Page MenuHomePhabricator

Switch on http/2 in apache for gerrit
Closed, DeclinedPublic

Description

What it says in the title. We should still support http/1.1 for backwards compatibility.

See docs https://httpd.apache.org/docs/2.4/howto/http2.html

Event Timeline

Change 392489 had a related patch set uploaded (by Paladox; owner: Paladox):
[operations/puppet@production] Gerrit: Enable http/2 for apache

https://gerrit.wikimedia.org/r/392489

Chatted with @BBlack on IRC, couple of quick notes:

  • Good idea in general
  • Apache HTTP2 module hasn't been reviewed or used at WMF yet, so we should do that first.

Considering the latter point, I'm not sure I want Gerrit to be our guinea pig here.

Maybe Planet can be the guinea pig.

Added a couple of notes in the code review:

  1. mod_http2 does not work with mpm-prefork but only with worker/event (latter is preferred). The mod_http2 prefork support has recently been deprecated. I quickly checked cobalt/gerrit2001 and it seems that we use prefork.
  1. Since the experimental tag has been removed only recently I strongly suggest to use a recent version of httpd (possibly only debian >= stretch in which we have 2.4.25). On cobalt we are running 2.4.10 that should not be used in my opinion.
  1. mpm-event (requirements of 1) has got a ton of changes only recently, so another good point to use only a super recent version of httpd.

The above notes assumes that my understanding of where/how gerrit run is correct, that might not be true :)

  1. Since the experimental tag has been removed only recently I strongly suggest to use a recent version of httpd (possibly only debian >= stretch in which we have 2.4.25). On cobalt we are running 2.4.10 that should not be used in my opinion.

Ack. HTTP/2 support was introduced in 2.4.17, it's not even supported in jessie.

demon triaged this task as Lowest priority.Nov 22 2017, 5:08 PM

gerrit2001 is running stretch, but we haven't reimaged the master cobalt yet (cf T176774).

Given that, plus the fact that this isn't battle tested yet, I'm proposing we lower the priority on this and let another service (preferably one with less depending on it) try http2 first :)

Volunteers to try it with Planet as part of T168490

Strike that, it doesn't compare since Planet is behind Varnish and Gerrit isn't.

Change 392489 abandoned by Paladox:
Gerrit: Enable http/2 for apache

https://gerrit.wikimedia.org/r/392489

Declining outright per what I said in T185645#3922220:

Also, I'd rather move it behind LVS: T165631