Test version of HTTP / 2 module for NGINX published
- Transfer
Introduced an alpha version of the patch that provides HTTP / 2 support for NGINX. NGINX version 1.9.0 or later is required for this patch. Full support for the HTTP / 2 protocol for commercial and non-commercial NGINX versions is planned by the end of this year. Feedback can be sent to the nginx-devel mailing list .
Since the patch is an alpha version, it is not recommended to use it in work projects. If you want to use the features of HTTP / 2 for work sites, you should pay attention to NGINX version 1.5.10 and newer, which implements full support for the protocol SPDY / 3.1. As the predecessor of HTTP / 2, SPDY has the same advantages as HTTP / 2, but at the same time has wider support among current browser versions.
HTTP / 2 is a new protocol, so there are some concerns and misunderstandings associated with it. One of the main concerns is that the implementation of HTTP / 2 requires a change in the architecture of the entire application. This fear and many others related to HTTP / 2 are groundless. In fact, for applications using NGINX, HTTP / 2 support is implemented with minor architecture changes.
To facilitate the transition to the new protocol, NGINX acts as an “HTTP / 2 gateway”. On the client side, NGINX communicates with browsers via HTTP / 2 (if the browser supports HTTP / 2), and on the server side through HTTP / 1.x (or FastCGI, uwsgi, SCGI) as before. Between the client and the backend, NGINX converts HTTP / 2 to HTTP / 1.x (or FastCGI, etc.). In other words, servers and applications proxied through NGINX do not require changes to migrate to HTTP / 2. The only necessary change to existing HTTPS configurations is to add the http2 parameter to the listen directives (the ssl parameter is also needed):
As of June 2015, more than 50% of users use browsers with HTTP / 2 support. In other words, the implementation of HTTP / 2 by browsers is quite high and will increase over time. NGINX uses Application Layer Protocol Negotiation ( ALPN ), which is an extension of TLS, for both HTTP / 1.x and HTTP / 2 to work simultaneously . When the browser connects to the server, a list of supported protocols is sent. If the list contains h2, then NGINX uses HTTP / 2 to connect. If the browser does not support ALPN or the list of supported protocols does not contain h2, then NGINX will use HTTP / 1.x.
As you might have guessed, some optimizations for HTTP / 1.x are now antipatterns for HTTP / 2. Optimizations such as using sprites, combining or inlining images, and also sharing resources between domains that helped with using HTTP / 1.x are no longer needed with HTTP / 2. Of course, you can implement HTTP / 2 using these optimizations, but we strongly recommend that you get rid of them to increase performance.
To enable HTTP / 2 support, add the ssl and http2 parameters to the listen directives :
Note: the ssl parameter is required. At the time of this writing, browsers do not support HTTP / 2 without SSL encryption.
To test the health of HTTP / 2, there are some good plugins for Google Chrome and Firefox .
As with earlier releases, there are a number of problems:
NGINX, Inc. thanks the companies Dropbox and Automattic , which are active users of NGINX and are involved in sponsoring the development. Their contribution accelerated the creation of the HTTP / 2 module, and we hope that you, in turn, will have the opportunity to support them.
UPD: HTTP2 support has already been added to the open-source version of NGINX. Everyone can download the source .
Since the patch is an alpha version, it is not recommended to use it in work projects. If you want to use the features of HTTP / 2 for work sites, you should pay attention to NGINX version 1.5.10 and newer, which implements full support for the protocol SPDY / 3.1. As the predecessor of HTTP / 2, SPDY has the same advantages as HTTP / 2, but at the same time has wider support among current browser versions.
About HTTP / 2 Support in NGINX
HTTP / 2 is a new protocol, so there are some concerns and misunderstandings associated with it. One of the main concerns is that the implementation of HTTP / 2 requires a change in the architecture of the entire application. This fear and many others related to HTTP / 2 are groundless. In fact, for applications using NGINX, HTTP / 2 support is implemented with minor architecture changes.
