1. General remarks

http/2 is the next generation protocol for the web. Initially http/2 was developed by google with the name SPDY [2]. The protocol was introduced because the actual / former protocols http/1.1 and http/1.0 allowed just one request per connection, so that a webpage with a lot of images etc. had to load them sequentially. http/2 allows to multiplex multiple transfers/requests via a single connection. Further drawbacks of the http/1* protocols have to do with the lower level tcp protocol. http/2 also uses udp to get rid of some of those disadvantages.

2. Software

Curl [3] supports http/2 since version 7.43.0 and is very well suited to test your http/2 installations with the special option --http2.

Apache2 supports http/2 with a special module [4] since version 2.4.17. This Apache2 version is available in debian sid already as a package from repository.

Firefox supports http/2 completly [5] since version 36.

Chrome [6] supports http/2 of course 🙂

Internet Explorer 11 does NOT support http/2.

If your Browser supports http/2 can be checked online using a service of akamai [1].

3. Installation steps on a debian 8 system

I have a running debian 8 (jessie) box and I wanted to try the new apache2 module for http2. Because I didn’t wanted to destroy someting on this box, I decided to test this using a docker [7] container.

Of course I had to install docker first. One important remark here: There is another package called docker which has something to to with docking windows on the desktop. And this is the WRONG docker package which we do not need here. Do get docker installed, you have to create or modify an apt conf file:

Before executing

the https transport protocol package for apt has to be installed (if not already installed).

Now you can run apt-get update to pull the available packages from the docker repository. When you now search for docker you get the following or a similar result:

The package that is needed for our experiments is docker-engine. The package is simply installed with:

If everything worked like expected you should see the socker service running:

Your first simple docker command can be the check of running/available docker containers:

Of course this devlivers an empty list. We will change this by starting a debian sid container with the following command:

Our first step in the brand new sid container is a apt update:

Now we can install apache2 (2.4.17)

We check the installed apache2 version:

Ok great. This is the required version which already supports http/2. Let’s proceed with the installation of curl:

We see that this is a curl version which supports already the http/2 protocol.

And we see that the –http2 option is also available.

Let’s install some network tools so that we can check our system from the network point of view:

Now we have to enable the http2 module in the apache configs:

Now add the following lines to the virtual host config files. Be aware that the TLS config has protocol h2 and NOT h2c!!

Add/change the marked lines in default-ssl.conf. If you want you can also replace the snake oil certificate/key by a real or self signed certificate!

And correspondingly for the non ssl vhost:

Additionally we have to change some settings in the general ssl config:

1. disable SSLSessionCache
2. set the SSLCipherSuite like shown
3. set SSLProtocol like shown.

Now let’s start the apache2 server:

So this looks good up to now. The apache2 server is up and running and is listing on http port (80) and https port (443).

4. Testing the http/2 abilities

4.1. In container curl

Our first test is possible directly in the container. To check the http2 abilities we use the previously installed curl package:

4.2. From outside of the container with real browsers

On our host system we can check the running docker containers again:

We can check if the mapped ports (1443 and 1080) are available as LISTEN on the host system.

So we can for example access to those ports from your client to the host (the firewall settings have to be adapted eventually).

See here the access log after accessing the webserver with firefox and chrome.

XMing XLaunch tcp listener

During one of the last updates of XMing there was a small but important change which cost me some hours until I found the solution.

The listener for Display 0 which is usually running on port 6000 was not starting with XLaunch. After some investigation and searches in forums I found out that now you have to enter

in the field for additional parameters!

Remove recursive SVN directories

If you want to remove all svn directories in a cloned repository for example to put it in another rcs like mercurial you can use this simple linux command  — one liner

find . -name “.svn” | while read i; do rm -r “\$i”; done

ZFS recursiv snapshot rollback

I’m using zfs snapshots to save all non global zones filesystems via cron. This can be achieved using the zfs snapshot option “-r”. During snapshot creation this means

create snapshots on the target filesystem and all descendants filesystems

If made a mistake and you want to rollback the last action you will be disappointed that the corresponding “-r” option of the zfs rollback command has a different meaning:

destroy snapshots newer than the specified snapshot

All posts in the internet that I found show that there is no way to make a recursiv rollback with just using zfs. A small shell script can help to make recursiv rollbacks:

zfs-recursive-rollback

Of course you have to make the file executable after copying it to your system with a command like

You should also adapt the command line options in the script to your needs if the options in the script do not fit.

ZFS now also available for Linux

I just tested the debian package from the website

http://zfsonlinux.org/debian.html

Usually I use ZFS in Solaris. The first step on a debian box where straight forward and without any problems. After the package installation I was able to create a zpool in the same way as I usually did on Solaris.

In this way all advantages like comfortable snapshots including differential snapshots, usefull for backup purposes are now also available for Debian users.

Great Job!