Production Rails
Best practices for running Rails in production.
In the interest of transparency, ๐ indicates one of my gems.
Security
Everyone writing code must be responsible for security. Best practices
Analytics
Use an analytics service like Google Analytics or Mixpanel.
And possibly an open source library like Ahoy. ๐
Logging
Use Lograge.
gem 'lograge'
Add the following to config/environments/production.rb
.
config.lograge.enabled = true
config.lograge.custom_options = lambda do |event|
options = event.payload.slice(:request_id, :user_id, :visit_id)
options[:params] = event.payload[:params].except("controller", "action")
options
end
Add the following to app/controllers/application_controller.rb
.
def append_info_to_payload(payload)
super
payload[:request_id] = request.uuid
payload[:user_id] = current_user.id if current_user
payload[:visit_id] = ahoy.visit_id # if you use Ahoy
end
Audits
Use an auditing library like Audited.
Errors
Use an error reporting service like Rollbar.
Use Safely to rescue and report exceptions in non-critical code. ๐
Monitoring
- There are two important metrics to track for web servers
- Use an uptime monitoring service like Pingdom or Uptime Robot - monitor web servers, background jobs, and scheduled tasks
- Use a performance monitoring service like New Relic or AppSignal
- If you use Postgres, PgHero can help identify issues ๐
- Use Marginalia to track the origin of SQL queries
What to Monitor
Web Requests
- requests by action - total time, count
- queue time - X-Request-Start header
Background Jobs and Rake Tasks
- jobs by type - total time, count
Data Stores - Database, Elasticsearch, Redis
- requests by type - total time, count
- CPU usage
- space
External Services
- requests by type - total time, count
Notable Events
Use Notable to track notable requests and background jobs. ๐
- errors
- slow requests, jobs, and timeouts
- 404s
- validation failures
- CSRF failures
- unpermitted parameters
- blocked and throttled requests
Timeouts
Add them to:
- web requests
- database connections
- and more
Performance
- Use a high performance web server like Puma
- Use Rack::Deflater for compression
- Add Oj to speed up JSON parsing
- Use Memcached for caching
- Use a CDN like Amazon CloudFront to serve assets
New Features
Use a feature flipper library like Rollout to easily enable and disable new features without pushing code.
Migrations
Read this. Use Strong Migrations to catch unsafe migrations at dev time. ๐
Lastly...
Have suggestions? Help make this guide better for everyone.
Also check out best practices for developing with Rails.
If you use Heroku, check out Rails on Heroku.