Hacker Newsnew | comments | show | ask | jobs | submit login

Passenger runs in Nginx. The architecture is very similar to plugging Node.js apps to Nginx, except now all that plugging is taken care for you. There are also a bunch of features that you get compared to straight reverse proxying with Nginx. From https://github.com/phusion/passenger/wiki/Node.js (that document is slightly outdated because of recently developments, we're updating it):

* Multitenancy - Run multiple Node.js applications on a single server easily and without hassle. With vanilla Node, you have to remember where your ports are configure Nginx reverse proxies. With Phusion Passenger, you create a virtual host, set `passenger_enabled on`, and you're done.

* Process management and supervision - Node.js processes are automatically started, and automatically restarted when they crash.

* Statistics and insight - Phusion Passenger provides tools for inspecting the applications' status, such what requests they're currently processing, how many requests they've processed.

* Scaling - Based on current traffic, Phusion Passenger can spawn more Node.js processes, or spin down some existing Node.js processes.

* Load balancing - Phusion Passenger automatically load balances traffic across Node.js process. The load balancing mechanism utilizes a smart "first-available" selection algorithm to avoid problems caused by slow requests. Nginx's proxy balancer does not do this by default.

* I/O security - Node.js is automatically put behind a buffering web server, such as Apache or Nginx, which preprocesses and postprocesses HTTP requests and responses. This protects the Node.js app against slow-client attacks such as Slowloris. It also provides a secure environment which sanitizes HTTP headers, to protect against vulnerabilities in the app's HTTP parser.

* System security - Node.js processes are automatically started as the user which owns the app. This allows the OS to separate their privileges, so that a vulnerability in one app does not affect another.

* Static file acceleration - Static files are directly served by the web server (Apache/Nginx), not by Node.js. This offloads the Node.js application from handling those things.

* System integration and less moving parts - Phusion Passenger fully integrates Node.js with the web server (Apache/Nginx), so that in most cases the administrator only has to deal with the web server and with centralized Phusion Passenger management tools, instead of dealing with each app individually. Note that the integration we talk about here pertains to usability only. Under the hood, each Node.js application is still its own OS process, and does not run in the web server's address space.

So, this is only really better than straight up nginx if you were to put more than one application behind it, for some reason?


If you're an app guy, I can understand why you look at it like that. App guys tend to trust software/solutions they write themselves. Any excess (features you don't need) is seen as opportunities for optimization. My background is more on the sysadmin side, and I think that's why I lean heavily toward Passenger in all my Ruby/Rack deployments, despite the availability of hip new app servers available for Ruby apps.

The thing that Passenger does exceedingly well is deliver a toolchain that sysadmins will love. FooBarWidget's list is very good. Even if you're single-tenant, Passenger's process management and supervision has worked wonderfully for me. Toolchain, toolchain, toolchain! Passenger comes with utilities like passenger-status and passenger-memory-stats. You can, at a glance, see things like how much memory (true, RSS) an app process is using, or what your queues look like.

Another distinction is completeness of the solution. With a lot of other app server solutions, hashing out the finer details are up to you. I don't have any experience with Node.js, but with the other Ruby app servers I've tried, you're responsible for things like finding/writing your own init script and process supervision.

Can I write an init script? Yes. Will it fail to cover an edge case that I haven't thought of yet? Probably. How well will it be written? About as well as I have time for at the time I write it. Could I find one online? Sure. How well is it written? Well, it seems popular. Is it maintained? Uh... How will I track updates? Uuuuuuh...

I don't need the deep level of customization provided by the roll-your-own solution. The folks at Passenger are really, really smart, and I'm humble. I'd rather leverage their domain expertise than to try and be a master of all things. My time is also valuable. If I accept that the Passenger solution is well engineered and provides additional value (see their list above), what value will I derive from [rolling my own|an alternative] solution? If I can't come up with a clear answer to that question, I stick with Passenger.


No. For example "Process management and supervision", "Scaling" and "Statistics and insight" are extra features that you get by using Phusion Passenger. You can't do those easily with just Node + Nginx.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact