puma 3.12.6 → 4.3.10
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puma might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/History.md +145 -3
- data/README.md +76 -48
- data/docs/architecture.md +1 -0
- data/docs/deployment.md +24 -4
- data/docs/images/puma-connection-flow-no-reactor.png +0 -0
- data/docs/images/puma-connection-flow.png +0 -0
- data/docs/images/puma-general-arch.png +0 -0
- data/docs/plugins.md +20 -10
- data/docs/restart.md +4 -2
- data/docs/systemd.md +27 -9
- data/docs/tcp_mode.md +96 -0
- data/ext/puma_http11/PumaHttp11Service.java +2 -0
- data/ext/puma_http11/extconf.rb +13 -0
- data/ext/puma_http11/http11_parser.c +58 -70
- data/ext/puma_http11/http11_parser.java.rl +21 -37
- data/ext/puma_http11/http11_parser_common.rl +4 -4
- data/ext/puma_http11/mini_ssl.c +78 -8
- data/ext/puma_http11/org/jruby/puma/Http11.java +106 -114
- data/ext/puma_http11/org/jruby/puma/Http11Parser.java +86 -99
- data/ext/puma_http11/org/jruby/puma/IOBuffer.java +72 -0
- data/ext/puma_http11/org/jruby/puma/MiniSSL.java +15 -4
- data/ext/puma_http11/puma_http11.c +3 -0
- data/lib/puma/accept_nonblock.rb +7 -1
- data/lib/puma/app/status.rb +37 -29
- data/lib/puma/binder.rb +38 -60
- data/lib/puma/cli.rb +4 -0
- data/lib/puma/client.rb +242 -208
- data/lib/puma/cluster.rb +53 -30
- data/lib/puma/configuration.rb +4 -3
- data/lib/puma/const.rb +22 -18
- data/lib/puma/control_cli.rb +30 -5
- data/lib/puma/dsl.rb +299 -75
- data/lib/puma/events.rb +4 -1
- data/lib/puma/io_buffer.rb +1 -6
- data/lib/puma/launcher.rb +95 -53
- data/lib/puma/minissl/context_builder.rb +76 -0
- data/lib/puma/minissl.rb +35 -17
- data/lib/puma/plugin/tmp_restart.rb +2 -0
- data/lib/puma/plugin.rb +5 -2
- data/lib/puma/rack/builder.rb +2 -0
- data/lib/puma/rack/urlmap.rb +2 -0
- data/lib/puma/rack_default.rb +2 -0
- data/lib/puma/reactor.rb +110 -57
- data/lib/puma/runner.rb +11 -3
- data/lib/puma/server.rb +73 -57
- data/lib/puma/single.rb +3 -3
- data/lib/puma/thread_pool.rb +15 -33
- data/lib/puma/util.rb +1 -6
- data/lib/puma.rb +8 -0
- data/lib/rack/handler/puma.rb +3 -3
- data/tools/docker/Dockerfile +16 -0
- data/tools/jungle/init.d/puma +6 -6
- data/tools/trickletest.rb +0 -1
- metadata +26 -13
- data/lib/puma/compat.rb +0 -14
- data/lib/puma/convenient.rb +0 -25
- data/lib/puma/daemon_ext.rb +0 -33
- data/lib/puma/delegation.rb +0 -13
- data/lib/puma/java_io_buffer.rb +0 -47
- data/lib/puma/rack/backports/uri/common_193.rb +0 -33
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b5bada51607a0a6b25db74e4fd87c92bbe5e2fa0b0c5b2e62fbce9976b4ed88b
|
4
|
+
data.tar.gz: 5f7557d5023cced69856a8b8b2dd4532bf4b6a496fef9f9a4de6aa131d03d740
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f393fc0d055ff108e4d98fc3172d356d1f09f9a938f7f3d801c2360b6724e08ae1d60fc8cb77c3140e15a8dfdfc088d477100de1260e9dd61215818f6e576d7e
|
7
|
+
data.tar.gz: 1f4224b7a2cbe85347628f10c4fa8b6e47bd66b9b9e320962a46dc8fcc184420baad3a011c80a52d9f9925cbe4679d8bfde32c28359c9cd9dc36e108af88db3a
|
data/History.md
CHANGED
@@ -1,9 +1,33 @@
|
|
1
|
-
##
|
1
|
+
## 4.3.10 / 2021-10-12
|
2
|
+
|
3
|
+
* Bugfixes
|
4
|
+
* Allow UTF-8 in HTTP header values
|
5
|
+
|
6
|
+
## 4.3.9 / 2021-10-12
|
7
|
+
|
8
|
+
* Security
|
9
|
+
* Do not allow LF as a line ending in a header (CVE-2021-41136)
|
10
|
+
|
11
|
+
## 4.3.8 / 2021-05-11
|
2
12
|
|
3
|
-
*
|
13
|
+
* Security
|
14
|
+
* Close keepalive connections after the maximum number of fast inlined requests (#2625)
|
15
|
+
|
16
|
+
## 4.3.7 / 2020-11-30
|
17
|
+
|
18
|
+
* Bugfixes
|
19
|
+
* Backport set CONTENT_LENGTH for chunked requests (Originally: #2287, backport: #2496)
|
4
20
|
|
5
|
-
|
21
|
+
## 4.3.6 / 2020-09-05
|
6
22
|
|
23
|
+
* Bugfixes
|
24
|
+
* Explicitly include ctype.h to fix compilation warning and build error on macOS with Xcode 12 (#2304)
|
25
|
+
* Don't require json at boot (#2269)
|
26
|
+
* Set `CONTENT_LENGTH` for chunked requests (#2287)
|
27
|
+
|
28
|
+
## 4.3.4/4.3.5 and 3.12.5/3.12.6 / 2020-05-22
|
29
|
+
|
30
|
+
Each patchlevel release contains a separate security fix. We recommend simply upgrading to 4.3.5/3.12.6.
