Difference between revisions of "Enable HTTP2 Support in Apache"

From Sympl Wiki
Jump to navigation Jump to search
(Tag: 2017 source edit)
(Added more details, more to come)
(Tag: 2017 source edit)
Line 1: Line 1:
We managed to get http2 running one time for some developers who were working on PUSH in the Apache Web Server. I didn't document what we did at the time but have rerun the process since on a fresh Sympl server to test for this documentation. There are a few things that need to be mentioned before we start as there are some substantial changes to the system that need to be made for this to work.
+
To get http2 running on Symbiosis in a production environment reliably, brings about a few configuration changes. I'll attempt to highlight these here.
  
 
== MPM_event to replace MPM_prefork ==  
 
== MPM_event to replace MPM_prefork ==  
  
 
The prefork MPM has substantial limitations when working with http2 namely in that each connection can only handle one request at a time. More details can be found [https://httpd.apache.org/docs/2.4/howto/http2.html#mpm-config on the apache website]. Because of this we are going to switch the apache server to using the event MPM. The event MPM is not able to preload the PHP module so we will also need to install php-fpm to parse php on the server.
 
The prefork MPM has substantial limitations when working with http2 namely in that each connection can only handle one request at a time. More details can be found [https://httpd.apache.org/docs/2.4/howto/http2.html#mpm-config on the apache website]. Because of this we are going to switch the apache server to using the event MPM. The event MPM is not able to preload the PHP module so we will also need to install php-fpm to parse php on the server.
 +
 +
If you had previously made modifications to the prefork settings to optimise performance then these will need transposing across to the MPM_event configuration as well. if you have not made changes as highlighted below then just disabling the prefork module and enabling the event module as below will be enough. - more details to follow -
  
 
== notes only, needs editing ==
 
== notes only, needs editing ==
 +
Install the php-fpm, the default php install on a buster machine is currently php7.3:
 
   apt-get install -y php7.3-fpm  
 
   apt-get install -y php7.3-fpm  
  
 +
We will disable the prefork and php7.3 module. The php7.3 module allows the prefork module to run in prefork but we need to remove it to run php-fpm
 
   a2dismod php7.3 mpm_prefork
 
   a2dismod php7.3 mpm_prefork
 +
 +
We will then install the modules for the event MPM, proxy_fcgi for passing php requests to php-fpm and the http2 module
 
   a2enmod alias mpm_event proxy proxy_fcgi setenvif http2
 
   a2enmod alias mpm_event proxy proxy_fcgi setenvif http2
 +
 +
We can then add the php7.3-fpm config as well.
 
   2enconf php7.3-fpm
 
   2enconf php7.3-fpm
  
to edit the sympl template files
+
At this point the system is configured to run with the new settings but until we have restarted apache they have not taken effect. The php_admin directives that we are set in sympl to enhance security throw errors using the fpm as the multiple fields are not recognised by proxy_fcgi. We need to contain the multiple parameters in quotes so they are all seen as one parameter and passed through to php-fpm as a whole. To do this moving forwards we can adapt the sympl-web-configure templates:
 
   sed -E -i 's/php_admin_value (.*)/SetEnv php_admin_value \"\1\"/' /etc/sympl/apache.d/*.erb
 
   sed -E -i 's/php_admin_value (.*)/SetEnv php_admin_value \"\1\"/' /etc/sympl/apache.d/*.erb
  

Revision as of 16:14, 11 April 2020

To get http2 running on Symbiosis in a production environment reliably, brings about a few configuration changes. I'll attempt to highlight these here.

MPM_event to replace MPM_prefork

The prefork MPM has substantial limitations when working with http2 namely in that each connection can only handle one request at a time. More details can be found on the apache website. Because of this we are going to switch the apache server to using the event MPM. The event MPM is not able to preload the PHP module so we will also need to install php-fpm to parse php on the server.

If you had previously made modifications to the prefork settings to optimise performance then these will need transposing across to the MPM_event configuration as well. if you have not made changes as highlighted below then just disabling the prefork module and enabling the event module as below will be enough. - more details to follow -

notes only, needs editing

Install the php-fpm, the default php install on a buster machine is currently php7.3:

 apt-get install -y php7.3-fpm 

We will disable the prefork and php7.3 module. The php7.3 module allows the prefork module to run in prefork but we need to remove it to run php-fpm

 a2dismod php7.3 mpm_prefork

We will then install the modules for the event MPM, proxy_fcgi for passing php requests to php-fpm and the http2 module

 a2enmod alias mpm_event proxy proxy_fcgi setenvif http2

We can then add the php7.3-fpm config as well.

 2enconf php7.3-fpm

At this point the system is configured to run with the new settings but until we have restarted apache they have not taken effect. The php_admin directives that we are set in sympl to enhance security throw errors using the fpm as the multiple fields are not recognised by proxy_fcgi. We need to contain the multiple parameters in quotes so they are all seen as one parameter and passed through to php-fpm as a whole. To do this moving forwards we can adapt the sympl-web-configure templates:

 sed -E -i 's/php_admin_value (.*)/SetEnv php_admin_value \"\1\"/' /etc/sympl/apache.d/*.erb
 sed -E -i 's/php_admin_flag (.*)/SetEnv php_admin_flag \"\1\"/' /etc/sympl/apache.d/*.erb

if you have hand edited the configuration files and dont want to run sympl-web-configure --force

 sed -E -i 's/php_admin_value (.*)/SetEnv php_admin_value \"\1\"/' /etc/apache2/*-available/*.conf
 sed -E -i 's/php_admin_flag (.*)/SetEnv php_admin_flag \"\1\"/' /etc/apache2/*-available/*.conf
 apachectl -t
 sympl-web-configure --verbose