openssl - Running Newer Ruby Version Next to Existing Ruby Version -
disclosure: know little ruby beyond basic code syntax. bear idiocy.
ruby 1.8's openssl library doesn't seem support tls 1.2. however, there apps running dependent on 1.8, want see if can run newer version of ruby concurrently on same system , set newer versions of same gems.
currently version 1.8 @ /usr/lib/ruby/1.8. ideally, i'd keep same structure , install newer version (not sure recent, stable version - whether it's 2.3.x or 2.4.x).
that said, not ruby admin. inherited server else decided ruby best way things, despite there being no other ruby experience within company, , left. know system admin stuff, don't know:
- how backwards-compatible ruby versions (e.g. app built against 1.8 run without major modifications on 2.4.1).
- how gems work / updated. can 2.4.1 use gems 1.8, or gems tied specific ruby versions? can there mix-and-match? there migration path of kind?
- how manage 2 different concurrent versions (how tell app use 1 version on other, or prevent existing apps automatically trying use new version , breaking if they're not compatible).
- any best install practices (i compile source, open suggestions).
- is possible update ruby's openssl library without updating whole ruby app? it's on openssl 0.9.8o, it's pretty behind times.
the server running debian 6.0.6 (i'm more familiar red hat , centos, though, hints on package management, etc... related issue welcomed).
- modern ruby has "matured" , become stable. upgrading
2.0.0
--> (the latest stable)2.4.1
quite easy. however, ruby went through period of major (necessary!) changes1.8
-->1.9
-->2.0
; part of upgrade may problematic. - gems installed within current ruby installation. example, have "ruby 1.8 version" of
cancan
. if update ruby version of application, need re-install gems (presumably viabundle install
) ruby version. migration path basically: comprehensive test suite possible; upgrade gems as possible within ruby version; update ruby version; fix tests and/or code if necessary; repeat. - use tool
rvm
orrbenv
install multiple concurrent ruby versions on 1 machine. - see point 3. don't need compile source.
- ruby 1.8 old. support dropped in 2013. application undoubtedly have huge list of outdated libraries now, sorts of security vulnerabilities -- that's happens when don't update 6+ years! security standpoint, not suggest trying find workaround 1 openssl issue , ignore larger problem here.
Comments
Post a Comment