|
7
31
|
|
8
32
|
## 4.3.3 and 3.12.4 / 2020-02-28
|
9
33
|
* Bugfixes
|
@@ -21,6 +45,115 @@
|
|
21
45
|
* Security
|
22
46
|
* Fix: a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. CVE-2019-16770.
|
23
47
|
|
48
|
+
## 4.3.0 / 2019-11-07
|
49
|
+
|
50
|
+
* Features
|
51
|
+
* Strip whitespace at end of HTTP headers (#2010)
|
52
|
+
* Optimize HTTP parser for JRuby (#2012)
|
53
|
+
* Add SSL support for the control app and cli (#2046, #2052)
|
54
|
+
|
55
|
+
* Bugfixes
|
56
|
+
* Fix Errno::EINVAL when SSL is enabled and browser rejects cert (#1564)
|
57
|
+
* Fix pumactl defaulting puma to development if an environment was not specified (#2035)
|
58
|
+
* Fix closing file stream when reading pid from pidfile (#2048)
|
59
|
+
* Fix a typo in configuration option `--extra_runtime_dependencies` (#2050)
|
60
|
+
|
61
|
+
## 4.2.1 / 2019-10-07
|
62
|
+
|
63
|
+
* 3 bugfixes
|
64
|
+
* Fix socket activation of systemd (pre-existing) unix binder files (#1842, #1988)
|
65
|
+
* Deal with multiple calls to bind correctly (#1986, #1994, #2006)
|
66
|
+
* Accepts symbols for `verify_mode` (#1222)
|
67
|
+
|
68
|
+
## 4.2.0 / 2019-09-23
|
69
|
+
|
70
|
+
* 6 features
|
71
|
+
* Pumactl has a new -e environment option and reads `config/puma/<environment>.rb` config files (#1885)
|
72
|
+
* Semicolons are now allowed in URL paths (MRI only), useful for Angular or Redmine (#1934)
|
73
|
+
* Allow extra dependencies to be defined when using prune_bundler (#1105)
|
74
|
+
* Puma now reports the correct port when binding to port 0, also reports other listeners when binding to localhost (#1786)
|
75
|
+
* Sending SIGINFO to any Puma worker now prints currently active threads and their backtraces (#1320)
|
76
|
+
* Puma threads all now have their name set on Ruby 2.3+ (#1968)
|
77
|
+
* 4 bugfixes
|
78
|
+
* Fix some misbehavior with phased restart and externally SIGTERMed workers (#1908, #1952)
|
79
|
+
* Fix socket closing on error (#1941)
|
80
|
+
* Removed unnecessary SIGINT trap for JRuby that caused some race conditions (#1961)
|
81
|
+
* Fix socket files being left around after process stopped (#1970)
|
82
|
+
* Absolutely thousands of lines of test improvements and fixes thanks to @MSP-Greg
|
83
|
+
|
84
|
+
## 4.1.1 / 2019-09-05
|
85
|
+
|
86
|
+
* 3 bugfixes
|
87
|
+
* Revert our attempt to not dup STDOUT/STDERR (#1946)
|
88
|
+
* Fix socket close on error (#1941)
|
89
|
+
* Fix workers not shutting down correctly (#1908)
|
90
|
+
|
91
|
+
## 4.1.0 / 2019-08-08
|
92
|
+
|
93
|
+
* 4 features
|
94
|
+
* Add REQUEST_PATH on parse error message (#1831)
|
95
|
+
* You can now easily add custom log formatters with the `log_formatter` config option (#1816)
|
96
|
+
* Puma.stats now provides process start times (#1844)
|
97
|
+
* Add support for disabling TLSv1.1 (#1836)
|
98
|
+
|
99
|
+
* 7 bugfixes
|
100
|
+
* Fix issue where Puma was creating zombie process entries (#1887)
|
101
|
+
* Fix bugs with line-endings and chunked encoding (#1812)
|
102
|
+
* RACK_URL_SCHEME is now set correctly in all conditions (#1491)
|
103
|
+
* We no longer mutate global STDOUT/STDERR, particularly the sync setting (#1837)
