/gems/ruby-2.0.0-p195
$ passenger --version
bash: passenger: command not found

## Switch back to the Ruby and gemset that you installed Phusion
## Passenger with, and verify that it works again
$ rvm use 1.9.3
Using /home/phusion/.rvm/gems/ruby-2.0.0-p195
$ rvm gemset use business
Using ruby-1.9.3-p429 with gemset business
$ passenger --version
Phusion Passenger version 4.0.14
Solutions

There are several ways to solve this problem:

  1. Permanently add Phusion Passenger’s command directory to your PATH, so that your shell can always find them even when you switch RVM Ruby or gemset. If you don’t know what PATH means, please read About environment variables first.

    The drawback is that you have to redo this every time you upgrade Phusion Passenger, because the Phusion Passenger directory filename is dependent on the version number.

    First, identify the location of the Phusion Passenger command directory, like this:

    $ echo `passenger-config --root`/bin
    /home/phusion/.rvm/gems/ruby-1.9.3-p429/gems/passenger-4.0.15/bin

    Next, add the directory that you’ve found to your current shell’s PATH:

    $ export PATH=/home/phusion/.rvm/gems/ruby-1.9.3-p429/gems/passenger-4.0.15/bin:$PATH

    Finally, make the change permanent by appending the above command to your bash startup file:

    $ echo 'export PATH=/home/phusion/.rvm/gems/ruby-1.9.3-p429/gems/passenger-4.0.15/bin:$PATH' >> ~/.bashrc
  2. Switch back to the RVM Ruby and gemset that you installed Phusion Passenger with, before running any Phusion Passenger command.

  3. Prepend any Phusion Passenger command with rvm-exec RUBY_NAME@GEMSET_NAME ruby -S. If the relevant Phusion Passenger command also needs root privileges, then prepend rvmsudo before that. For example:

    rvm-exec 1.9.3@business ruby -S passenger --version
    rvmsudo rvm-exec 1.9.3@business ruby -S passenger-install-apache2-module

12.3. How Phusion Passenger detects whether a virtual host is a web application

After you’ve read the deployment instructions you might wonder how Phusion Passenger knows that the server root points to a web application that Phusion Passenger is able to serve, and how it knows what kind of web application it is (e.g. Rails or Rack).

Phusion Passenger checks whether the virtual host is a Rails application by checking whether the following file exists:

dirname(DocumentRoot) + "/config/environment.rb"

If you’re not a programmer and don’t understand the above pseudo-code snippet, it means that Phusion Passenger will:

  1. Extract the parent directory filename from the value of the “root” directive.

  2. Append the text "/config/environment.rb" to the result, and check whether the resulting filename exists.

So suppose that your server root is /webapps/foo/public. Phusion Passenger will check whether the file /webapps/foo/config/environment.rb exists.

Note that Phusion Passenger for Nginx does not resolve any symlinks in the root path. So for example, suppose that your root points to /home/www/example.com, which in turn is a symlink to /webapps/example.com/public. Phusion Passenger for Nginx will check for /home/www/config/environment.rb, not /webapps/example.com/config/environment.rb. This file of course doesn’t exist, and as a result Phusion Passenger will not activate itself for this virtual host, and you’ll most likely see some output generated by the Nginx default directory handler such as a Forbidden error message.

Detection of Rack applications happens through the same mechanism, exception that Phusion Passenger will look for config.ru instead of config/environment.rb.

13. Appendix A: About this document

The text of this document is licensed under the Creative Commons Attribution-Share Alike 3.0 Unported License.

Phusion Passenger is brought to you by Phusion.

Phusion Passenger is a trademark of Hongli Lai & Ninh Bui.

14. Appendix B: Terminology

14.1. Application root

The root directory of an application that’s served by Phusion Passenger.

In case of Ruby on Rails applications, this is the directory that contains Rakefile, app/, config/, public/, etc. In other words, the directory pointed to by RAILS_ROOT. For example, take the following directory structure:

/apps/foo/       <------ This is the Rails application's application root!
   |
   +- app/
   |   |
   |   +- controllers/
   |   |
   |   +- models/
   |   |
   |   +- views/
   |
   +- config/
   |   |
   |   +- environment.rb
   |   |
   |   +- ...
   |
   +- public/
   |   |
   |   +- ...
   |
   +- ...

