Unicorn vs Passenger
Unicorn and Passenger are both application servers that support Ruby. Although they share similar basic features, there are large differences in how they approach usage, and large differences in technical decisions and trade-offs.
Passenger takes a more holistic approach, and is more like a total, seamless and integrated solution. It requires less system administration knowledge, is easier to setup and requires less human management.
Unicorn acts more like a specialized component that you have to integrate in a larger system. Using Unicorn requires more system administration knowledge and skills.
Both Unicorn and Passenger can be scaled easily, through the use of HTTP load balancing tools and reverse proxies such as HAProxy and Nginx. Both of them support both inter-server scalability (scaling to multiple servers) as well as intra-server scalability (scaling within a server, on the process level). Both support spawning arbitrary number of processes to support concurrency scenarios.
Both Unicorn, as well as the open source variant of Phusion Passenger, are multi-process single-threaded. The Enterprise variant can be configured to be either single-threaded or multithreaded.
Multithreading allows less memory usage and provides higher concurrency than multi-process single-threading. Multithreading is especially suitable for applications that require high I/O concurrency, e.g. applications that perform a lot of HTTP API calls or otherwise block on I/O, or applications which serve WebSockets.
Phusion Passenger Enterprise can be hybrid multi-process multi-threaded. That is, running multiple multithreaded processes. Hybrid mode allows Ruby and Python, which despite having a Global Interpreter Lock, to fully utilize all CPU cores.[1]
[1] Only the case on MRI, not on JRuby and Rubinius. JRuby and Rubinius fully support multi-core threads in a single process.
As of version 5.x, the Passenger HTTP engine has been rewritten from the ground up for performance. Passenger's core is written in hand-optimized C++ and uses many low-level techniques to squeeze every bit of performance out of it. Some of the techniques used in Passenger 5 include:
- High-performance HTTP parsing and event handling
- A hybrid evented/multithreaded I/O handling model
- An advanced zero-copy architecture, with the goal of minimizing memory latencies
- Avoiding slow dynamic memory allocation operations
- Optimized hash tables
- Turbocaching: a builtin high-performance HTTP cache for burst requests
The result is that Passenger is up to 4x faster than Unicorn in the best case, and about as fast as Unicorn in the worst case.
Unicorn tries its best to be as fast as possible, but is limited by the fact that it is written in Ruby. Unicorn also provides less guidance on tweaking and optimization, while Passenger does by providing a detailed optimization guide to help you squeeze every last bit of performance out of your application.
Phusion Passenger has a builtin security sandboxing feature. Sandboxing allows one to run different applications in different sandboxes, so that if one application has a security vulnerability, its damage has a lower chance of spreading to other applications on the same system. This implemented by using operating system user account privilege separation features.
Unicorn does not provide any builtin sandbox features. It is possible to run Unicorn in a sandbox, but that is something the system administrator has to manually setup.
Unicorn also lacks certain I/O safety features. In particular, Unicorn cannot be safely exposed to "slow clients", and must therefore be installed behind a buffering reverse proxy, e.g. Nginx. This is by design, which is why Unicorn is only ever used together with Nginx, and cannot be directly exposed to the Internet by itself. It is a sound design decision, and when setup correctly, I/O safety is excellent. However it does mean that it requires more setup on part of the system administrator.
Phusion Passenger has I/O safety features built in, and does not require extra integration with a buffering reverse proxy. Phusion Passenger in its Standalone mode can also be directly exposed to the Internet, so that it can be used with minimal setup time.
Phusion Passenger is designed for multitenant (multi-app) deployment by default. This shows in both usage and the management tools. With a single Phusion Passenger install, you can easily deploy multiple apps. With a single set of management tools, you can manage all your apps.
With Unicorn, you have to manage each app individually.
Unicorn provides some management tools which allow you to stop or restart Unicorn and to query its status. The tooling is minimalistic, and provides limited information, though the information that is available is very useful.
Phusion Passenger provides management tools that provide much more insight. Phusion Passenger allows you to stop, restart and to query its status through command line tools like passenger-status, passenger-config, passenger-memory-stats. These tools are regular command line tools, and their access can be controlled through sudo, which is a very Unix way of doing things. These tools display everything Unicorn's tools display, plus the exact requests that are currently running, how long they've been running, the application's CPU and memory usage, etc.
The open source version provides tools for debugging stuck applications by displaying all threads' backtraces, while Unicorn does not appear to have such functionality. Phusion Passenger Enterprise provides a live IRB console that you can attach to any live, running process for inspection. It also provides ruby-debug integration that you can use even in multi-process mode. In Unicorn, the debugger is only available in non-clustered mode.
Unicorn's documentation consists of a number of short documents on the Unicorn website. Its documentation is short, clear and concise. For the most part, the Unicorn documentation assumes that the user is already familiar with the Apache or Nginx, and provides no further documentation on the usage of the web server. The documentation requires deep system administration knowledge to understand.
Passenger provides an extensive library of documentation. It documents everything from installation, management, administration and troubleshooting to scaling and optimization. There exist appendices and documents which describe the internals in detail, e.g. the Architectural Overview. There is also a detailed reference for all possible Passenger configuration options. The documentation tries to appeal to both novices (those who are neither familiar with Apache/Nginx, nor with Ruby, or even Unix system administration) as well as advanced users. This is, for example, shown in the deployment walkthrough.
Phusion Passenger is a polyglot, multi-application server. It supports Python, Node.js and Meteor. Unicorn is Ruby-only.
Unicorn does not support JRuby and Rubinius, while Phusion Passenger does.
Neither Unicorn nor Phusion Passenger support Windows. Both of them require a Unix OS.