Technology
The Engine Yard Rails Application Cloud platform is architected to be the most reliable, most stable and fastest Ruby on Rails platform available.
Technology Stack
The Engine Yard Technology Stack is a standardized Ruby on Rails web application framework stack, designed and optimized for business-critical Ruby on Rails application development. The stack has been refined over the past three years by our team of leading Ruby on Rails contributors, expert cluster engineers and seasoned DBAs for web server performance, database efficiency and long-term scalability. The team continues to test and fully integrate each new component and component update to provide reliability, security and compatibility within the stack.
Engine Yard Technology Stack
Our stack is continually expanding. This version is correct as of January 19th, 2010.
| Category | Component | Engine Yard Recommends | Cloud Support | Private Cloud Support |
Versions to avoid
and other comments |
|---|---|---|---|---|---|
| Ruby Interpreters | MRI | 1.8.6.p383 | 1.8.6.p287 (patched) |
1.8.6.p383
1.8.7.p174 |
1.8.5 and below, 1.8.6.p369 and below, 1.8.7.p171 and below, (multiple vulnerabilities)
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ruby 1.9.1 is not supported although we anticipate offering experimental support for Ruby 1.9.2 when it ships |
| JRuby/JVM | — | 1.3.12 JDK 1.6u16 |
1.3.12 JDK 1.6u16 |
JRuby support in Beta Status | |
| REE | — | — | 1.8.72 | REE Support in Beta Status | |
| Frameworks | Rails | 2.3.5 |
2.3.5
2.3.4 2.3.3 2.3.2 2.2.2 2.1.2 2.0.1→52 1.2.0→52 1.1.0→62 |
2.3.5
2.3.4 2.3.3 2.3.2 2.2.2 2.1.2 2.0.1→52 1.2.0→52 1.1.0→62 |
2.3.3 and below must apply a
patch for a cross-site scripting vulnerability
2.3.2 and below (multiple vulnerabilities) http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=rails http://groups.google.com/group/rubyonrails-security/browse_thread/thread/20e17a978d2ccbd3?hl=en |
| Merb | 1.0.12 | 1.0.12 | 1.0.12 |
Avoid 1.0.11 and below (vulnerability in json_pure)
Engine Yard recommends latest release of 1.0 line with latest bug fixes |
|
| Web/App | nginx |
0.6.35-r25
(patched) |
0.6.35-r25
(patched) |
0.6.35-r25
0.5.37 (patched) |
0.6.38 and below must apply several security patches |
| mongrel | 1.1.5.1 | 1.1.5.1 | 1.1.5.1 |
1.1.3 and below (multiple vulnerabilities)
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6612 |
|
| unicorn | 0.96.01 | 0.96.01 | 0.96.01 | Unicorn support is in beta status | |
| haproxy | 1.3.15.10 | 1.3.15.10 | 1.3.15.x | ||
| nginx/psgr | 0.6.35/2.2.8 | 0.6.35/2.2.8 | 0.6.35/2.2.8 |
Passenger 2.2.3 (memory leak issues)
nginx must apply several security patches |
|
| rack | 1.0.1 |
1.0.1
0.9.12 |
1.0.x |
All versions prior to 0.9.1 (vulnerability)
http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-talk/324389 |
|
| Databases | MySQL | 5.0.77 | 5.0.51 |
5.0.77
5.0.51 5.0.45 5.1.381 |
5.1 before 5.1.34 (multiple vulnerabilities)
5.0 before 5.0.45 (multiple vulnerabilities) http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=mysql 5.1 experimental support on dedicated databases on private cloud |
| Postgres | 8.3.7 | — |
8.2.13+
8.3.7+ 8.4.11 |
All 8.2.x versions prior to 8.2.13, all 8.3.x versions prior to 8.3.7
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=postgresql 8.4 experimental support on dedicated databases on private cloud |
|
| Caches & Stores | memcached | 1.4.1 |
1.4.1
1.2.6 |
1.4.1
1.2.6 |
|
|
Tokyo1
..Cabinet ..Tyrant ..Dystopia |
1.4.33 1.1.34 0.9.13 |
1.4.x 1.1.x 0.9.x |
Must be properly tuned for large datasets | ||
| Redis | 1.01 | 1.011 | 1.011 | Recommend against the use of very large data sets with Redis 1.0 | |
| OS | Gentoo | EY Portage | EY Portage | EY Portage | |
| Background Job Processor | delayed_job | 1.8.4 | 1.8.4 | 1.8.4 |
We recommend use of the latest versions
We recommend against use of BackgroundRB |
| BackgroundJob | 1.0.1 | 1.0.1 | 1.0.1 | ||
| resque | — | 1.1.01 | 1.1.01 | ||
| Search |
Sphinx
(+Thinking Sphinx) |
0.9.9 | — | 0.9.9 | |
| AVOID | awstats | N/A | — | — | awstats is no longer supported within any Engine Yard environment. We recommend use of Google Analytics in its stead. |
| Ferret | N/A | — | — | Engine Yard recommends against use of any version of Ferret | |
| Juggernaut | N/A | — | — | Engine Yard recommends against the use of any version of Juggernaut. | |
| WordPress | N/A | — | — | Engine Yard recommends use of a specialist WordPress hosting service for WordPress installations | |
1 These components are designated "experimental" for support purposes and are there for you to test and experiment with, but Engine Yard does not expect you to use these components in a production environment. If you encounter issues with an "experimental component", Engine Yard is interested in any feedback you are willing to share. Please submit a support request through the normal access methods. Engine Yard cannot, however, commit to troubleshoot, provide workarounds or provide fixes for these "experimental components", and there is no SLA offered when experimental components are used in production. Experimental components are listed for the purposes of displaying what components are in the pipeline toward fully supported status. But there is no guarantee that these components will, in fact, be supported at any future date—in many cases, our evaluation of experimental components result in a decision not to support the component.
2 These version numbers are not covered by Engine Yard Support, although these versions may be installable from the user interface.
This listing is not exhaustive, but covers the essential components of the Engine Yard Stack. We also support the installation and configuration of other commonly used components such as solr but we do not provide in depth expertise in these components, not does the Engine Yard SLA apply when these components are used.