Ask Me Anything: How to Get Started with HTTP/2
Our AMA panel of experts from Google, Akamai, and CloudFlare gave their tips and tricks to getting started with HTTP/2 safely and easily.
Often the most difficult task when adopting a new technology is figuring out how to get started. Considering that H/1 has been around for over 15 years, this is especially true in the case of HTTP/2. Beginning the transition to a new protocol can be a challenge, which is why we made sure to ask Ilya Grigorik of Google, Tim Kadlec of Akamai, and Suzanne Aldrich of CloudFlare to weigh in on the subject during our live Ask Me Anything: HTTP/2 last month. Below is an excerpt from the transcript of the event, which you can read in full here.
Andrew Smirnov (AMA moderator, Catchpoint):
Let’s say I’m a company that’s currently using HTTP 1.1 and I’m really interested in HTTP/2. What do I need to do to utilize HTTP/2 today and make it as easy as possible for all the stakeholders of my organization?
If you’ve got a CDN, it’s a turnkey, push-button solution to at least get it enabled and get process going. Otherwise, you’re probably going to get your server people involved and roll-up to the latest version that’s using it, or pull in the appropriate patches.
In fact, the way I typically recommend is to get it enabled, whatever that process happens to be for you, and don’t do anything else yet. This is the nerd in me who wants to see the impact of this stuff. Turn it on, see what it does. Have performance monitoring in place so that you’re watching what happens once you’ve turned this on and what you’ve impacted. Ilya’s done a fantastic job in his presentations and his book outlining some of the optimizations that would make sense here. You start with those, and you start tweaking with those tips, and you slowly continue to iterate and find that ideal, beautiful world of H2 performance for your site or application.
Don’t feel like you have to rush in and optimize all the things right off the bat, because I think there’s a risk at this point where you don’t know what the value is, or maybe you’re actually going to have degradation in certain situations. It’s an iterative approach.
Yeah, I agree, and I think to add onto that, in addition to just your regular webpage performance, one should also be testing the invalidation of assets and how that affects performance on HTTP/1 versus HTTP/2. If you start optimizing for HTTP/2, you’ll have smaller little chunks that you need to invalidate. Theoretically, you should be able to see much better performance when you’re trying to do agile development for your web applications.
Yep, and if you’re not on HTTPS already, I think that’s the first step that you need to think about. Because to me, once you have HTTPS in place, and there’s a whole lot of things that comes along with HTTPS. You have third parties you need to think through—are they HTTPS capable, can I migrate all of my existing content, mixed content warnings—you have to resolve all that. That’s probably the biggest practical hurdle for a lot of people enabling that stuff. My claim is you have to do that anyway, because we’re migrating the web toward HTTPS.
That’s a solid point; the SSL is actually the bigger obstacle at the moment. As Ilya’s been hammering home all the way through this, it’s not really an option thing anymore, it has to happen. Whether you’re looking at H2 or you just want to use geolocation or whatever, it’s not an optional thing anymore. That’s the biggest hurdle. Everything after that is downhill skiing.
You know how today, if you go to a broken HTTPS site, they have a bad cert, and it has that red lock? I see a future, I don’t know how close it is, but I see the future where you have the HTTP site, when it’s not encrypted, it will have the red lock. That’s the world that we actually want to get to, and we will get there. You might as well get started on that now.