|
104
|
+
* SSL read_nonblock no longer blocks (#1857)
|
105
|
+
* Swallow connection errors when sending early hints (#1822)
|
106
|
+
* Backtrace no longer dumped when invalid pumactl commands are run (#1863)
|
107
|
+
|
108
|
+
* 5 other
|
109
|
+
* Avoid casting worker_timeout twice (#1838)
|
110
|
+
* Removed a call to private that wasn't doing anything (#1882)
|
111
|
+
* README, Rakefile, docs and test cleanups (#1848, #1847, #1846, #1853, #1859, #1850, #1866, #1870, #1872, #1833, #1888)
|
112
|
+
* Puma.io has proper documentation now (https://puma.io/puma/)
|
113
|
+
* Added the Contributor Covenant CoC
|
114
|
+
|
115
|
+
* 1 known issue
|
116
|
+
* Some users are still experiencing issues surrounding socket activation and Unix sockets (#1842)
|
117
|
+
|
118
|
+
## 4.0.1 / 2019-07-11
|
119
|
+
|
120
|
+
* 2 bugfixes
|
121
|
+
* Fix socket removed after reload - should fix problems with systemd socket activation. (#1829)
|
122
|
+
* Add extconf tests for DTLS_method & TLS_server_method, use in minissl.rb. Should fix "undefined symbol: DTLS_method" when compiling against old OpenSSL versions. (#1832)
|
123
|
+
* 1 other
|
124
|
+
* Removed unnecessary RUBY_VERSION checks. (#1827)
|
125
|
+
|
126
|
+
## 4.0.0 / 2019-06-25
|
127
|
+
|
128
|
+
* 9 features
|
129
|
+
* Add support for disabling TLSv1.0 (#1562)
|
130
|
+
* Request body read time metric (#1569)
|
131
|
+
* Add out_of_band hook (#1648)
|
132
|
+
* Re-implement (native) IOBuffer for JRuby (#1691)
|
133
|
+
* Min worker timeout (#1716)
|
134
|
+
* Add option to suppress SignalException on SIGTERM (#1690)
|
135
|
+
* Allow mutual TLS CA to be set using `ssl_bind` DSL (#1689)
|
136
|
+
* Reactor now uses nio4r instead of `select` (#1728)
|
137
|
+
* Add status to pumactl with pidfile (#1824)
|
138
|
+
|
139
|
+
* 10 bugfixes
|
140
|
+
* Do not accept new requests on shutdown (#1685, #1808)
|
141
|
+
* Fix 3 corner cases when request body is chunked (#1508)
|
142
|
+
* Change pid existence check's condition branches (#1650)
|
143
|
+
* Don't call .stop on a server that doesn't exist (#1655)
|
144
|
+
* Implemented NID_X9_62_prime256v1 (P-256) curve over P-521 (#1671)
|
145
|
+
* Fix @notify.close can't modify frozen IOError (RuntimeError) (#1583)
|
146
|
+
* Fix Java 8 support (#1773)
|
147
|
+
* Fix error `uninitialized constant Puma::Cluster` (#1731)
|
148
|
+
* Fix `not_token` being able to be set to true (#1803)
|
149
|
+
* Fix "Hang on SIGTERM with ruby 2.6 in clustered mode" ([PR #1741], [#1674], [#1720], [#1730], [#1755])
|
150
|
+
|
151
|
+
[PR #1741]: https://github.com/puma/puma/pull/1741
|
152
|
+
[#1674]: https://github.com/puma/puma/issues/1674
|
153
|
+
[#1720]: https://github.com/puma/puma/issues/1720
|
154
|
+
[#1730]: https://github.com/puma/puma/issues/1730
|
155
|
+
[#1755]: https://github.com/puma/puma/issues/1755
|
156
|
+
|
24
157
|
## 3.12.1 / 2019-03-19
|
25
158
|
|
26
159
|
* 1 features
|
@@ -1427,3 +1560,12 @@ be added back in a future date when a java Puma::MiniSSL is added.
|
|
1427
1560
|
## 1.0.0 / 2012-03-29
|
1428
1561
|
|
1429
1562
|
* Released!
