litany against fear

coding with spice ¤ by nick quaranto

Introduction to Mongrel Notes

published 18 Nov 2008

Part of my series of notes from the Professional Ruby Conference. See them all here.

This talk is from Matt Pelletier from Eastmedia.

It’s a HTTP server written in pure Ruby. History…other solutions were SLOW! FCGI, WEBrick, mod_ruby sucked. Translation into CGI just slowed everything down. Zed Shaw decides to just write a full HTTP server. Fast, light, plays well with other servers, very configurable and flexible.

Huge design goal was SECURITY. Most security holes were the fault of human oversight, crappy hand-written parsers, HTTP spec doesn’t limit sizes. He decided to implement security by putting caps on a lot of the request parameters.

Production environments: Rails isn’t thread-safe, but processes are cheap. Use mongrel_cluster to configure. DON’T use it for SSL. (There were some other no’s too, but it went too fast) How many mongrels? Depends on your app. There’s simple ways to calculate and forecast how many your app will need depending on load and other factors.

Mongrel is thread-safe and is faster than Rails itself! There are plenty of other web servers available to…Swiftiply, Thin, Passenger.

code (2) gaming (3) git (9) internet (5) prorubyconf (25) railsconf (17) ruby (10) windows (3)