To facilitate the transition to the new protocol, NGINX acts as an “HTTP / 2 gateway”. On the client side, NGINX communicates with browsers via HTTP / 2 (if the browser supports HTTP / 2), and on the server side through HTTP / 1.x (or FastCGI, uwsgi, SCGI) as before. Between the client and the backend, NGINX converts HTTP / 2 to HTTP / 1.x (or FastCGI, etc.). In other words, servers and applications proxied through NGINX do not require changes to migrate to HTTP / 2. The only necessary change to existing HTTPS configurations is to add the http2 parameter to the listen directives (the ssl parameter is also needed):
listen 443 ssl http2 default_server;As of June 2015, more than 50% of users use browsers with HTTP / 2 support. In other words, the implementation of HTTP / 2 by browsers is quite high and will increase over time. NGINX uses Application Layer Protocol Negotiation ( ALPN ), which is an extension of TLS, for both HTTP / 1.x and HTTP / 2 to work simultaneously . When the browser connects to the server, a list of supported protocols is sent. If the list contains h2, then NGINX uses HTTP / 2 to connect. If the browser does not support ALPN or the list of supported protocols does not contain h2, then NGINX will use HTTP / 1.x.
As you might have guessed, some optimizations for HTTP / 1.x are now antipatterns for HTTP / 2. Optimizations such as using sprites, combining or inlining images, and also sharing resources between domains that helped with using HTTP / 1.x are no longer needed with HTTP / 2. Of course, you can implement HTTP / 2 using these optimizations, but we strongly recommend that you get rid of them to increase performance.
NGINX build with HTTP / 2
- Install OpenSSL version 1.0.2 or later , which is necessary to support ALPN.
- Download and unpack NGINX version 1.9.0 or later:
$ wget http://nginx.org/download/nginx-1.9.3.tar.gz $ tar zxvf nginx-1.9.3.tar.gz $ cd nginx-1.9.3 - Download the patch:
$ wget http://nginx.org/patches/http2/patch.http2.txt - Check the applicability of the patch:
$ patch -p1 --dry-run < patch.http2.txt - If there are no errors, we use:
$ patch -p1 < patch.http2.txt - Configure NGINX with the necessary options:
- to build NGINX along with OpenSSL from source and static linking:
$ ./configure --with-http_ssl_module \ --with-http_v2_module \ --with-debug \ --with-openssl=/path/to/openssl-1.0.2 \ ... - if OpenSSL is installed as a third-party library (for example, on Mac OS X):
$ ./configure --with-http_ssl_module \ --with-http_v2_module \ --with-debug \ --with-cc-opt="-I/opt/local/include" \ --with-ld-opt="-L/opt/local/lib" \ ...
- to build NGINX along with OpenSSL from source and static linking:
- After that we collect NGINX:
$ make
NGINX setup
To enable HTTP / 2 support, add the ssl and http2 parameters to the listen directives :
server {
listen 443 ssl http2 default_server;
ssl_certificate server.crt;
ssl_certificate_key server.key;
...
}Note: the ssl parameter is required. At the time of this writing, browsers do not support HTTP / 2 without SSL encryption.
To test the health of HTTP / 2, there are some good plugins for Google Chrome and Firefox .
Remarks
As with earlier releases, there are a number of problems:
- The patch is in early alpha and can only be used for testing. Currently, active work is underway on the module and we will be grateful to everyone who will take part in testing (the results can be sent to nginx-devel ).
- 'Server Push' is not implemented in this version of the patch and will not be supported in the first working implementation of HTTP / 2. Perhaps this functionality will appear in future versions of NGINX.
- The patch removes the SPDY module and replaces it with the HTTP / 2 module. That is, after applying this patch, NGINX cannot be configured using SPDY. This will also be done in the first working version of HTTP / 2 for the commercial and non-commercial versions. SPDY will be deprecated at the beginning of 2016 , so there is no need to support both directives.
Special thanks
NGINX, Inc. thanks the companies Dropbox and Automattic , which are active users of NGINX and are involved in sponsoring the development. Their contribution accelerated the creation of the HTTP / 2 module, and we hope that you, in turn, will have the opportunity to support them.
UPD: HTTP2 support has already been added to the open-source version of NGINX. Everyone can download the source .