In case of Rack applications, this is the directory that contains config.ru. For example, take the following directory structure:

/apps/bar/      <----- This is the Rack application's application root!
   |
   +- public/
   |    |
   |    +- ...
   |
   +- config.ru
   |
   +- ...

In case of Python (WSGI) applications, this is the directory that contains passenger_wsgi.py. For example, take the following directory structure:

/apps/baz/      <----- This is the WSGI application's application root!
   |
   +- public/
   |    |
   |    +- ...
   |
   +- passenger_wsgi.py
   |
   +- ...

14.2. Idle process

An "idle process" refers to a process that hasn’t processed any requests for a while.

14.3. Inactive process

An "inactive process" refers to a process that’s current not processing any requests. An idle process is always inactive, but an inactive process is not always considered idle.

15. Appendix C: Spawning methods explained

At its core, Phusion Passenger is an HTTP proxy and process manager. It spawns Ruby on Rails/Rack/WSGI worker processes (which may also be referred to as backend processes), and forwards incoming HTTP request to one of the worker processes.

While this may sound simple, there’s not just one way to spawn worker processes. Let’s go over the different spawning methods. For simplicity’s sake, let’s assume that we’re only talking about Ruby on Rails applications.

15.1. The most straightforward and traditional way: direct spawning

Phusion Passenger could create a new Ruby process, which will then load the Rails application along with the entire Rails framework. This process will then enter an request handling main loop.

This is the most straightforward way to spawn worker processes. If you’re familiar with the Mongrel application server, then this approach is exactly what mongrel_cluster performs: it creates N worker processes, each which loads a full copy of the Rails application and the Rails framework in memory. The Thin application server employs pretty much the same approach.

Note that Phusion Passenger’s version of direct spawning differs slightly from mongrel_cluster. Mongrel_cluster creates entirely new Ruby processes. In programmers jargon, mongrel_cluster creates new Ruby processes by forking the current process and exec()-ing a new Ruby interpreter. Phusion Passenger on the other hand creates processes that reuse the already loaded Ruby interpreter. In programmers jargon, Phusion Passenger calls fork(), but not exec().

15.2. The smart spawning method

Note Smart spawning is supported for all Ruby applications but not for WSGI applications.

While direct spawning works well, it’s not as efficient as it could be because each worker process has its own private copy of the Rails application as well as the Rails framework. This wastes memory as well as startup time.

Worker processes and direct spawning
Figure: Worker processes and direct spawning. Each worker process has its own private copy of the application code and Rails framework code.

It is possible to make the different worker processes share the memory occupied by application and Rails framework code, by utilizing so-called copy-on-write semantics of the virtual memory system on modern operating systems. As a side effect, the startup time is also reduced. This is technique is exploited by Phusion Passenger’s smart spawn method.

15.2.1. How it works

When the smart spawn method is being used, Phusion Passenger will first create a so-called ApplicationSpawner server process. This process loads the entire Rails application along with the Rails framework, by loading environment.rb. Then, whenever Phusion Passenger needs a new worker process, it will instruct the ApplicationSpawner server to do so. The ApplicationSpawner server will create a worker new process that reuses the already loaded Rails application/framework. Creating a worker process through an already running ApplicationSpawner server is very fast, about 10 times faster than loading the Rails application/framework from scratch. If the Ruby interpreter is copy-on-write friendly (that is, if you’re running Ruby Enterprise Edition) then all created worker processes will share as much common memory as possible. That is, they will all share the same application and Rails framework code.

images/smart.png
Figure: Worker processes and the smart spawn method. All worker processes, as well as the ApplicationSpawner, share the same application code and Rails framework code.

The smart method allows different worker processes that belong to the same application to share memory.

Notes:

  • Vendored Rails frameworks cannot be shared by different applications, even if both vendored Rails frameworks are the same version. So for efficiency reasons we don’t recommend vendoring Rails.

  • ApplicationSpawner servers have an idle timeout just like worker processes. If an ApplicationSpawner/FrameworkSpawner server hasn’t been instructed to do anything for a while, it will be shutdown in order to conserve memory. This idle timeout is configurable.

15.2.2. Summary of benefits

Suppose that Phusion Passenger needs a new worker process for an application that uses Rails 2.2.1.

If the smart spawning method is used, and an ApplicationSpawner server for this application is already running, then worker process creation time is about 10 times faster than direct spawning. This worker process will also share application and Rails framework code memory with the ApplicationSpawner server and the worker processes that had been spawned by this ApplicationSpawner server.