|
1563
|
+
|
1564
|
+
## Ignore - this is for maintainers to copy-paste during release
|
1565
|
+
## Master
|
1566
|
+
|
1567
|
+
* Features
|
1568
|
+
* Your feature goes here (#Github Number)
|
1569
|
+
|
1570
|
+
* Bugfixes
|
1571
|
+
* Your bugfix goes here (#Github Number)
|
data/README.md
CHANGED
@@ -1,45 +1,48 @@
|
|
1
1
|
<p align="center">
|
2
|
-
<img src="
|
2
|
+
<img src="https://puma.io/images/logos/puma-logo-large.png">
|
3
3
|
</p>
|
4
4
|
|
5
5
|
# Puma: A Ruby Web Server Built For Concurrency
|
6
6
|
|
7
7
|
[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/puma/puma?utm\_source=badge&utm\_medium=badge&utm\_campaign=pr-badge)
|
8
|
-
[![Build Status](https://
|
9
|
-
[![
|
10
|
-
|
8
|
+
[![Actions Build Status](https://github.com/puma/puma/workflows/Puma/badge.svg)](https://github.com/puma/puma/actions)
|
9
|
+
[![Travis Build Status](https://travis-ci.org/puma/puma.svg?branch=master)](https://travis-ci.org/puma/puma)
|
10
|
+
|
11
11
|
[![Code Climate](https://codeclimate.com/github/puma/puma.svg)](https://codeclimate.com/github/puma/puma)
|
12
|
+
[![SemVer](https://api.dependabot.com/badges/compatibility_score?dependency-name=puma&package-manager=bundler&version-scheme=semver)](https://dependabot.com/compatibility-score.html?dependency-name=puma&package-manager=bundler&version-scheme=semver)
|
12
13
|
|
13
|
-
Puma is a **simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications
|
14
|
+
Puma is a **simple, fast, multi-threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications**.
|
14
15
|
|
15
16
|
## Built For Speed & Concurrency
|
16
17
|
|
17
|
-
|
18
|
+
Puma processes requests using a C-optimized Ragel extension (inherited from Mongrel) that provides fast, accurate HTTP 1.1 protocol parsing in a portable way. Puma then serves the request using a thread pool. Each request is served in a separate thread, so truly concurrent Ruby implementations (JRuby, Rubinius) will use all available CPU cores.
|
18
19
|
|
19
|
-
Puma was designed to be the go-to server for [Rubinius](
|
20
|
+
Puma was designed to be the go-to server for [Rubinius](https://rubinius.com), but also works well with JRuby and MRI.
|
20
21
|
|
21
|
-
On MRI, there is a Global VM Lock (GVL) that ensures only one thread can run Ruby code at a time. But if you're doing a lot of blocking IO (such as HTTP calls to external APIs like Twitter), Puma still improves MRI's throughput by allowing
|
22
|
+
On MRI, there is a Global VM Lock (GVL) that ensures only one thread can run Ruby code at a time. But if you're doing a lot of blocking IO (such as HTTP calls to external APIs like Twitter), Puma still improves MRI's throughput by allowing IO waiting to be done in parallel.
|
22
23
|
|
23
24
|
## Quick Start
|
24
25
|
|
25
26
|
```
|
26
27
|
$ gem install puma
|
27
|
-
$ puma
|
28
|
-
```
|
28
|
+
$ puma
|
29
|
+
```
|
30
|
+
|
31
|
+
Without arguments, puma will look for a rackup (.ru) file in the current working directory called `config.ru`.
|
29
32
|
|
30
33
|
## Frameworks
|
31
34
|
|
32
35
|
### Rails
|
33
36
|
|
34
|
-
Puma is the default server for Rails,
|
37
|
+
Puma is the default server for Rails, included in the generated Gemfile.
|
35
38
|
|
36
|
-
|
39
|
+
Start your server with the `rails` command:
|
37
40
|
|
38
41
|
```
|
39
|
-
$ rails
|
42
|
+
$ rails server
|
40
43
|
```
|
41
44
|
|
42
|
-
Many configuration options are not available when using `rails
|
45
|
+
Many configuration options and Puma features are not available when using `rails server`. It is recommended that you use Puma's executable instead:
|
43
46
|
|
44
47
|
```
|
45
48
|
$ bundle exec puma
|
@@ -53,7 +56,7 @@ You can run your Sinatra application with Puma from the command line like this:
|
|
53
56
|
$ ruby app.rb -s Puma
|
54
57
|
```
|
55
58
|
|
56
|
-
Or you can configure your application to always use Puma:
|
59
|
+
Or you can configure your Sinatra application to always use Puma:
|
57
60
|
|
58
61
|
```ruby
|
59
62
|
require 'sinatra'
|
@@ -64,6 +67,9 @@ configure { set :server, :puma }
|
|
64
67
|
|
65
68
|
Puma provides numerous options. Consult `puma -h` (or `puma --help`) for a full list of CLI options, or see [dsl.rb](https://github.com/puma/puma/blob/master/lib/puma/dsl.rb).
|
66
69
|
|
70
|
+
You can also find several configuration examples as part of the
|
71
|
+
[test](test/config) suite.
|
72
|
+
|
67
73
|
### Thread Pool
|
68
74
|
|
69
75
|
Puma uses a thread pool. You can set the minimum and maximum number of threads that are available in the pool with the `-t` (or `--threads`) flag:
|
@@ -72,9 +78,9 @@ Puma uses a thread pool. You can set the minimum and maximum number of threads t
|
|
72
78
|
$ puma -t 8:32
|
73
79
|
```
|
74
80
|
|
75
|
-
Puma will automatically scale the number of threads, from the minimum until it caps out at the maximum, based on how much traffic is present. The current default is `0:16`. Feel free to experiment, but be careful not to set the number of maximum threads to a large number, as you may exhaust resources on the system (or
|
81
|
+
Puma will automatically scale the number of threads, from the minimum until it caps out at the maximum, based on how much traffic is present. The current default is `0:16`. Feel free to experiment, but be careful not to set the number of maximum threads to a large number, as you may exhaust resources on the system (or cause contention for the Global VM Lock, when using MRI).
