Production Rails

🚀 Best practices for running Rails in production

This guide covers different concepts you should be familiar with. Recommendations come from personal experience and work at Instacart. A few of the open source projects are ones I’ve created. For a comprehensive list of gems, check out Awesome Ruby.

Security

Everyone writing code must be responsible for security. Best practices

Errors

Use an error reporting service like Rollbar.

Use Safely to rescue and report exceptions in non-critical code.

Logging

Use a centralized logging service like LogDNA.

Use Lograge to reduce volume. Configure it to add request_id, user_id, and params.

# config/environments/production.rb
config.lograge.enabled = true
config.lograge.custom_options = lambda do |event|
  options = event.payload.slice(:request_id, :user_id)
  options[:params] = event.payload[:params].except("controller", "action")
  options
end

# app/controllers/application_controller.rb
def append_info_to_payload(payload)
  super
  payload[:request_id] = request.uuid
  payload[:user_id] = current_user.id if current_user
end

Audits

Use an auditing library like Audited.

Migrations

Use Strong Migrations to catch unsafe migrations at dev time.

Web Requests

There are two important metrics to track for web servers.

Use a high performance web server like Puma.

Use Rack::Deflater for compression.

Use a CDN like Amazon CloudFront to serve assets.

Use Slowpoke for request timeouts.

Background Jobs

Use a high performance background processing framework like Sidekiq with ActiveJob.

config.active_job.queue_adapter = :sidekiq

Use ActiveJob::TrafficControl to:

• quickly disable jobs
• throttle
• limit concurrency

BadJob.disable!

Email

For transactional emails, use an email delivery service like SendGrid.

For marketing emails, use a service like MailChimp.

For styling, use a CSS inliner like Roadie.

class ApplicationMailer < ActionMailer::Base
  include Roadie::Rails::Automatic
end

Add UTM parameters to links.

Caching and Performance

Use Memcached and Dalli for caching.

config.cache_store = :dalli_store

Use a library like Memoist for memoizing.

memoize :time_consuming_method

Add Oj to speed up JSON parsing.

Monitoring

• Use an uptime monitoring service like Pingdom or Uptime Robot - monitor web servers, background jobs, and scheduled tasks
• Use a performance monitoring service like New Relic or AppSignal
• If you use Postgres, PgHero can help identify issues
• Use Marginalia to track the origin of SQL queries

What to Monitor

Web Requests

• requests by action - total time, count
• queue time - X-Request-Start header

Background Jobs and Rake Tasks

• jobs by type - total time, count

Data Stores - Database, Elasticsearch, Redis

• requests by type - total time, count
• CPU usage
• space

External Services

• requests by type - total time, count

Notable Events

Use Notable to track notable requests and background jobs.

• errors
• slow requests, jobs, and timeouts
• 404s
• validation failures
• CSRF failures
• unpermitted parameters
• blocked and throttled requests

Timeouts

Add timeouts.

One very important place is ActiveRecord. Add to config/database.yml and adjust as needed.

PostgreSQL

production:
  connect_timeout: 1
  checkout_timeout: 5
  variables:
    statement_timeout: 5000 # ms

MySQL and MariaDB

production:
  connect_timeout: 1
  read_timeout: 1
  write_timeout: 1
  checkout_timeout: 5
  variables:
    max_execution_time: 5000 # ms, for MySQL 5.7.8 or higher
    max_statement_time: 5 # sec, for MariaDB 10.1.1 or higher

Analytics

Use an analytics service like Google Analytics or Mixpanel.

And possibly an open source library like Ahoy.

New Features

Use a feature flipper library like Rollout to easily enable and disable new features without pushing code.

Lastly...

Have suggestions? Help make this guide better for everyone.

Also check out best practices for developing with Rails.

If you use Heroku, check out Rails on Heroku.