Use latest versions of Puma and Passenger in Ruby platforms

[dfjacobs]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Tell us about your request The Elastic Beanstalk Ruby platforms have been using very old versions of the Puma and Passenger application servers for several years. The EB environments should be updated to the latest versions of Puma and Passenger, or modified to allow customers to specify the version of Puma and Passenger in the gem file.

Is this request specific to an Elastic Beanstalk platform? Ruby

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? I would like to use the latest version of Puma or Passenger in applications hosted in Elastic Beanstalk. This isn't possible when the platform installs an older version. These older versions also block new versions of gems that they are dependent on, specifically Rack. Newer versions of Puma and Passenger have new features that are unavailable to customer applications running in Elastic Beanstalk. There is also the issue of missing bug and security fixes included in the newer versions.

Years ago, new Ruby EB platforms did include the current versions of the app servers. This practice stopped a few years ago, and I've been unable to find any public explanation from Amazon as to why. The most logical explanation would be to have the same app server in all Ruby platforms, so use a version that was supported by all platforms. However, at this point in time all currently supported platforms support the latest versions of Puma and Passenger. Another possible explanation would be to avoid breaking customer applications when upgrading Ruby platforms by forcing a switch to a newer app server in a newer platform. However, a customer that needs a specific version of Puma or Passenger can now create a custom Ruby platform or docker container that contains the required version.

For customers that have no preference in app server versions, providing the latest version of Puma or Passenger in the Ruby platforms would seem to make the most sense.

Are you currently working around this issue? Not at this time. If I need newer versions of Puma, Passenger, or Rack, I wouldn't use the Ruby Elastic Beanstalk platforms. I've not had to do it yet, but I believe that I could create either a custom platform or a docker container that uses the current version of Puma or Passenger, or leaves both app servers out and just includes Rack.

Attachments Some examples of problems caused by old app server versions:

https://stackoverflow.com/questions/50074609/rails-how-to-get-puma-3-11-for-aws-elasticbeanstalk-application

https://serverfault.com/questions/715116/elastic-beanstalk-with-passenger-standalone-working-configuration

https://forums.aws.amazon.com/thread.jspa?messageID=845581&#845581

[vladimir-rezan]

Having the same concern - the EB/puma platform starts with 2.16.0, dated 2016-01-27, while the current is 4.3.1. Even if we overlook the convenience & feature aspect, this is still highly insecure.

[labisso]

The upcoming Ruby on Amazon Linux 2 platform will address this, with newer default versions and also more configurability.

[waissbluth]

This might be worth a separate issue. However, as far as I know there is not simple way to customize puma (e.g. number of workers or threads). The only way I know of doing this is doing hacks like this.

Would it be possible to override/extend/replace the default puma config as well?

[gonzaloaune]

Same problem here, trying to use websockets with Passenger 4.0.60 is not working

[waissbluth]

Has anyone found a workaround to upgrade puma manually while we wait for the platform update?

[Sekhar-Kutikuppala]

The latest Ruby on AL2 platforms support Puma 4.3.5 and you can install the Passenger version as described in this example

[silva96]

Nothing stops you from upgrading puma in your gemfile, after all, puma is being run in the bundle context of your project.

[root@ip-172-xx-xx-xxx current]# bundle exec puma --version puma version 4.3.5

to use a custom config create a file inside .ebextensions with this content:

files:
  "/opt/elasticbeanstalk/support/conf/pumaconf.rb":
    mode: "000644"
    content: |
      directory '/var/app/current'
      threads_count = ENV.fetch('RAILS_MAX_THREADS') { 32 }.to_i
      threads (threads_count / 4), threads_count
      environment ENV.fetch('RACK_ENV') { 'development' }
      workers %x(grep -c processor /proc/cpuinfo).to_i
      bind 'unix:///var/run/puma/my_app.sock'
      pidfile '/var/run/puma/puma.pid'
      stdout_redirect '/var/log/puma/puma.log', '/var/log/puma/puma.log', true
      daemonize false

There, you can add any custom directives you want. We, for example added PumaWorkerKiller configs

before_fork do
        require 'puma_worker_killer'

        PumaWorkerKiller.config do |config|
          config.ram           = ENV.fetch('ENVIRONMENT_RAM', 4096).to_f # mb
          config.frequency     = 10 # seconds
          config.percent_usage = 0.80 # 80% usage tops
          config.rolling_restart_frequency = false # Not using rolling restarts
          config.reaper_status_logs = false # Not logging PWK messages
        end
        PumaWorkerKiller.start
      end