Http-2

What we need to know

@h6165

Abhishek Yadav

ரூபீ ப்ரோக்ராமர்

Co-organizer: Chennai.rb

HTTP-2

  • History
  • Technical details
  • Affects on Rails
  • What we can use

HTTP: History

  • 1991: HTTP 0.9 - First documented version
  • 1996: HTTP 1.0 (rfc-1945), work starts on HTTP 1.1 (rfc-2068)
  • 1997, 1999: HTTP 1.1 release and improvements (RFC-2068, RFC-2616)
  • 2007: HTTPbis working group starts work on revising HTTP 1.1
  • 2012: First draft of SPDY published
  • 2014: HTTPbis submits new spec
  • 2015: HTTP-2 published. Google announces stopping support for SPDY

HTTP: History

  • 1991: HTTP 0.9 - First documented version
  • 1996: HTTP 1.0 (rfc-1945), work starts on HTTP 1.1 (rfc-2068)
  • 1997, 1999: HTTP 1.1 release and improvements (RFC-2068, RFC-2616)
  • 2007: HTTPbis working group starts work on revising HTTP 1.1
  • 2012: First draft of SPDY published
  • 2014: HTTPbis submits new spec
  • 2015: HTTP-2 published. Google announces stopping support for SPDY

1989: Tim Berners Lee: First GET requests

1996: Browser wars

1996: 40-60 % browsers already on Http1.0

1998: Google founded

1997-2000: Dot Com Bubble

2004: Facebook founded

2004: Gmail launched

2007: Iphone released

2008: Android released

2005: Ruby on Rails-1

2011: Rails 3.1: asset pipeline

2000: Roy Fielding: REST

2008: Chrome launched

2008: HTML5 Draft-1

2014: HTML5 finalized

2013: Chrome-29: SPDY

2011: Websockets shipped

2013: Snowden: NSA

2014: India: Modi as PM: massive use of social media

HTTP: History

  • 1991: HTTP 0.9 - First documented version
  • 1996: HTTP 1.0 (rfc-1945), work starts on HTTP 1.1 (rfc-2068)
  • 1997, 1999: HTTP 1.1 release and improvements (RFC-2068, RFC-2616)
  • 2007: HTTPbis working group starts work on revising HTTP 1.1
  • 2012: First draft of SPDY published
  • 2014: HTTPbis submits new spec
  • 2015: HTTP-2 published. Google announces stopping support for SPDY

1989: Tim Berners Lee: First GET requests

1996: Browser wars

1996: 40-60 % browsers already on Http1.0

1998: Google founded

1997-2000: Dot Com Bubble

2004: Facebook founded

2004: Gmail launched

2007: Iphone released

2008: Android released

2005: Ruby on Rails-1

2011: Rails 3.1: asset pipeline

2000: Roy Fielding: REST

2008: Chrome launched

2008: HTML5 Draft-1

2014: HTML5 finalized

2013: Chrome-29: SPDY

2011: Websockets shipped

2005-2015: China+India add 600 million users (450+180).

India is at 350million now 

HTTP: History: Conclusion

  • HTTP 1.1 has been stable, and popular

  • Internet has changed, has newer challenges

    • Majority users are on mobile

    • Privacy and security have become political

    • Governments are major stakeholders

  • THe web must be efficient and secure

HTTP-2: Technical details

  • HTTP is built on top of TCP

  • A typical web page load in browser: 

    • ​Open TCP connection

    • Send the GET request

    • Receive HTML, parse it, start rendering it

    • Open new TCP connection for each asset referred in the html (asset: Javascript, CSS, image, font)

  • Server sends data only when browser requests it (exception: Websockets)

  • Every new connection creates a massive overheard

HTTP-2: Technical details

  • Popular websites have hundreds of such requests

  • Only upto 6 parallel connections are permitted per domain

HTTP-2: Technical details

 

  • Concatenating JS and CSS  (Rails asset pipeline)
  • Creating sprites from images

  • Data inlining for images

  • Domain Sharding: serving assets from different domains to parallelize

  • Caching (Conditional GET, Etag etc)

  • HTTP Pipelining

Optimizations to HTTP 1.1

HTTP-2: Technical details

 

  • Connection multiplexing
  • Server push

HTTP-2 Proposals

 

  • Header compression
  • Binary encoding

HTTP-2: Technical details

 

  • There will be a single, long-lived TCP connection
  • The connection will be duplex (TCP is)

HTTP-2 Proposals: connection multiplexing

HTTP-2: Technical details

  • All assets can be sent over the same connection. No need to reconnect
  • Server can push assets instead of waiting for client to ask
  • Client can express preference for certain assets, and get them before others (stream prioritisation)

Connection multiplexing: possible impacts

And

  • No need for any of the HTTP 1.1 optimisations - no need of asset-pipeline
  • No need of Websockets (https://samsaffron.com/archive/2015/12/29/websockets-caution-required)

HTTP-2: Technical details

  • Header compression will some some bandwidth. Little from developer point of view, more as a big picture
  • Binary encoding will also make transport efficient. Developers will need more tools for debugging (like Wireshark)

Compression and encoding

  • No need for any of the HTTP 1.1 optimisations - no need of asset-pipeline
  • No need of Websockets

And

HTTP-2: Technical details

  • Spec doesn't require HTTPS, but implementations do.
  • All major browsers require TLS mandatorily with HTTP-2 

Impacts: HTTPS

HTTP-2: Today

  • Implemented by all major browsers
    • Except Android browser

HTTP-2: Today

  • Implemented by almost all major browsers
  • Implemented by Apache and Nginx
  • Supported by default on Cloudflare CDN (out assets are served with HTTP2)
    • Server push also announced recently:  https://blog.cloudflare.com/announcing-support-for-http-2-server-push-2/

HTTP-2: Today

In Rails world

  • Rack is not HTTP-2 compatible
  • So no Rack based frameworks can use it
  • Some experimental work has been done. 

HTTP-2 experiments with Rack

 

Http-2: what we need to know

By Abhishek Yadav

Http-2: what we need to know

  • 1,105