Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] serve admin interface via http2 #784

Open
rauanmayemir opened this issue Mar 11, 2024 · 4 comments
Open

[feature] serve admin interface via http2 #784

rauanmayemir opened this issue Mar 11, 2024 · 4 comments

Comments

@rauanmayemir
Copy link

Is your feature request related to a problem? Please describe.

Admin interface (and api in general) is currently served via HTTP1.1.

Describe the solution you'd like.

What would the feature look like? How would it work? How would it change the API?

It would be nice to have api serve HTTP2 as well (as H2C). (I've seen that you already optionally support QUIC/HTTP3, so H2C/HTTP2 would be even simpler as it's just a wrapper over mux.

...
@FZambia
Copy link
Member

FZambia commented Mar 11, 2024
edited

Hello, Centrifugo already supports HTTP/2 out of the box.

You need to configure TLS to make it work. For example, with mkcert tool:

❯ mkcert localhost 127.0.0.1 ::1

Created a new certificate valid for the following names 📜
 - "localhost"
 - "127.0.0.1"
 - "::1"

The certificate is at "./localhost+2.pem" and the key at "./localhost+2-key.pem" ✅

Run Centrifugo with TLS:

./centrifugo --tls --tls_cert localhost+2.pem --tls_key localhost+2-key.pem --api_insecure

Note, api_insecure is only to simplify example here.

Then check API response:

curl -X POST "https://localhost:8000/api/info" --data '{}'  -v

You will see HTTP/2 headers:

*  SSL certificate verify ok.
* using HTTP/2
* h2 [:method: POST]
* h2 [:scheme: https]
* h2 [:authority: localhost:8000]
* h2 [:path: /api/info]
* h2 [user-agent: curl/8.1.2]
* h2 [accept: */*]
* h2 [content-length: 2]
* h2 [content-type: application/x-www-form-urlencoded]
* Using Stream ID: 1 (easy handle 0x13f80c600)
> POST /api/info HTTP/2
> Host: localhost:8000
> User-Agent: curl/8.1.2
> Accept: */*
> Content-Length: 2
> Content-Type: application/x-www-form-urlencoded
>
* We are completely uploaded and fine
< HTTP/2 200
< content-type: application/json
< date: Mon, 11 Mar 2024 16:00:49 GMT

Then check admin UI:

Screenshot 2024-03-11 at 18 06 48

See also: https://centrifugal.dev/docs/faq#does-centrifugo-work-with-http2

Having said this all, I don't see the problem with HTTP 1.1, I doubt about significant practical benefits here. So supporting H2C should be justified by a practical reason.

@rauanmayemir
Copy link
Author

It’s not about a benefit, but rather a limitation I had and wanted to avoid putting it behind proxy.

@FZambia
Copy link
Member

FZambia commented Mar 12, 2024

Could you please explain what kind of limitation? Does the above description solves it for you?

@rauanmayemir
Copy link
Author

@FZambia The description above is for serving TLS, it doesn't cover H2C. The limitation is technical and I don't have a reasonable justification, so I'll leave this as 'nice to have'.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rauanmayemir @FZambia