|
76
82
|
|
77
|
-
Be aware that additionally Puma creates threads on its own for internal purposes (e.g. handling slow clients). So even if you specify -t 1:1, expect around 7 threads created in your application.
|
83
|
+
Be aware that additionally Puma creates threads on its own for internal purposes (e.g. handling slow clients). So, even if you specify -t 1:1, expect around 7 threads created in your application.
|
78
84
|
|
79
85
|
### Clustered mode
|
80
86
|
|
@@ -84,9 +90,9 @@ Puma also offers "clustered mode". Clustered mode `fork`s workers from a master
|
|
84
90
|
$ puma -t 8:32 -w 3
|
85
91
|
```
|
86
92
|
|
87
|
-
Note that threads are still used in clustered mode, and the `-t` thread flag setting is per worker, so `-w 2 -t 16:16` will spawn 32 threads in total.
|
93
|
+
Note that threads are still used in clustered mode, and the `-t` thread flag setting is per worker, so `-w 2 -t 16:16` will spawn 32 threads in total, with 16 in each worker process.
|
88
94
|
|
89
|
-
In clustered mode, Puma
|
95
|
+
In clustered mode, Puma can "preload" your application. This loads all the application code *prior* to forking. Preloading reduces total memory usage of your application via an operating system feature called [copy-on-write](https://en.wikipedia.org/wiki/Copy-on-write) (Ruby 2.0+ only). Use the `--preload` flag from the command line:
|
90
96
|
|
91
97
|
```
|
92
98
|
$ puma -w 3 --preload
|
@@ -111,40 +117,42 @@ end
|
|
111
117
|
|
112
118
|
This code can be used to setup the process before booting the application, allowing
|
113
119
|
you to do some Puma-specific things that you don't want to embed in your application.
|
114
|
-
For instance, you could fire a log notification that a worker booted or send something to statsd.
|
115
|
-
This can be called multiple times.
|
120
|
+
For instance, you could fire a log notification that a worker booted or send something to statsd. This can be called multiple times.
|
116
121
|
|
117
|
-
|
122
|
+
`before_fork` specifies a block to be run before workers are forked:
|
118
123
|
|
119
124
|
```ruby
|
120
125
|
# config/puma.rb
|
121
|
-
|
122
|
-
|
123
|
-
ActiveRecord::Base.establish_connection
|
124
|
-
end
|
126
|
+
before_fork do
|
127
|
+
# configuration here
|
125
128
|
end
|
126
129
|
```
|
127
130
|
|
128
|
-
|
131
|
+
Preloading can’t be used with phased restart, since phased restart kills and restarts workers one-by-one, and preload_app copies the code of master into the workers.
|
132
|
+
|
133
|
+
### Error handling
|
134
|
+
|
135
|
+
If puma encounters an error outside of the context of your application, it will respond with a 500 and a simple
|
136
|
+
textual error message (see `lowlevel_error` in [this file](https://github.com/puma/puma/blob/master/lib/puma/server.rb)).
|
137
|
+
You can specify custom behavior for this scenario. For example, you can report the error to your third-party
|
138
|
+
error-tracking service (in this example, [rollbar](http://rollbar.com)):
|
129
139
|
|
130
140
|
```ruby
|
131
|
-
|
132
|
-
|
133
|
-
|
141
|
+
lowlevel_error_handler do |e|
|
142
|
+
Rollbar.critical(e)
|
143
|
+
[500, {}, ["An error has occurred, and engineers have been informed. Please reload the page. If you continue to have problems, contact support@example.com\n"]]
|
134
144
|
end
|
135
145
|
```
|
136
146
|
|
137
|
-
Preloading can’t be used with phased restart, since phased restart kills and restarts workers one-by-one, and preload_app copies the code of master into the workers.
|
138
|
-
|
139
147
|
### Binding TCP / Sockets
|
140
148
|
|
141
|
-
|
149
|
+
Bind Puma to a socket with the `-b` (or `--bind`) flag:
|
142
150
|
|
143
151
|
```
|
144
152
|
$ puma -b tcp://127.0.0.1:9292
|
145
153
|
```
|
146
154
|
|
147
|
-
|
155
|
+
To use a UNIX Socket instead of TCP:
|
148
156
|
|
149
157
|
```
|
150
158
|
$ puma -b unix:///var/run/puma.sock
|
@@ -157,30 +165,44 @@ $ puma -b 'unix:///var/run/puma.sock?umask=0111'
|
|
157
165
|
```
|
158
166
|
|
159
167
|
Need a bit of security? Use SSL sockets:
|
168
|
+
|
160
169
|
```
|
161
170
|
$ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert'
|
162
171
|
```
|
172
|
+
|
163
173
|
#### Controlling SSL Cipher Suites
|
164
|
-
|
165
|
-
|
174
|
+
|
175
|
+
To use or avoid specific SSL cipher suites, use `ssl_cipher_filter` or `ssl_cipher_list` options.