In practice, the smart spawning method could mean a memory saving of about 33%, assuming that your Ruby interpreter is copy-on-write friendly.

Of course, smart spawning is not without gotchas. But if you understand the gotchas you can easily reap the benefits of smart spawning.

15.3. Smart spawning gotcha #1: unintentional file descriptor sharing

Because worker processes are created by forking from an ApplicationSpawner server, it will share all file descriptors that are opened by the ApplicationSpawner server. (This is part of the semantics of the Unix fork() system call. You might want to Google it if you’re not familiar with it.) A file descriptor is a handle which can be an opened file, an opened socket connection, a pipe, etc. If different worker processes write to such a file descriptor at the same time, then their write calls will be interleaved, which may potentially cause problems.

The problem commonly involves socket connections that are unintentionally being shared. You can fix it by closing and reestablishing the connection when Phusion Passenger is creating a new worker process. Phusion Passenger provides the API call PhusionPassenger.on_event(:starting_worker_process) to do so. So you could insert the following code in your environment.rb:

if defined?(PhusionPassenger)
    PhusionPassenger.on_event(:starting_worker_process) do |forked|
        if forked
            # We're in smart spawning mode.
            ... code to reestablish socket connections here ...
        else
            # We're in direct spawning mode. We don't need to do anything.
        end
    end
end

Note that Phusion Passenger automatically reestablishes the connection to the database upon creating a new worker process, which is why you normally do not encounter any database issues when using smart spawning mode.

15.3.1. Example 1: Memcached connection sharing (harmful)

Suppose we have a Rails application that connects to a Memcached server in environment.rb. This causes the ApplicationSpawner to have a socket connection (file descriptor) to the Memcached server, as shown in the following figure:

+--------------------+
| ApplicationSpawner |-----------[Memcached server]
+--------------------+

Phusion Passenger then proceeds with creating a new Rails worker process, which is to process incoming HTTP requests. The result will look like this:

+--------------------+
| ApplicationSpawner |------+----[Memcached server]
+--------------------+      |
                            |
+--------------------+      |
| Worker process 1   |-----/
+--------------------+

Since a fork() makes a (virtual) complete copy of a process, all its file descriptors will be copied as well. What we see here is that ApplicationSpawner and Worker process 1 both share the same connection to Memcached.

Now supposed that your site gets Slashdotted and Phusion Passenger needs to spawn another worker process. It does so by forking ApplicationSpawner. The result is now as follows:

+--------------------+
| ApplicationSpawner |------+----[Memcached server]
+--------------------+      |
                            |
+--------------------+      |
| Worker process 1   |-----/|
+--------------------+      |
                            |
+--------------------+      |
| Worker process 2   |-----/
+--------------------+

As you can see, Worker process 1 and Worker process 2 have the same Memcached connection.

Suppose that users Joe and Jane visit your website at the same time. Joe’s request is handled by Worker process 1, and Jane’s request is handled by Worker process 2. Both worker processes want to fetch something from Memcached. Suppose that in order to do that, both handlers need to send a "FETCH" command to Memcached.

But suppose that, after worker process 1 having only sent "FE", a context switch occurs, and worker process 2 starts sending a "FETCH" command to Memcached as well. If worker process 2 succeeds in sending only one bye, F, then Memcached will receive a command which begins with "FEF", a command that it does not recognize. In other words: the data from both handlers get interleaved. And thus Memcached is forced to handle this as an error.

This problem can be solved by reestablishing the connection to Memcached after forking:

+--------------------+
| ApplicationSpawner |------+----[Memcached server]
+--------------------+      |                   |
                            |                   |
+--------------------+      |                   |
| Worker process 1   |-----/|                   |
+--------------------+      |                   |  <--- created this
                            X                   |       new
                                                |       connection
                            X <-- closed this   |
+--------------------+      |     old           |
| Worker process 2   |-----/      connection    |
+--------------------+                          |
          |                                     |
          +-------------------------------------+

Worker process 2 now has its own, separate communication channel with Memcached. The code in environment.rb looks like this:

if defined?(PhusionPassenger)
    PhusionPassenger.on_event(:starting_worker_process) do |forked|
        if forked
            # We're in smart spawning mode.
            reestablish_connection_to_memcached
        else
            # We're in direct spawning mode. We don't need to do anything.
        end
    end
end

15.3.2. Example 2: Log file sharing (not harmful)

There are also cases in which unintentional file descriptor sharing is not harmful. One such case is log file file descriptor sharing. Even if two processes write to the log file at the same time, the worst thing that can happen is that the data in the log file is interleaved.

