HTTP/3 to upstream PoC #770
Conversation
|
Due to the importance of cache hit rate, it is recommended to implement a compatibility layer to handle cache protocol conversion (a switch can be provided to turn it on or off). |
|
Hi Roman, |
I agree this would be a nice option to have. This will come at a price though. We''ll get back to it at some point. |
| ngx_reusable_connection(pc, 1); | ||
| } | ||
|
|
||
| if (qc->shutdown) { |
There was a problem hiding this comment.
What is the intention of deleting this code?Useless logic?
There was a problem hiding this comment.
Some functionality is moved from QUIC to application layer, HTTP/3 in this case. For example, tracking whether it's time to close the QUIC connection.
I also think we can keep |
Good question. It looks like What about the design? Then we can access them like |
I'm not sure if it helps. Also, Ideally these modules should be independent. |
|
Let me try it with v2 proxy module. |
src/event/quic/ngx_event_quic.h
Outdated
There was a problem hiding this comment.
ngx_quic_init_pt and ngx_quic_shutdown_pt also need to remove
| return NULL; | ||
| } | ||
| qc = c->quic->connection; | ||
| conf = qc->conf; |
There was a problem hiding this comment.
The following 317 lines of 'qc->conf = conf;' do not require reassignment
I agree with the related suggestions. |
This is a preparation for introducing QUIC client support.
This is a preparation for introducing QUIC client support.
The function is called by event pipe which is used when proxying an HTTP connection.
This is a preparation for adding QUIC client support.
The change removes ngx_quic_run() and adds the following functions: - ngx_quic_handshake() - ngx_quic_shutdown() - ngx_quic_get_error() - ngx_quic_accept_stream() - ngx_quic_reject_streams() The first two resemble similar SSL functions. A typical QUIC workflow is now application-centered. After initiating the handshake, the application sets c->ssl->handshake which is first called once the handshake is complete. After that it's called after processing each QUIC event. Inside the handler the application can accept new streams, check QUIC errors and shut down the connection using the above mentioned functions. The change also introduces QUIC connection lingering. When closing a QUIC connection with ngx_quic_shutdown(), first the connections switches to the lingering mode. In this mode all unsent stream data is sent and acked. The maximum timeout for lingering is 3 seconds. The same valus is currently used by ngx_ssl_shutdown().
Now c->quic is used for both QUIC connections and streams. It allows to avoid using c->udp to access QUIC connection object. Also, it allows for early allocation of QUIC connection, which can hold QUIC configuration before the handshake. QUIC handshake function is now split into ngx_quic_create_connection() and ngx_quic_handshake() in preparation to adding QUIC client support. QUIC configuration is passed only to ngx_quic_create_connection(). This brings QUIC API in line with SSL API.
Similar to SSL, client mode is enabled by passing NGX_SSL_CLIENT flag to ngx_quic_create_connection().
A number of changes in HTTP/3 server code in preparation for adding HTTP/3 client support: - parse, table and uni function no longer access server configurations - parse functions no longer call action functions and use callbacks instead - added session "data" field, which stores ngx_http_connection_t reference - added session fields "max_table_capacity" and "max_blocked_streams" - session field "blocked" is renamed to "queue" - ngx_http_v3_close_connection() is moved to ngx_http_v3.c and made public - made QPACK header constants public
The module allows to use HTTP/3 protocol for proxying.
HTTP/3 proxying is enabled by specifying "proxy_http_version 3.0".
Example:
server {
listen 8000;
location / {
proxy_http_version 3.0;
proxy_pass https://127.0.0.1:8443;
}
}
server {
listen 8443 quic reuseport;
ssl_certificate certs/example.com.crt;
ssl_certificate_key certs/example.com.key;
location / {
return 200 foo;
}
}
|
Removing the host+port patch from here. It's committed to mainline: #772 |
The PR adds support for HTTP/3 protocol to upstream.
Module
While the HTTP/3 proxy code is contained in a separate module, a decision has been made to integrate it with the
ngx_http_proxy_moduleand rely on its directives. This allows to avoid confusion when switching between protocols. The HTTP/3 protocol is enabled byproxy_http_version 3.0. Currently the protocol version can only be specified statically, but this can be changed later to allow for dynamic protocol selection. But even if implemented, the selection will only be possible while initializing the upstream. It will not be possible to change the protocol after trying another version.Cache
Despite using the same directives for caching (
proxy_cacheetc), cache format is incompatible between HTTP/3 and HTTP/1 and is expected to be incompatible with HTTP/2 as well. When using the same cache for different protocols, alterproxy_cache_keyto include protocol version indication.Example
Multiplexing
This PR does not provide HTTP/3 connection multiplexing, meaning a single QUIC connection is created for each request. Note that without multiplexing no performance benefits are expected compared to HTTP/1 proxy. Multiplexing is currently considered a separate feature and will likely require a redesign of nginx upstream keepalive.
An effort to add multiplexing can be found here. It uses a separate set of keepalive-like directives with
http3_prefix. A proper implementation will probably rely on location-based keepalive as opposed to currently implemented upstream-based.