diff --git a/sources/tech/20181222 A Tale of HTTP-2.md b/sources/tech/20181222 A Tale of HTTP-2.md deleted file mode 100644 index 897fd83fc5..0000000000 --- a/sources/tech/20181222 A Tale of HTTP-2.md +++ /dev/null @@ -1,75 +0,0 @@ -[#]: collector: (lujun9972) -[#]: translator: (geekpi) -[#]: reviewer: ( ) -[#]: publisher: ( ) -[#]: url: ( ) -[#]: subject: (A Tale of HTTP/2) -[#]: via: (https://veronneau.org/a-tale-of-http2.html) -[#]: author: (Louis-Philippe Véronneau https://veronneau.org/) - -A Tale of HTTP/2 -====== - -Around a month ago, someone mentioned the existence of [HTTP/2][1] in an IRC channel I lurk in. For some reason, I had never heard of it and some of the features of this new protocol (like mutiplexing requests without having to open multiple TCP connections) seemed cool. - -To be honest, I had just finished re-writing the Puppet code that manages our backup procedures and enabling HTTP/2 seemed like a productive way to procrastinate before moving on to an another large project. How hard could this be? - -Turns out it took me around 25 hours of work... Sit back and put on comfortable slippers, for this is a tale of HTTP/2! - -[![The Yule Log][2]][3] - -### Cursed Be the HTTP/1.1 - -When I first looked up how to enable HTTP/2 on Apache it seemed a pretty simple task. The documentation mentioned loading the `http2` module and making sure to prioritise the new protocol via a configuration file like this one: - -``` -Protocols h2 h2c http/1.1 - -H2Push on -H2PushPriority core.md Dict.md lctt2014.md lctt2016.md lctt2018.md LICENSE published README.md scripts sources translated after -H2PushPriority text/css before -H2PushPriority image/jpeg after 32 -H2PushPriority image/png after 32 -H2PushPriority application/javascript interleaved -``` - -This would of course have been too easy. Even if everything in Apache was set up properly, websites kept being served as HTTP/1.1. I was obviously doing something right though, since my websites were now sending a new HTTP header: `Upgrade: h2, h2c`. - -After wasting a good deal of time debugging TLS ciphers (HTTP/2 is [incompatible with TLS 1.1][4]), I finally found out the problem was that we weren't using the right multi-processing module for Apache. - -Turns out Apache won't let you serve HTTP/2 while using `mpm_prefork` (the default MPM), as it is not supported by `mod_http2`. Even though there are two other MPM you can use with Apache, only `mpm_prefork` supports `mod_php`. Suddenly, adding support for HTTP/2 meant switching all our webapps built in PHP to PHP-FPM... - -### Down the Rabbit Hole - -![A clip from Alice in Wonderlands][5] - -For the longest time, a close friend has been trying to convince me of the virtues of [PHP-FPM][6]. As great as it looked on paper, I never really did anything about it. It seemed so ... complicated. Regular ol' `mod_php` did the trick just fine and other things required my attention. - -This whole HTTP/2 thing turned out to be the perfect excuse for me to dive into it after all. Once I understood how FPM pools worked, it was actually pretty easy to set up. Since I had to rewrite the Puppet profiles we're using to deploy websites, also I took that opportunity to harden a bunch of things left and right. - -PHP-FPM let's you run websites under different Unix users for added separation. On top of that, I decided it was time for PHP code on our servers to be ran in read-only mode and had to tweak a bunch of things for our Wordpress, Nextcloud, KanBoard and Drupal instances to stop complaining about it. - -After too much time passed automating tasks in Puppet, I finally was able to turn off `mod_php` and `mpm_prefork` everywhere and to enable `mpm_event` and `mod_http2`. The speed bonus offered by PHP-FPM and HTTP/2 is nice, but more than anything