|
176
|
+
|
177
|
+
##### Ruby:
|
178
|
+
|
166
179
|
```
|
167
180
|
$ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&ssl_cipher_filter=!aNULL:AES+SHA'
|
168
181
|
```
|
169
|
-
|
182
|
+
|
183
|
+
##### JRuby:
|
184
|
+
|
170
185
|
```
|
171
186
|
$ puma -b 'ssl://127.0.0.1:9292?keystore=path_to_keystore&keystore-pass=keystore_password&ssl_cipher_list=TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA'
|
172
187
|
```
|
188
|
+
|
173
189
|
See https://www.openssl.org/docs/man1.0.2/apps/ciphers.html for cipher filter format and full list of cipher suites.
|
174
190
|
|
191
|
+
Disable TLS v1 with the `no_tlsv1` option:
|
192
|
+
|
193
|
+
```
|
194
|
+
$ puma -b 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert&no_tlsv1=true'
|
195
|
+
```
|
196
|
+
|
175
197
|
### Control/Status Server
|
176
198
|
|
177
|
-
Puma has a built-in status
|
199
|
+
Puma has a built-in status and control app that can be used to query and control Puma.
|
178
200
|
|
179
201
|
```
|
180
202
|
$ puma --control-url tcp://127.0.0.1:9293 --control-token foo
|
181
203
|
```
|
182
204
|
|
183
|
-
Puma will start the control server on localhost port 9293. All requests to the control server will need to include `token=foo` as a query parameter. This allows for simple authentication. Check out [status.rb](https://github.com/puma/puma/blob/master/lib/puma/app/status.rb) to see what the app has available.
|
205
|
+
Puma will start the control server on localhost port 9293. All requests to the control server will need to include control token (in this case, `token=foo`) as a query parameter. This allows for simple authentication. Check out [status.rb](https://github.com/puma/puma/blob/master/lib/puma/app/status.rb) to see what the status app has available.
|
184
206
|
|
185
207
|
You can also interact with the control server via `pumactl`. This command will restart Puma:
|
186
208
|
|
@@ -192,13 +214,13 @@ To see a list of `pumactl` options, use `pumactl --help`.
|
|
192
214
|
|
193
215
|
### Configuration File
|
194
216
|
|
195
|
-
You can also provide a configuration file
|
217
|
+
You can also provide a configuration file with the `-C` (or `--config`) flag:
|
196
218
|
|
197
219
|
```
|
198
220
|
$ puma -C /path/to/config
|
199
221
|
```
|
200
222
|
|
201
|
-
If no configuration file is specified, Puma will look for a configuration file at `config/puma.rb`. If an environment is specified, either via the `-e` and `--environment` flags, or through the `RACK_ENV` environment variable,
|
223
|
+
If no configuration file is specified, Puma will look for a configuration file at `config/puma.rb`. If an environment is specified, either via the `-e` and `--environment` flags, or through the `RACK_ENV` environment variable, Puma looks for configuration at `config/puma/<environment_name>.rb`.
|
202
224
|
|
203
225
|
If you want to prevent Puma from looking for a configuration file in those locations, provide a dash as the argument to the `-C` (or `--config`) flag:
|
204
226
|
|
@@ -206,7 +228,9 @@ If you want to prevent Puma from looking for a configuration file in those locat
|
|
206
228
|
$ puma -C "-"
|
207
229
|
```
|
208
230
|
|
209
|
-
|
231
|
+
The other side-effects of setting the environment are whether to show stack traces (in `development` or `test`), and setting RACK_ENV may potentially affect middleware looking for this value to change their behavior. The default puma RACK_ENV value is `development`. You can see all config default values [here](https://github.com/puma/puma/blob/12d1706ddc71b89ed2ee26275e31c788e94ff541/lib/puma/configuration.rb#L170).
|
232
|
+
|
233
|
+
Check out [dsl.rb](https://github.com/puma/puma/blob/master/lib/puma/dsl.rb) to see all available options.
|
210
234
|
|
211
235
|
## Restart
|
212
236
|
|
@@ -223,7 +247,7 @@ Puma responds to several signals. A detailed guide to using UNIX signals with Pu
|
|
223
247
|
Some platforms do not support all Puma features.
|
224
248
|
|
225
249
|
* **JRuby**, **Windows**: server sockets are not seamless on restart, they must be closed and reopened. These platforms have no way to pass descriptors into a new process that is exposed to Ruby. Also, cluster mode is not supported due to a lack of fork(2).
|
226
|
-
* **Windows**:
|
250
|
+
* **Windows**: Cluster mode is not supported due to a lack of fork(2).
