Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to enable http/2 ? #17

Closed
JensvdHeydt opened this issue Nov 19, 2017 · 8 comments
Closed

How to enable http/2 ? #17

JensvdHeydt opened this issue Nov 19, 2017 · 8 comments
Assignees
@lmakarov
Labels
enhancement help wanted

Comments

@JensvdHeydt
Copy link

Is there an option or could you maybe add an environment variable to enable http/2 for SSL connections?
@lmakarov lmakarov self-assigned this Nov 20, 2017
@lmakarov
Copy link
Member

We do not currently have an option for this in place, so that's a feature request.
I wonder if having HTTP/2 enabled on the web server level (Apache, docksal/web images) would be also necessary.

@JensvdHeydt
Copy link
Author

JensvdHeydt commented Dec 22, 2017
edited
Loading

HTTP/2 needs an SSL connection and docksal/web doesn't use that protocol. So I'd assume it would be enough to have the proxy use ssl + http/2.
BUT: To have a fully working protocol the webserver (docksal/web for example) would have to use ssl as well.

@lmakarov
Copy link
Member

lmakarov commented Dec 22, 2017
edited
Loading

I did some googling, but did not find a solid answer on the downsides of terminating HTTP/2 at the proxy level.

Based on my understanding, the end user gets 2 out of 3 key benefits of HTTP/2 when it's terminated at the proxy level:

  • multiplexing - YES
  • header compression - YES
  • server push - NO

Server push would only be possible if the proxy caches responses from the origin OR if it talks to the origin over HTTP/2 and proxies pushes (not 100% positive on this one). In fact, Nginx doesn't even support server push with HTTP/2 yet (1, 2)

UPDATE: Server Push support was added in Nginx v1.13.9 (released February 20, 2018)
https://www.nginx.com/blog/nginx-1-13-9-http2-server-push/

I think terminating HTTP/2 a the proxy level should be fine, especially since we are already terminating TLS there.

Resources:

@JensvdHeydt
Copy link
Author

Sounds great! Thanks for this very good/detailed answer!

So would it be enough to include a boolean configuration flag that set the http2-flag in the nginx-configuration of the proxy?

@JensvdHeydt
Copy link
Author

Any news on this subject?

@lmakarov
Copy link
Member

@JensvdHeydt no, sorry. This has not been a priority. Feel free to submit a PR, to get the ball rolling :)

lmakarov added a commit that referenced this issue Mar 6, 2018
@lmakarov
HTTP/2 support. Fixes #17
730561d
lmakarov added a commit that referenced this issue Mar 8, 2018
@lmakarov
Fixing HTTP/2 tests (#17)
5f8ecf1
@lmakarov
Copy link
Member

lmakarov commented Mar 8, 2018

This is now available in the edge image version: docksa/vhost-proxy:edge and will be release in the next release (by the end of month).

To try this out, reset vhost-proxy like this:

IMAGE_VHOST_PROXY=docksal/vhost-proxy:edge fin reset proxy

or (if using the latest develop version of Docksal):

IMAGE_VHOST_PROXY=docksal/vhost-proxy:edge fin system reset vhost-proxy

@lmakarov
Copy link
Member

Server Push support was added in Nginx v1.13.9 (released February 20, 2018)
https://www.nginx.com/blog/nginx-1-13-9-http2-server-push/

@lmakarov lmakarov mentioned this issue Mar 15, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lmakarov lmakarov

Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lmakarov @JensvdHeydt