DEPLOY FAQ HACKING LICENSE NEWS README SIGNALS Sandbox Static_Files Summary TUNING Test_Suite rainbows_1 vs_Unicorn
Rainbows ActorSpawn AppPool Base Configurator Coolio CoolioThreadPool CoolioThreadSpawn DevFdResponse Epoll EventMachine FiberPool FiberSpawn MaxBody NeverBlock Rev RevFiberSpawn RevThreadPool RevThreadSpawn Revactor Sendfile ServerToken StreamResponseEpoll ThreadPool ThreadSpawn ThreadTimeout WriterThreadPool WriterThreadSpawn XEpoll XEpollThreadPool XEpollThreadSpawn

Deploying Rainbows!

Rainbows! only

For the daring, you should consider deploying Rainbows! in a standalone configuration. This will be more highly recommended as Rainbows! stabilizes, especially if static file performance improves (or you don't need them).

You will need to do this to support things like BOSH or do real-time processing of the request body as it is being uploaded.

In this case, haproxy or any similar (non-request-body-buffering) load balancer should be used to balance requests between different machines.

nginx proxying to Rainbows! or unicorn

For high-traffic applications, routing slow actions to Rainbows! with nginx is recommended as nginx can serve static files faster and nginx can forward fast actions to unicorn.

    static files
nginx |--> slow actions --> Rainbows!
      `--> fast actions --> unicorn

Be sure to set proxy_buffering off in nginx for "slow actions" if you have Comet applications (but not for unicorn).

Denial-of-Service Concerns

Since Rainbows! is designed to talk to slow clients with long-held connections, it may be subject to brute force denial-of-service attacks. In unicorn and Mongrel, we've already enabled the "httpready" accept filter for FreeBSD and the TCP_DEFER_ACCEPT option in Linux; but it is still possible to build clients that work around and fool these mechanisms.

Rainbows! itself does not feature any explicit protection against brute force denial-of-service attacks. We believe this is best handled by dedicated firewalls provided by the operating system.

mail archives:
public: / private: