If you aren’t already familiar, Phusion Passenger is a mature, performant, and secure web application server. It has broad support for a number of application platforms, from Ruby (Rack) to Python, Node.js, Meteor, and more. I have evaluated and used other application servers in varying workloads, but Passenger has consistently been the most reliable, performant, and feature rich offering available.
In this article, I aim to demonstrate how to pair Phusion Passenger’s built in administration tools with AWS CloudWatch to monitor your application server’s active instance pool over time, as well as the critical “request queue”, which anyone running Phusion Passenger in production should keep an eye on (more on that in a future blog post).
Phusion Passenger offers a rich administration API, accessed via HTTP requests made to the locally running instance process listening on a dynamically generated port. These HTTP requests require authentication, which is handled using HTTP basic auth, with credentials provided by the passenger Ruby gem. I’m using v5.1.8 in this example.
In short, we
Load the Passenger Ruby libraries, including the AdminTools module.
Use the AdminTools::InstanceRegistry to get an Array of all locally running Passenger instances.
For our selected instance, call the Agent Core API /pools.txt endpoint, to return the formatted instance status data.
Use regex to extract our important metrics.
Report those metrics to AWS CloudWatch, using our Instance ID (gathered via the EC2 metadata service) as our key dimension.
This Ruby script is a working demonstration of this process, which will work on a EC2 instance with the aws-sdk and passenger gems installed, however you manage your dependencies (probably Bundler). This same logic can be implemented in any language that supports these libraries, however.
This script should probably be invoked in some sort of scheduled manner (probably cron) to provide continuous reporting of metrics. However you execute this script, the executing user must have user permissions or group membership in line with those running the Passenger process itself, as global read permissions are denied for a number of important files.