I'm happy this whole ordeal forced me to harden the way our Apache servers deal with PHP. - -![Victory!][7] - --------------------------------------------------------------------------------- - -via: https://veronneau.org/a-tale-of-http2.html - -作者:[Louis-Philippe Véronneau][a] -选题:[lujun9972][b] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]: https://veronneau.org/ -[b]: https://github.com/lujun9972 -[1]: https://en.wikipedia.org/wiki/HTTP/2 -[2]: https://veronneau.org/media/blog/2018-12-22/yule_log.jpg (The Yule Log) -[3]: https://commons.wikimedia.org/wiki/File:The_Yule_Log.jpg -[4]: https://http2.github.io/http2-spec/#TLSUsage -[5]: https://veronneau.org/media/blog/2018-12-22/mod_php.gif (A clip from Alice in Wonderlands) -[6]: https://wiki.apache.org/httpd/PHP-FPM -[7]: https://veronneau.org/media/blog/2018-12-22/victory.png (Victory!) diff --git a/translated/tech/20181222 A Tale of HTTP-2.md b/translated/tech/20181222 A Tale of HTTP-2.md new file mode 100644 index 0000000000..9fcaddfad9 --- /dev/null +++ b/translated/tech/20181222 A Tale of HTTP-2.md @@ -0,0 +1,75 @@ +[#]: collector: (lujun9972) +[#]: translator: (geekpi) +[#]: reviewer: ( ) +[#]: publisher: ( ) +[#]: url: ( ) +[#]: subject: (A Tale of HTTP/2) +[#]: via: (https://veronneau.org/a-tale-of-http2.html) +[#]: author: (Louis-Philippe Véronneau https://veronneau.org/) + +一个 HTTP/2 的故事 +====== + +大约一个月前,有人在我所在的 IRC 频道中提到了 [HTTP/2][1]。由于某种原因,我从未听说过它,而且新协议的一些功能(比如无需打开多个 TCP 连接就能复用请求)似乎很酷。 + +说实话,我刚刚重写了管理我们备份程序的 Puppet 代码,启用 HTTP/2 似乎是一种转向另一个大型项目之前有效的拖延方式。这有多难? + +结果我花了大约 25 个小时来完成。坐下来穿上舒适的拖鞋,因为这是一个 HTTP/2 的故事! + +[![The Yule Log][2]][3] + +### 被诅咒的 HTTP/1.1 + +当我第一次看到如何在 Apache 上启用 HTTP/2 时,这似乎是一项非常简单的任务。文档提到加载 `http2` 模块并通过如下配置文件确保新协议优先: + +``` +Protocols h2 h2c http/1.1 + +H2Push on +H2PushPriority core.md Dict.md lctt2014.md lctt2016.md lctt2018.md LICENSE published README.md scripts sources translated after +H2PushPriority text/css before +H2PushPriority image/jpeg after 32 +H2PushPriority image/png after 32 +H2PushPriority application/javascript interleaved +``` + +这当然很容易。即使 Apache 中的所有内容都已正确设置,网站仍然可以使用 HTTP/1.1。不过,显然我做得没错,因为我的网站现在发送了一个新的 HTTP 头:`Upgrade: h2, h2c`。 + +在浪费了大量时间调试 TLS 密钥(HTTP/2 [与 TLS 1.1 不兼容][4])之后,我终于发现问题是没有使用正确的 Apache 多进程处理模块。 + +事实证明,在使用 `mpm_prefork`(默认 MPM)时,Apache 不会使用 HTTP/2,因为 `mod_http2` 不支持它。尽管 Apache 还有两个其他的 MPM,但只有 `mpm_prefork` 支持 `mod_php`。突然之间,添加对 HTTP/2 的支持意味着我们将要把所有的 PHP 网站切换到 PHP-FPM。 + +### 掉进兔子洞 + +![A clip from Alice in Wonderlands][5] + +在很长一段时间里,一位好友一直试图让我相信 [PHP-FPM][6] 的优点。虽然纸上看起来很好, 但我从来没有真正试过。它看起来很复杂。常规的 `mod_php` 做得很好,还有其他事情需要我注意。 + +事实上,这次的 HTTP/2 事件是让我钻研它的一个契机。在我理解了 FPM 池的工作原理后,它实际上很容易设置。由于我不得不重写我们用于部署网站的 Puppet 配置文件,我也借此机会巩固了一堆东西。 + +PHP-FPM 允许你在不同的 Unix 用户下运行网站来增加隔离性。最重要的是,我决定是时候让我们服务器上的 PHP 代码以只读模式运行,并且不得不为我们的 Wordpress、Nextcloud、KanBoard 和 Drupal 实例调整一些东西来减少报错。 + +过了很长时间通过 Puppet 的自动任务后,我终于能够在任何地方关闭 `mod_php` 和 `mpm_prefork` 并启用 `mpm_event` 和 `mod_http2`。PHP-FPM 和 HTTP/2 带来的速度提升不错,但更让我感到高兴的是这次磨练增强了我们的 Apache 处理 PHP 的能力。 + +![Victory!][7] + +-------------------------------------------------------------------------------- + +via: https://veronneau.org/a-tale-of-http2.html + +作者:[Louis-Philippe Véronneau][a] +选题:[lujun9972][b] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]: https://veronneau.org/ +[b]: https://github.com/lujun9972 +[1]: https://en.wikipedia.org/wiki/HTTP/2 +[2]: https://veronneau.org/media/blog/2018-12-22/yule_log.jpg (The Yule Log) +[3]: https://commons.wikimedia.org/wiki/File:The_Yule_Log.jpg +[4]: https://http2.github.io/http2-spec/#TLSUsage +[5]: https://veronneau.org/media/blog/2018-12-22/mod_php.gif (A clip from Alice in Wonderlands) +[6]: https://wiki.apache.org/httpd/PHP-FPM +[7]: https://veronneau.org/media/blog/2018-12-22/victory.png (Victory!) \ No newline at end of file