第1页
What’s new in HTTP/2?
28 Oct 2015
第2页
Your Questions
1. Who are we?
Floyd Smith, Technical Marketing Writer. Author of NGINX White Paper, “HTTP/2 for Web Application Developers”.
Faisal Memon, Product Marketer
Here in spirit: Valentin Bartenev, SPDY and HTTP/2 lead developer at NGINX, presenter at industry conferences. Author of blog post, “7 Tips for Faster HTTP/2 Performance”.
2. How will HTTP/2 affect my site?
3. Who will be implementing it?
4. Should I implement HTTP/2, and when?
第3页
Agenda
Why HTTP/2 is important
What’s new in HTTP/2
How NGINX supports HTTP/2
Conclusion
第4页
Why HTTP/2 is Important
1. Encourage security for users
Credit card information theft
Login information theft
“Soft data” such as sites visited and search terms used
2. Protect publishers and advertisers
Make sure site content gets to users
Protect ads from being hijacked and replaced - key concern for Google, all
Assurance for users
3. Side benefits
Reduce Internet congestion by reducing connections
Make app development and maintenance easier
第5页
Who Should Consider HTTP/2
1. Current SPDY Sites
Matter of timing
SPDY deprecated for Q1 2016
2. Greenfield SSL/TLS Sites
Should be better performance
Simplifies code and delivery architecture
3. Performance-Critical SSL/TLS Sites
Test performance before deployment
Use time saved by simpler coding for other improvements
4. Sites that want tech bragging rights
Client software (browsers), server software (ie NGINX!), and tools (WireShark)
Sites that like to lead on technology and that are actually faster on HTTP/2
Developers or business side can lead
Others - see what the competition does and do performance assessment
第6页
Who Uses HTTP/2 / SPDY Already
1. Get the Indicator for Google Chrome
Search for “Chrome plugin HTTP/2”
Or go to https://chrome.google.com/webstore/detail/http2-and-spdy-indicator/
Grey - HTTP/1.x, Green - SPDY, Blue - HTTP/2, Red - QUIC
2. A few current users (most of Top 10 websites - not eBay, Microsoft)
SPDY: Facebook, YouTube, Baidu, Yahoo!, Amazon, Wikipedia, Dropbox
HTTP/2: Google search, Cloudflare, WordPress
QUIC (Google experimental protocol): Gmail, Google Calendar etc.
第7页
SPDY - Predecessor to HTTP/2
1. Introduced by Google five years ago
One connection, multiplexing, SSL/TLS, compressed headers, prioritization - like HTTP/2
Proprietary, non-standard
Protects “soft data” such as sites visited and search terms used
2. Protect publishers and advertisers
Make sure site content gets to users
Protect ads from being hijacked and replaced - key concern for Google, all
3. Side benefits
Reduce Internet congestion by reducing connections
Make app development and maintenance easier
Minus: Binary protocols harder to debug
4. NGINX the SPDY leader
Early, robust, widely recognized support in NGINX
Only about 5% of sites used SPDY - Google, Facebook, WordPress - but awareness and interest among developers were high
第8页
Agenda
Why HTTP/2 is important
What’s new in HTTP/2
How NGINX supports HTTP/2
Conclusion
第9页
HTTP Refresher
Hyper Text Transfer Protocol
Defines how web content is downloaded over the internet
Language is actions (GET, POST, etc)
Last update was in June 1999 (HTTP/1.1)
GeoCities was the third most popular website in 1999
Just wanted to start with a short refresher on HTTP. And specifically focus on the transfer protocol piece of it. Because that’s the part of it that we’ll be mostly addressing today.
HTTP governs how web content (images, text, etc) is downloaded over the internet, The plumbing of getting content from the server where it lives to the user that will be interacting with it.
It is composed of actions, for example if the the page I’m viewing requires a picture to be download, my browser will issue a GET request to the server for that image.
HTTP/2, the new version of this protocol, streamlines how these interactions take place. Web pages load quicker and use less data on the wire.
The last revision to the HTTP protocol was in 1999. Web pages are more complicated now than they were then, and have to work on multiple devices, not just a web browser. HTTP/2 addresses inefficiencies in the underlying protocol to address the needs of modern web applications.
第10页
HTTP/1
HTTP/2
Great example of the process of loading up a web page as similar to that of my going to the grocery store. Imagine if you could only bring back one thing at a time from the grocery store. Its an inefficient way to do things when you can bring everything back atthe same time; saving a lot of driving back and forth. The previous version of HTTP limited you to having a single object in flight, and forcing you to go back and forth for every object, making network latency a bigger factor than it already is.
第11页
HTTP/1.1 Overview
One request at a time per TCP connection
Why?
