Embed Size (px)
Citation preview
What Servlet 4 and HTTP/2 mean to you
Alex Theedom @alextheedom
Alex Theedom, Senior Java Developeralextheedom.com
@alextheedom
Who am I?
What’s on?1 Why Do We Need HTTP/22 Work-Arounds to HTTP1.13 HTTP Sockets4 Topline HTTP/2 Features5 Servlet 4.0 Features6 Server Support7 What about SPDY?8 HTTP/2 Performance9 Tracking HTTP/2 Adoption10 Summary and Q&A
■Increase perceived performance of web
■HTTP protocol not suitable
■Since 2011 average web page size increased by over 300%
■The problem with HTTP/1.1
Why Do We Need HTTP/2The Goal of HTTP/2
300%Source: HTTPArchive.com
■Requests resources in parallel HTTP 1■One request per TCP connection■HTTP1.1 Pipelining: multiple requests■Responds in sequence■Delay causes head-of-line blocking
Why Do We Need HTTP/2How a browser loads a webpage?
open
close
client serverno pipelining
index.html
style_1.css
logo.jpg
open
close
client serverpipelining
time
index.html
style_1.csslogo.jpg
Multiple connections
However two issues1. TCP sockets expensive
2. Browser max connections
Work-Arounds to HTTP1.1Solution to Head-Of-Line Blocking
open
close
client server
connection 1style_1.css
open
close
client server
connection 2javaScript_1.js
open
close
client server
connection 3image_1.png
Work-Arounds to HTTP1.1CSS/JavaScript File Concatenation
background.cssheader.cssmenu.cssstyle.css
Work-Arounds to HTTP1.1CSS and JavaScript Inlining
■Embed image in web page■Base 64 encoded
■Time spent decoding■Caching difficult
Work-Arounds to HTTP1.1Inlined Assets
One image file consists of many smaller images
Image sprites from Amazon, Google and Facebook.
Work-Arounds to HTTP1.1Image Sprite Sheet
Work-Arounds to HTTP1.1Domain Sharding
web pagey.example.com
x.example.com
server 2
server 1
logo.jpg
icon.jpg
header.css
menu.css
■Not much specified■Throw away resources
■No maximum open sockets
HTTP SocketsWhat HTTP1.1 Says About Sockets
■Much is specified■Scares resources
■Ideally only open one socket
HTTP SocketsWhat HTTP/2 Says About Sockets
HTTP SocketsAll connections now operate as one connection
open
close
client server
open
close
client server
open
close
client server
open
close
client server open
close
client serveropen
close
client server
■HTTP/2 is comprised of two specifications:■Hypertext Transfer Protocol version 2 - RFC7540
■HPACK - Header Compression for HTTP/2 - RFC7541
■Binary Protocol Based on Frames
■Features:■Request/Response Multiplexing
■Binary Framing ■Header Compression■Stream Prioritization
■Server Push■Upgrade From HTTP1.1
Topline HTTP/2 Features What’s new
■Most important feature■Request and response is multiplexed ■Fully bi-directional communication
■Concepts:■Connection - A TCP socket
■Stream – A channel of communication■Message – A request/response and control message■Frame –The smallest unit within a communication
■Resolves head-of-line blocking■Communication broken down into frames
■Frames facilitate interweaving the logical stream
Topline HTTP/2 FeaturesRequest/Response Multiplexing
Hierarchical structure of logical communication blocks
Topline HTTP/2 FeaturesRequest/Response Multiplexing
connectionstream
frame frame frameframe frame frame
message
stream
frame frame frameframe frame frame
messageframe frame frameframe frame frame
message
stream
frame frame frameframe frame frame
messageframe frame frameframe frame frame
messageframe frame frameframe frame frame
message
■Request/Response Multiplexing■Interweave the logical stream over a single TCP
Stream 3 sends header then body and server responds with stream 2 before it receives completed stream 3
Topline HTTP/2 FeaturesRequest/Response Multiplexing
STREAM 1HEADERS
STREAM 3DATA
STREAM 1DATA
STREAM 2HEADERS
STREAM 3HEADERS
STREAM 2DATA
browser
server
■Decomposition of the frame■The frame has a header and the head consists of some information
■Type fields can be■HEADER corresponds to the HTTP headers
■DATA corresponds to the HTTP request body■PRIORITY specifies stream priority
■PUSH_PROMISE notifies of server push intent ■RST_STREAM notifying error, client rejects push
■SETTING, PING, GOAWAY, WINDOW_UPDATE, CONTINUATION
Topline HTTP/2 FeaturesBinary Framing
LENGTH (24)TYPE (8) FLAGS (8)
R STREAM IDENTIFIER (31)FRAME PAYLOADS (0.. n)
Mapping the HTTP Request to Frames
Topline HTTP/2 FeaturesHeader Compression
HTTP request Header FrameGET /index.html HTTP/1.1Host: example.comAccept: text/html
HEADERS + END_STREAM - END_HEADERS :method: GET :scheme: http :path: /index.html :authority: example.com accept: text/html
Mapping the HTTP Response to Frames
Topline HTTP/2 FeaturesHeader Compression
HTTP response Header FrameHTTP/1.1 200 OKContent-Length: 11Content-Type: text/htmlMay The Force Be With You
HEADERS - END_STREAM + END_HEADERS :status: 200 content-length: 11 content-type: text/htmlData FrameDATA + END_STREAMMay The Force Be With You
■Reduces header duplication■scheme, accept, user-agent
■Server and client maintains a table of headers
■Send only difference and references header number
Topline HTTP/2 FeaturesHPACK header compression
HTTP Request 1:method GET:scheme https:host example.com:path /index.html:authority example.org:accept text/htmluser-agent Mozilla/5.0
HTTP Request 2:method GET:scheme https:host example.com:path /info.html:authority example.org:accept text/htmluser-agent Mozilla/5.0
HEADERS frame (Stream 1):method GET:scheme https:host example.com:path /index.html:authority example.org:accept text/htmluser-agent Mozilla/5.0
HEADERS frame (Stream 3):path /info.html
■Attach priority information to streams■Priority can be entered in the header frame or the priority frame
■Only a suggestion to the server
Topline HTTP/2 FeaturesStream Prioritization
B D C
A
2 14 10
B C
A
4 8
■Eliminate the need for resource inlining■The sever can proactively send resources to the client
■Client can reject PUSH_PROMISE by responding RST_STREAM
Topline HTTP/2 FeaturesServer Push
■How do we talk in HTTP/2?