|
227
251
|
|
228
252
|
## Known Bugs
|
229
253
|
|
@@ -249,14 +273,18 @@ reliability in production environments:
|
|
249
273
|
* [tools/jungle](https://github.com/puma/puma/tree/master/tools/jungle) for sysvinit (init.d) and upstart
|
250
274
|
* [docs/systemd](https://github.com/puma/puma/blob/master/docs/systemd.md)
|
251
275
|
|
276
|
+
## Community Plugins
|
277
|
+
|
278
|
+
* [puma-heroku](https://github.com/evanphx/puma-heroku) — default Puma configuration for running on Heroku
|
279
|
+
* [puma-metrics](https://github.com/harmjanblok/puma-metrics) — export Puma metrics to Prometheus
|
280
|
+
* [puma-plugin-statsd](https://github.com/yob/puma-plugin-statsd) — send Puma metrics to statsd
|
281
|
+
* [puma-plugin-systemd](https://github.com/sj26/puma-plugin-systemd) — deeper integration with systemd for notify, status and watchdog
|
282
|
+
|
252
283
|
## Contributing
|
253
284
|
|
254
|
-
|
285
|
+
Find details for contributing in the [contribution guide].
|
255
286
|
|
256
|
-
|
257
|
-
$ bundle install
|
258
|
-
$ bundle exec rake
|
259
|
-
```
|
287
|
+
[contribution guide]: https://github.com/puma/puma/blob/master/CONTRIBUTING.md
|
260
288
|
|
261
289
|
## License
|
262
290
|
|
data/docs/architecture.md
CHANGED
@@ -20,6 +20,7 @@ Clustered mode is shown/discussed here. Single mode is analogous to having a sin
|
|
20
20
|
* By default, a single, separate thread is used to receive HTTP requests across the socket.
|
21
21
|
* When at least one worker thread is available for work, a connection is accepted and placed in this request buffer
|
22
22
|
* This thread waits for entire HTTP requests to be received over the connection
|
23
|
+
* The time spent waiting for the HTTP request body to be received is exposed to the Rack app as `env['puma.request_body_wait']` (milliseconds)
|
23
24
|
* Once received, the connection is pushed into the "todo" set
|
24
25
|
* Worker threads pop work off the "todo" set for processing
|
25
26
|
* The thread processes the request via the rack application (which generates the HTTP response)
|
data/docs/deployment.md
CHANGED
@@ -38,22 +38,42 @@ Here are some rules of thumb:
|
|
38
38
|
* As you grow more confident in the thread safety of your app, you can tune the
|
39
39
|
workers down and the threads up.
|
40
40
|
|
41
|
+
#### Ubuntu / Systemd (Systemctl) Installation
|
42
|
+
|
43
|
+
See [systemd.md](systemd.md)
|
44
|
+
|
41
45
|
#### Worker utilization
|
42
46
|
|
43
|
-
**How do you know if you'
|
47
|
+
**How do you know if you've got enough (or too many workers)?**
|
44
48
|
|
45
49
|
A good question. Due to MRI's GIL, only one thread can be executing Ruby code at a time.
|
46
50
|
But since so many apps are waiting on IO from DBs, etc., they can utilize threads
|
47
51
|
to make better use of the process.
|
48
52
|
|
49
53
|
The rule of thumb is you never want processes that are pegged all the time. This
|
50
|
-
means that there is more work to do
|
54
|
+
means that there is more work to do than the process can get through. On the other
|
51
55
|
hand, if you have processes that sit around doing nothing, then they're just eating
|
52
56
|
up resources.
|
53
57
|
|
54
|
-
|
58
|
+
Watch your CPU utilization over time and aim for about 70% on average. This means
|
55
59
|
you've got capacity still but aren't starving threads.
|
56
60
|
|
61
|
+
**Measuring utilization**
|
62
|
+
|
63
|
+
Using a timestamp header from an upstream proxy server (eg. nginx or haproxy), it's
|
64
|
+
possible to get an indication of how long requests have been waiting for a Puma
|
65
|
+
thread to become available.
|
66
|
+
|
67
|
+
* Have your upstream proxy set a header with the time it received the request:
|
68
|
+
* nginx: `proxy_set_header X-Request-Start "${msec}";`
|
69
|
+
* haproxy: `http-request set-header X-Request-Start "%t";`
|
70
|
+
* In your Rack middleware, determine the amount of time elapsed since `X-Request-Start`.
|
71
|
+
* To improve accuracy, you will want to subtract time spent waiting for slow clients:
|
72
|
+
* `env['puma.request_body_wait']` contains the number of milliseconds Puma spent
|
73
|
+
waiting for the client to send the request body.
|
74
|
+
* haproxy: `%Th` (TLS handshake time) and `%Ti` (idle time before request) can
|
75
|
+
can also be added as headers.
|
76
|
+
|
57
77
|
## Daemonizing
|
58
78
|
|
59
79
|
I prefer to not daemonize my servers and use something like `runit` or `upstart` to
|
@@ -62,7 +82,7 @@ makes it easy to figure out what is going on. Additionally, unlike `unicorn`,
|
|
62
82
|
puma does not require daemonization to do zero-downtime restarts.