Easier implementation
Thread/Process per connection
What about HTTP Pipelining?
Defined but not used in practice
Still requires In-order completion
GET /
GET /a.css
GET /b.jpg
200 OK
200 OK
200 OK
Transition from grocery store example. Picking up items is like requests for elements of a web page.
第12页
HTTP/1.1: Multiple Connections
Browsers typically makes 6 connections per domain
第13页
HTTP/1.1: Performance Improvements
Domain Sharding – Use multiple sub-domains to get more connections
sub-1.example.com, sub-2.example.com, sub-3.example.com, etc.
Complicates architecture
Concatenating – Combine resources (CSS, JS, images) into a single larger image
Poor cache utilization – Change in one element means entire combined resource must be fetched
Delays – Must download entire resource before any concatenated resource can be used
Inlining – Embed resources directly within the HTML
Duplication – Must be inlined everywhere it is being used
They have to modify page which is error prone, and more hassle than what its worth. With HTTP/2 you no longer need to do these optimizations.
第14页
HTTP/2: True Multiplexing
Multiples requests over a time per TCP connection
Out of order completion
Actions (GET,POST, etc) are unchanged
Based on Google’s SPDY protocol
第15页
HTTP/2: True Multiplexing
Requests and Responses are interleaved on the same TCP connection
- From High Performance Browser Networking by Ilya Grigorik
Not just multiplexing but also interleaving. Can also have data in flight both directions at the same time.
第16页
HTTP/2: Binary Header
第17页
HTTP/2: Request Prioritization
Web content can be assigned weights and dependencies
第18页
HTTP/2: More features
Server Push – Server pushes resources to client before it requests it
Header Compression – HPACK header compression reduces size of HTTP/2 header
Mandatory SSL – Not mandated by RFC but Chrome and Firefox won’t support without it
More secure websites
Higher search rankings for encrypted sites
第19页
HTTP/2: Backwards Compatibility
ALPN (OpenSSL 1.0.2)
NPN (OpenSSL 1.0.1)
Browser sends list of supported protocols
If h2 in list, HTTP/2 will be used
第20页
Agenda
Why HTTP/2 is important
What’s new in HTTP/2
How NGINX supports HTTP/2
Conclusion
第21页
How NGINX Supports HTTP/2
NGINX translates HTTP/2 to the language your application speaks
第22页
How NGINX Supports HTTP/2
Supported in both NGINX Plus R7 and NGINX 1.9.5
Pre-built binaries are built with OpenSSL 1.0.1
ALPN is supported but requires OpenSSL 1.0.2
Compile from source to use ALPN
SPDY and HTTP/2 not supported at the same time
No Server Push yet...
第23页
NGINX HTTP/2 Configuration
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2 default_server;
ssl_certificate server.crt;
ssl_certificate_key server.key;
…
}
第24页
Agenda
Why HTTP/2 is important
What’s new in HTTP/2
How NGINX supports HTTP/2
Conclusion
第25页
What Developers Have to Do
1. Monitor browser support for HTTP/2
63% of current browsers support it
Adding about 2% per month
Older browsers default to HTTP/1.x
2. Decide when to move to SSL and HTTP/2
Move to SSL can be a big deal - not good for streaming media
Moving to HTTP/2 soon is a no-brainer for SSL sites
SPDY is an interim solution to early 2016
3. Implement changes
Turn on HTTP/2 in NGINX
Remove or modify HTTP/1.x optimizations: Domain sharding, image sprites, code concatenation, inlining files
第26页
Think Through HTTP/2 Implementation
1. Are you already a leader?
SPDY user
Performance-led website
Wanting tech cred
2. Greenfield SSL/TLS Sites
Should be better performance
Simplifies code and delivery architecture
3. Performance-Critical SSL/TLS Sites
Test performance before deployment
Use time saved by simpler coding for other improvements
4. Sites that are tech leaders
Client software (browsers), server software (ie NGINX!), and tools (WireShark)
Sites that like to lead on technology and that are indeed faster on HTTP/2
Developers or business side can get the ball rolling
第27页
What You Can Do
1. Read the Materials
Upcoming blog post, 7 Tips for Higher HTTP/2 Performance, nginx.com//7-tips-http2
Links to white paper, HTTP/2 for Web Application Developers, nginx.com/http2-ebook
Links to Valentin Bartenev presentation, https://www.nginx.com/http2-presentation
Ilya Grigorich special edition ebook, High Performance Networking, nginx.com/http2-ebook
2. Ask customers their SSL and HTTP/2 expectations
3. Position your site as a leader on SPDY and HTTP/2, or….
Wait and see on SPDY and HTTP/2