To guarantee that the data written to the log file is never interleaved, you must synchronize write access via an inter-process synchronization mechanism, such as file locks. Reopening the log file, like you would have done in the Memcached example, doesn’t help.

15.4. Smart spawning gotcha #2: the need to revive threads

Another part of the fork() system call’s semantics is the fact that threads disappear after a fork call. So if you’ve created any threads in environment.rb, then those threads will no longer be running in newly created worker process. You need to revive them when a new worker process is created. Use the :starting_worker_process event that Phusion Passenger provides, like this:

if defined?(PhusionPassenger)
    PhusionPassenger.on_event(:starting_worker_process) do |forked|
        if forked
            # We're in smart spawning mode.
            ... code to revive threads here ...
        else
            # We're in direct spawning mode. We don't need to do anything.
        end
    end
end

15.5. Smart spawning gotcha #3: code load order

This gotcha is only applicable to the smart spawn method, not the smart-lv2 spawn method.

If your application expects the Rails framework to be not loaded during the beginning of environment.rb, then it can cause problems when an ApplicationSpawner is created from a FrameworkSpawner, which already has the Rails framework loaded. The most common case is when applications try to patch Rails by dropping a modified file that has the same name as Rails’s own file, in a path that comes earlier in the Ruby search path.

For example, suppose that we have an application which has a patched version of active_record/base.rb located in RAILS_ROOT/lib/patches, and RAILS_ROOT/lib/patches comes first in the Ruby load path. When conservative spawning is used, the patched version of base.rb is properly loaded. When smart (not smart-lv2) spawning is used, the original base.rb is used because it was already loaded, so a subsequent require "active_record/base" has no effect.

16. Appendix D: About environment variables

The Phusion Passenger compilation process can be customized with environment variables.

Environment variables are named values that affect how the system works. For example they tell the system where to look for commands (the PATH variable) or where to look for libraries (LD_LIBRARY_PATH). Their names are often in all-uppercase. Sometimes people refer to an environment variable with a dollar sign $ in front, but that’s the same thing: when people say "the $PATH environment variable" they mean "the PATH environment variable". This is because the dollar sign $ is a shell syntax for refering to an environment variable, as you will learn later.

Environment variables are set on a per-process basis, but they are inherited by child processes. This means that if you set environment variables in process A, another already running process B will not see these new environment variables. But if A spawns a child process C, then C will have all environment variables that A had. If you once again change the environment variables in A, then C will not see the changes.

The per-process nature of environment variables some implications. When you set environment variables in your bashrc or other bash startup files…

  • …only newly spawned bash shells see them.

  • …the web server usually does not see them, because the web server tends to be started from init scripts, not from bash.

  • …cron jobs do not see them, because cron jobs' environment variables are entirely dictated by their crontabs.

Note Because this chapter is meant for beginners, it assumes that the reader uses the bash shell. This chapter does not describe instructions for zsh, csh or other shells. We assume that users of other shells are familiar with the Bourne shell syntax, and know how to apply the instructions in this chapter in their shells' native syntaxes.

16.1. Working with environment variables

You can see all environment variables in your shell by running the following command:

env

You can set an evironment variable with the syntax export <NAME>=<VALUE>. For example, to set the APXS2 variable to the value /usr/sbin/apxs2:

export APXS2=/usr/sbin/apxs2

Any process that you run from your shell from that point on will have said environment variable:

export APXS2=/usr/sbin/apxs2
ruby -e 'p ENV["APXS2"]'
# => "/usr/sbin/apxs2"
Note
The "export" keyword is important

You must set the export keyword. If you omit the export keyword then the environment variable will not be visible to other processes:

APXS2=/usr/sbin/apxs2
ruby -e 'p ENV["APXS2"]'
# => nil

You can reference an environment variable in your shell by typing the $ sign followed by the environment variable’s name. For example, to see the value of the PATH variable:

echo $PATH

You can also use this trick to extend the value of an environment variable:

export PATH=/usr/bin

# Prepends '/opt/local/bin', so that it becomes /opt/local/bin:/usr/bin
export PATH=/opt/local/bin:$PATH
# Appends '/usr/local/bin', so that it becomes /opt/local/bin:/usr/bin:/usr/local/bin
export PATH=$PATH:/usr/local/bin

16.2. The PATH environment variable

The PATH environment variable dictates where the system looks for command. It is a colon-separated list of directories. If you get a "command not found" error while you know that the command is installed, then setting PATH will help. For example suppose that the command frobnicator is in /opt/local/bin:

user@localhost bash$ frobnicator
bash: frobnicator: command not found

We verify that /opt/local/bin is not in PATH:

user@localhost bash$ echo $PATH
/bin:/usr/bin:/usr/local/bin

We can run frobnicator through it’s full path…

user@localhost bash$ /opt/local/bin/frobnicator
# => success!