|
63
83
|
|
64
84
|
I see people using daemonization because they start puma directly via capistrano
|
65
|
-
task and thus want it to live on past the `cap deploy`. To
|
85
|
+
task and thus want it to live on past the `cap deploy`. To these people I say:
|
66
86
|
You need to be using a process monitor. Nothing is making sure puma stays up in
|
67
87
|
this scenario! You're just waiting for something weird to happen, puma to die,
|
68
88
|
and to get paged at 3am. Do yourself a favor, at least the process monitoring
|
Binary file
|
Binary file
|
Binary file
|
data/docs/plugins.md
CHANGED
@@ -1,15 +1,22 @@
|
|
1
1
|
## Plugins
|
2
2
|
|
3
|
-
Puma 3.0 added support for plugins that can augment configuration and service
|
3
|
+
Puma 3.0 added support for plugins that can augment configuration and service
|
4
|
+
operations.
|
4
5
|
|
5
6
|
2 canonical plugins to look to aid in development of further plugins:
|
6
7
|
|
7
|
-
* [tmp\_restart](https://github.com/puma/puma/blob/master/lib/puma/plugin/tmp_restart.rb):
|
8
|
-
|
8
|
+
* [tmp\_restart](https://github.com/puma/puma/blob/master/lib/puma/plugin/tmp_restart.rb):
|
9
|
+
Restarts the server if the file `tmp/restart.txt` is touched
|
10
|
+
* [heroku](https://github.com/puma/puma-heroku/blob/master/lib/puma/plugin/heroku.rb):
|
11
|
+
Packages up the default configuration used by puma on Heroku
|
9
12
|
|
10
|
-
Plugins are activated in a puma configuration file (such as `config/puma.rb'`)
|
13
|
+
Plugins are activated in a puma configuration file (such as `config/puma.rb'`)
|
14
|
+
by adding `plugin "name"`, such as `plugin "heroku"`.
|
11
15
|
|
12
|
-
Plugins are activated based simply on path requirements so, activating the
|
16
|
+
Plugins are activated based simply on path requirements so, activating the
|
17
|
+
`heroku` plugin will simply be doing `require "puma/plugin/heroku"`. This
|
18
|
+
allows gems to provide multiple plugins (as well as unrelated gems to provide
|
19
|
+
puma plugins).
|
13
20
|
|
14
21
|
The `tmp_restart` plugin is bundled with puma, so it can always be used.
|
15
22
|
|
@@ -17,12 +24,15 @@ To use the `heroku` plugin, add `puma-heroku` to your Gemfile or install it.
|
|
17
24
|
|
18
25
|
### API
|
19
26
|
|
20
|
-
|
27
|
+
## Server-wide hooks
|
21
28
|
|
22
|
-
|
29
|
+
Plugins can use a couple of hooks at server level: `start` and `config`.
|
23
30
|
|
24
|
-
`
|
31
|
+
`start` runs when the server has started and allows the plugin to start other
|
32
|
+
functionality to augment puma.
|
25
33
|
|
26
|
-
|
34
|
+
`config` runs when the server is being configured and is passed a `Puma::DSL`
|
35
|
+
object that can be used to add additional configuration.
|
27
36
|
|
28
|
-
|
37
|
+
Any public methods in `Puma::Plugin` are the public API that any plugin may
|
38
|
+
use.
|
data/docs/restart.md
CHANGED
@@ -2,8 +2,8 @@
|
|
2
2
|
|
3
3
|
To perform a restart, there are 3 builtin mechanisms:
|
4
4
|
|
5
|
-
* Send the `puma` process the `SIGUSR2` signal
|
6
|
-
* Send the `puma` process the `SIGUSR1` signal (rolling restart, cluster mode only)
|
5
|
+
* Send the `puma` process the `SIGUSR2` signal (normal restart)
|
6
|
+
* Send the `puma` process the `SIGUSR1` signal (restart in phases (a "rolling restart"), cluster mode only)
|
7
7
|
* Use the status server and issue `/restart`
|
8
8
|
|
9
9
|
No code is shared between the current and restarted process, so it should be safe to issue a restart any place where you would manually stop Puma and start it again.
|
@@ -22,6 +22,8 @@ But again beware, upgrading an application sometimes involves upgrading the data
|
|
22
22
|
|
23
23
|
If you perform a lot of database migrations, you probably should not use phased restart and use a normal/hot restart instead (`pumactl restart`). That way, no code is shared while deploying (in that case, `preload_app!` might help for quicker deployment, see ["Clustered Mode" in the README](../README.md#clustered-mode)).
|
24
24
|
|
25
|
+
**Note**: Hot and phased restarts are only available on MRI, not on JRuby. They are also unavailable on Windows servers.
|
26
|
+
|
25
27
|
### Release Directory
|
26
28
|
|
27
29
|
If your symlink releases into a common working directory (i.e., `/current` from Capistrano), Puma won't pick up your new changes when running phased restarts without additional configuration. You should set your working directory within Puma's config to specify the directory it should use. This is a change from earlier versions of Puma (< 2.15) that would infer the directory for you.
|