🔄 HTTP/2 Backend Support — Rolling Out to cleverapps.io Load Balancers
We are progressively deploying a mature branch of Sōzu with HTTP/2 (h2) backend support on cleverapps.io load balancers for battle-testing purposes. This rollout is based on the work tracked in sozu-proxy/sozu#1209. What this means for you: Your applications served through cleverapps.io load balancers may now negotiate HTTP/2 with backends. This should be transparent, but as with any infrastructure change at this stage, edge cases may arise. If you encounter any issues, please contact our support team and include:
Relevant error logs from your application A curl command that reproduces the problem (e.g. curl -vso /dev/null https://your-app.cleverapps.io/path)
This helps us diagnose and fix issues quickly. Thank you for helping us battle-test this feature!
Updates
The monitoring observe timeouts, we will make a patch and continue testing later
We have pushed a new versions with fixes about previous timeouts and h2, if you have issues, please report it through our support with a curl information and as much logs as possible. Thanks you a lot for helping us provide to Sōzu a battle tested h2 implementation.
Monitoring and telemetry agree on well behavior of the h2 implementation, we will let it run in production a little longer.
We found an issue with cookies where a request with multiple cookie header has only the first header passed to the backend, and same from backend to client.
There is another issue with cookie where sozu use , instead of ; to aggregate them. A fix is coming
We pushed a new version of sozu with h2 and fixes for cookie header.
Cookie issue seems to be solved, Sozu is still running in h2 for testing purposes. We will cut it only if there is a blocking issue or impacting.
We have identified an issue with large payload and http1.1 close-delimited response. We are deploying a fix.
The fix for close-delimited response with huge payload getting cut is in production.
We have identified a bug that appears with payload >4MB (often javascript files) that are truncated randomly, we are investigating the issue
The bug fix for truncated payload hit cleverapps load balancers, and seems to solve issues reported to us. If you have still the issue please contact us with a curl or har archive.
We have updated our load balancers with a newer versions that fix a few bugs and fix CVEs as well. We are watching the deployment status. However everything is green.
We have updated our load balancers with a newer versions that fix a few bugs and fix CVEs as well. We are watching the deployment status. However everything is green.
Customers have reported us that on webkit browser, the h2 implementation is not working properly as there are random request timeout, but works fine in h1 and on Firefox. We are investigating the issue.
We have found and fix the issue which was related to h2 stream priority on single stream connection, see PR #1209 for more details on Sozu GitHub repository
Some customers report us issues with h2 priority in Chrome and webkit browsers, which slow down the request or create timeouts, we are currently investigating the issue.
We have put in production a new version of Sōzu with the support of post-quantum crypto provider using aws-lc library and a few features as well. If you have any issues please contact our support and give them a curl or a mean to reproduce your issue.
We put in production and enable hsts feature on Sozu, you will see if not defined by your application a new header "strict-transport-security" with default values used by haproxy and caddy.