■Two ways to talk in HTTP2■HTTP 1.1 in clear text send upgrade header to upgrade to protocol
h2c■HTTPS use ALPN (TLS extension) and communication continues in
h2
■However Firefox or Chrome does not support h2c
■HTTPS all the way
Topline HTTP/2 FeaturesUpgrade Negotiation
■Servlet API well positioned to enable HTTP2 optimisation
■Servlet 4.0 Appropriate Abstraction
■Provide high level abstraction■Don’t want to program frames at the servlet layer
■OUT: one request = one response■IN: one request = multiple responses
Servlet 4.0 FeaturesAppropriate Abstraction
Servlet 4.0 FeaturesServer Push
■Most visible improvements in servlets
■Improve perceivable performance
■Best place to know what resources a request needs■logo image, stylesheet, menu javascript etc
■Not a replacement for websockets
■JSF will make good use of Server Push and other frameworks
■Implemented as PushBuilder API
Servlet 4.0 FeaturesTypical Journey
1. Browser requests index.html2. Server discovers need for css and js3. Get PushBuilder from HTTP request4. Set path to css and invoke push5. Set path to js and invoke push6. Then responds with index.html
Note7. The pushBuilder can be reused8. index.html returned after pushed resources
RST_STREAM rejects cached resources
■javax.servlet.http.PushBuilder■To use server push, obtain a reference to a PushBuilder from an
HttpServletRequest, mutate the builder as desired, then call push()
Servlet 4.0 FeaturesPushBuilder
Servlet 4.0 FeaturesPushBuilder
■javax.servlet.http.PushBuilder■constructed with request method set to GET■conditional, range, expectation, authorization and request headers
are removed■cookies are only added if the maxAge has not expired■request header set to the request URL plus any query string present■only required setting is the URI path to the resource■must be set before every call to push()
Servlet 4.0 FeaturesServlets and ServerPush
■Simple usage
Servlet 4.0 FeaturesFilters and Server Push
Servlet 4.0 FeaturesJSF Use Case
■Framework use case most important■Dependent on knowing the resources the client requires■Server side web frameworks best placed to take advantage of server
push
Servlet 4.0 FeaturesJava 9 Support
■JEP 110■Does not reinvent HttpClient■Supports HTTP1.1 and HTTP/2
■Full server push support■Two modes: blocking and non-blocking
HttpClient.Builder HttpClient HttpRequest.BuilderHttpRequest: POSTHttpRequest: GET
Servlet 4.0 FeaturesJava 9 Support
■GET
Servlet 4.0 FeaturesJava 9 Support
■POST
Servlet 4.0 FeaturesDisable/Reject Server Push
■Clients can explicitly disabled server push by sending a SETTINGS_ENABLE_PUSH
■Servlet containers must honor a client’s request to not receive a pushed response
■Browser already has the resource in its cache.■RST_STREAM rejects cached resources
Server ImplementationServlet Support
■GlassFish 5.0 ■Reference implementation
■Payara 5.0■Recently created a branch for Java EE 8 development
■Jetty Stable-9 (9.3.8.v20160314)■org.eclipse.jetty.servlets.PushCacheFilter/PushBuilder
■WildFly 10 (Undertow)■Initial PushBuilder support implemented in Undertow master
■Tomcat 9.0.0.M4 alpha■Initial PushBuilder Supports Servlets 4.0's PushBuilder in the
javax.servlets.http package■Netty 4.1
■HTTP/2 implementation takes full advantage of headline features
Server ImplementationTomcat Configuration
■TLS required■TLS virtual hosting and multiple certificate are supported for a single
connector each virtual host is able to support multiple certificates
What About SPDY?Stepping Stone to HTTP/2
■Primary focus reduce web page load time■Same as HTTP/2■Formed first draft of HTTP/2■Stepping stone to HTTP/2■Chrome will drop support in favour of HTTP/2
HTTP/2 PerformanceOverriding Goal to Improve Performance
■The goal of HTTP/2 is to improve performance
■Cloudflare HTTP/2 demonstration tool cloudflare.com/http2
■Anthum's HTTP vs HTTPS httpvshttps.com
Tracking HTTP/2 AdoptionHow to Track Adoption
■Servers advise HTTP/2 support during the SSL handshake■Using shodan.io searches can be made using the ssl.alpn filter
Tracking HTTP/2 AdoptionAdoption Data
■Analysis■Between December 2015 and April 2016 HTTP/2 adoption up to 10%■However growth comes from upgrading incumbent version HTTP/2■Combining protocols we see no meaningful change
Q & A
What Servlet 4 and HTTP/2 mean to you
Alex Theedom @alextheedom
