Engine Yard Developer Center

Engine Yard Release Updates October 2013

The updates described are either important (where you need to take action) or of interest (you might want to know about these changes but you don't need to do anything).

Security Hotfix: RubyGems security vulnerability

October 30th, 2013

Action: We recommend you test this hotfix in your staging environment as soon as possible; then, when that is validated, click the Upgrade button for your production environment.

We fixed the RubyGems security vulnerability with today's stack upgrade.

See the documentation for instructions on how to apply the changes to your Ruby environments.

Note: This hotfix applies to all Engine Yard Gentoo stacks (stable-v2, stable-v3, stable-v4).

Security Hotfix: Node.js DoS vulnerability

October 30th, 2013

Action: We recommend you test this hotfix in your staging environment as soon as possible; then, when that is validated, click the Upgrade button for your production environment.

We fixed the Node.js security vulnerability with today's stack upgrade.

See the documentation for instructions on how to apply the changes to your Node.js environments.

Note: This hotfix applies to the Engine Yard Gentoo (stable-v2) stack only.

Minor: Engine Yard Gentoo stack upgrade

October 24th, 2013

Action: You automatically apply these changes the next time you click the Upgrade button for your environment.

Note: For clarity, since we now have 2 Gentoo stacks, we refer to this stack as the "Engine Yard Gentoo" stack. You can access it by using the Stack select field in the Environment UI:

stack_stable-v2.png

It's best practice to upgrade your Engine Yard Gentoo (stable-v2) stack regularly for the latest security and product updates. This week's updates:

  • Allows Unicorn workers to be hard-restarted on deploy for apps that cannot handle the rolling restart.

    To enable this for your app, create a /data/APPNAME/shared/config/disable_unicorn_graceful_restart file; content of file doesn't matter.

  • Fixes install issue with Passenger 2 app server due to Nginx version mismatch.

Minor: Engine Yard Gentoo 12.11 stack upgrade

October 24th, 2013

Action: You automatically apply these changes the next time you click the Upgrade button for your Engine Yard Gentoo 12.11 environment.

Note: For clarity, since we now have 2 Gentoo stacks, we refer to this stack as the "Engine Yard Gentoo 12.11" stack. You can access it by using the Stack select field in the Environment UI:

stack_stable-v4.png 

It's best practice to upgrade your Engine Yard Gentoo 12.11 (stable-v4) stack regularly for the latest security and product updates. This week's updates:

  • Fixes issue with Nginx log rotation.
  • Stops Nginx from running on non-application instances.

    Important: Contact Engine Yard Support if you have intentionally turned on Nginx for utility or database instances before upgrading to this release.

  • Allows Unicorn workers to be hard-restarted on deploy for apps that cannot handle the rolling restart.

    To enable this for your app, create a /data/APPNAME/shared/config/disable_unicorn_graceful_restart file; content of file doesn't matter.

  • Fixes issue with New Relic add-on detection and configuration.

For more information on Engine Yard Gentoo 12.11, see the Engine Yard Gentoo 12.11 docs.

Limited Access: Java on Engine Yard

October 17th, 2013

Action: This is a Limited Access release. No action required.

We are delighted to announce that Engine Yard is adding support for running Java apps in the cloud, in addition to Ruby, PHP and Node.js apps. Developers will be able to deploy Java apps and services on an Engine Yard-curated stack, with component choices for JVM, application server, load balancer and database running on an Ubuntu­-based (12.04 LTS) Linux distribution.

Our documentation will help you to deploy your first Java application on Engine Yard. If you have feature requests or questions, add them to the forums.

Today we are releasing in Limited Access. In the very near future, we'll make it more widely available in Early Access.

For more information, see our blog or contact Engine Yard Support.

Minor: Engine Yard Gentoo 12.11 stack upgrade

October 8th, 2013

Action: You automatically apply these changes the next time you click the Upgrade button for your Engine Yard Gentoo 12.11 environment.

Note: For clarity, since we now have 2 GA stacks, we refer to this stack as the "Engine Yard Gentoo 12.11" stack. You can access it by using the Stack select field in the Environment UI:

stack_stable-v4.png 

It's best practice to upgrade your Engine Yard Gentoo 12.11 (stable-v4) stack regularly for the latest security and product updates. This week's updates:

  • Bumps PHP version to 5.4.20, which provides minor security updates and adds PHP Tidy module.
  • Adds Early Access support for Rubinius 2.0.0-RC2 on this stack; uses Ruby language mode 1.8 and 1.9.

For more information on Engine Yard Gentoo 12.11, see the Engine Yard Gentoo 12.11 docs.

General Availability: Engine Yard Gem 2.3.0

October 2nd, 2013

Action: Try the 2.3.0 gem in a staging environment before you deploy to production.

Check out Martin Emde's Deploying with engineyard 2.3 blog for the full details.

This gem release includes:

  • New command ey init writes or updates an ey.yml configuration file to help users understand all the ey.yml options.
    • ey init is recommended for all applications to provide extra documentation in ey.yml.
  • New command ey servers -e env shows servers for a specified environment in a machine/user readable format.
  • ey ssh accepts new options -t and –each. Experimental option -L is also supported.
  • Default migrate command is now rake db:migrate --trace.
  • Uses newest version of engineyard-serverside 2.3.1:
    • Fixes symlinks to shared/config that incorrectly linked to nested resources due to find maxdepth.
    • Adds --no-dev and --optimize-autoloader to default composer install command.
    • Supports new ey.yml options: bundler, composer, and npm which can be set to true or false to enable or disable each dependency manager.
    • Supports experimental ey.yml option: restart_groups: n. When set to a number n greater than 1, app servers are divided into n groups and each group is restarted serially.
    • Aborts rollbacks if unexpected files are found in the /data/app/releases/ directory because they disrupt the ability to find the previous and latest releases.
    • If you use eydeploy.rb files, please be aware that there are some changes including:
      • Internal: Accepts flags for git and archive strategies (--git and --archive) that are passed a URI.
      • Internal: Changes the name of the Strategy class to Source.

More information: The Engine Yard blog provides background information about the 2.x gem.


If you have feedback or questions about this page, add a comment below. If you need help, submit a ticket with Engine Yard Support.

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments

Please sign in to leave a comment.

Powered by Zendesk