…or we can add /opt/local/bin to PATH.

user@localhost bash$ export PATH=$PATH:/opt/local/bin
user@localhost bash$ frobnicator
# => success!

16.2.1. Adding Phusion Passenger’s administration tools to PATH

If you get a "command not found" error when invoking one of the Phusion Passenger administration tools (e.g. passenger-status or passenger-memory-stats then that means the tools are not in PATH, so you need to add them.

  • If you installed Phusion Passenger with RubyGems, then the tools are in your RubyGems executable path. You can view the gem path using the command gem env:

    $ gem env
    RubyGems Environment:
      - RUBYGEMS VERSION: 1.8.15
      - RUBY VERSION: 1.8.7 (2011-12-28 patchlevel 357) [i686-darwin10.8.0]
      - INSTALLATION DIRECTORY: /opt/ruby-enterprise-1.8.7-2010.01/lib/ruby/gems/1.8
      - RUBY EXECUTABLE: /opt/ruby-enterprise-1.8.7-2010.01/bin/ruby
      - EXECUTABLE DIRECTORY: /opt/ruby-enterprise-1.8.7-2010.01/bin    <--------- !!
      - RUBYGEMS PLATFORMS:
        - ruby
        - x86-darwin-10
      - GEM PATHS:
         - /opt/ruby-enterprise-1.8.7-2010.01/lib/ruby/gems/1.8
         - /Users/hongli/.gem/ruby/1.8
      - GEM CONFIGURATION:
         - :update_sources => true
         - :verbose => true
         - :benchmark => false
         - :backtrace => false
         - :bulk_threshold => 1000
         - "gem" => "--no-ri --no-rdoc"
      - REMOTE SOURCES:
         - http://rubygems.org/

    As you can see, the RubyGems executable path in the example happens to be /opt/ruby-enterprise-1.8.7-2010.01/bin. So that directory must be added to PATH.

  • If you installed Phusion Passenger using the tarball, then the tools are in the bin subdirectory of the Phusion Passenger tarball directory that you extracted. For example, if you extracted passenger-4.9.0.tar.gz inside /opt, then the tools are located in /opt/passenger-4.0.9/bin. In that case, you need to add /opt/passenger-4.0.9/bin to your PATH.

  • If you installed Phusion Passenger using native OS packages, then some Phusion Passenger administration tools are in /usr/bin, while others are in /usr/sbin. If you are not logged in as root, then /usr/sbin may not be in PATH, which would explain why you get a "command not found" when trying to invoke some of the tools. You should /usr/sbin to PATH.

  • If you are unsure where your Phusion Passenger directory is then you can use the find command to look them up. Go to the root directory and invoke find with sudo:

    $ cd /
    $ sudo find . -name passenger-status
    /usr/local/passenger/bin/passenger-status

    In this example, the administration tools happen to be in /usr/local/passenger/bin, so you must add that to PATH.

Note You may still get a "command not found" when invoking the tools through sudo, even after you’ve added the relevant directory to PATH. Please read Environment variables and sudo to learn more.

16.3. Making environment variables permanent

When you exit your shell, the evironment variable changes are lost. There is no standard method to set environment variables system-wide, so you have to set them in different configuration files for different services.

16.3.1. bash

To make environment variables permanent for future bash sessions for the current user, add them to your ~/.bashrc:

echo 'export FOO=bar' >> ~/.bashrc
echo 'export PATH=/usr/local/bin:$PATH' >> ~/.bashrc

To make them permanent for future bash sessions for all users, add them to /etc/bashrc.

Note Depending on the system, the bashrc file may have a different filename. On Debian and Ubuntu, it’s /etc/bash.bashrc.

16.3.2. Apache

Note This subsection describes how to set environment variables on Apache itself, not on apps served through Phusion Passenger for Apache. The environment variables you set here will be passed to all apps, but you cannot customize them on a per-app basis. See also Setting environment variables on Phusion Passenger-served apps.

On Debian and Ubuntu, with an Apache installed through apt, Apache environment variables are defined in the file /etc/apache2/envvars. This is a shell script so environment variables must be specified with the shell syntax.

On Red Hat, Fedora, CentOS and ScientificLinux, with an Apache installed through YUM, Apache environment variables are defined in /etc/sysconfig/httpd.

On OS X they are defined in /System/Library/LaunchDaemons/org.apache.httpd.plist, as explained here on Stack Overflow.

On other systems, or if you did not install Apache through the system’s package manager, the configuration file for environment variables is specific to the vendor that supplied Apache. There may not even be such a configuration file. You should contact the vendor for support.

16.3.3. Nginx

Note This subsection describes how to set environment variables on Nginx itself, not on apps served through Phusion Passenger for Nginx. The environment variables you set here will be passed to all apps, but you cannot customize them on a per-app basis. See also Setting environment variables on Phusion Passenger-served apps.

If you installed Nginx through the Debian or Ubuntu packages, then you can define environment variables in /etc/default/nginx. This is a shell script so you must use the export FOO=bar syntax.

Otherwise, environment variables are best set through the script which starts Nginx. For example, if you installed Nginx from source and you used the Nginx init script described earlier in this manual, then you should edit that script to define the environment variables. Those init scripts are regular shell scripts, so use the export FOO=bar syntax. Just make sure your set your environment variables before the script starts Nginx.

Note Setting environment variables on Nginx has no effect on the Flying Passenger daemon because the daemon is started seperately. You should set the environment variables in the shell right before starting the daemon.

16.3.4. cron

To make environment variables permanent for cron jobs, add those variables to the relevant crontab. But note that inside crontabs you cannot refer to existing environment variables with the $ syntax because crontabs are not shell scripts. You have to specify the entire value.

What to put in "crontab -e"
# Environment variable definitions
FOO=bar
APXS2=/usr/sbin/apxs2

# **WRONG!** You cannot refer to existing variables with the `$` syntax!
PATH=/usr/bin:$PATH
# **WRONG!** You cannot use the 'export' keyword!
export PATH=/usr/bin:/usr/local/bin
# Correct:
PATH=/usr/bin:/usr/local/bin

# Jobs:
# m h  dom mon dow   command
  * *  *   *   *     frobnicator

16.3.5. Phusion Passenger-served apps

You can pass environment variables to Phusion Passenger-served apps through various methods:

  • When running Apache, use the PassEnv and SetEnv directives of mod_env. This is supported starting from Phusion Passenger 4.0.

  • When running Nginx, use the passenger_set_cgi_param directive.

  • Through your bashrc. Starting from version 4.0, Phusion Passenger 4.0 spawns applications through bash and inherit all bash environment variables. Phusion Passenger Standalone tends to be started from the shell and thus inherits all environment variables set by the shell.

  • Through Apache and Nginx, as described earlier in this chapter. Any environment variables that you set on Apache and Nginx itself are inherited by Phusion Passenger, and thus by Phusion Passenger-served apps as well.

  • Through the application itself. Most programming languages provide APIs for setting environment variables. For example in Ruby you can write:

    ENV['FOO'] = 'bar'

    In Python you can write:

    import os
    os.environ['FOO'] = 'bar'

16.4. Environment variables and sudo

Note RVM users should always use the rvmsudo command instead of sudo. However all information in this section apply to rvmsudo as well.

The sudo command resets all environment variables before running the specified command, for security reasons. So if you set environment variables before running sudo passenger-install-xxx-module, sudo passenger-status or any other commands, then the environment variables are not correctly passed to the command. You can solve this by running sudo with -E (preserve environment variables):

user@localhost bash$ export APXS2=/usr/sbin/apxs2
user@localhost bash$ sudo -E passenger-install-apache2-module

Alternatively, you can obtain a root prompt with sudo first, and then set the environment variables, before running any further commands:

user@localhost bash$ sudo -s
Password: ...
root@localhost bash# export APXS2=/usr/sbin/apxs2
root@localhost bash# passenger-install-apache2-module

Note that for security reasons, sudo always resets the PATH environment variable, even if you pass -E! You can get around this problem by obtaining a root prompt first, and then set the environment variables:

user@localhost bash$ sudo -s
Password: ...
root@localhost bash# export PATH=$PATH:/opt/myruby/bin
root@localhost bash# passenger-install-apache2-module