-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do not allow http2 for nginx 1.10.x #2435
Comments
Can you make a pr here to fix the check? |
Actually we need to probably disable both spdy and http2 if its between 1.9.5 and 1.11.0. Odd, I'm using 1.9.5 in prod and it works fine. |
@josegonzalez what is maybe it is fine for GET requests, mine only fails for POST. And/or maybe 1.9.5 was fine, and they broke it later.... |
Fixed the link. |
So, what should it do then? Only allow 2.x and up and 1.11.x and up? |
Right, but also disable spdy for the versions between, as otherwise they'll get spdy support, which will break as spdy isn't built in anymore. |
OK, I'll submit a PR today evening or tomorrow. |
<3 thanks! |
It will take some more days, sorry. On a "brighter" note, we might even have problems with ngingx 1.11.3. Will investigate before submitting the PR here. :( |
For the record 1.11.3 didn't work well with dokku, not sure why, but I had to downgrade quickly and disable http2. |
Did you have a specific error? "Not work well" isn't very helpful. |
I know, sorry, it was mostly a note for myself.
I think what happened was that I upgraded nginx, and everything was fine then, but then restarted some apps, and nginx started failing. Then I downgraded nginx, removed http2 support, and now everything is fine. It could be unrelated, actually, so maybe 1.11.x is OK with dokku 0.7.x, I am not sure yet. I will need to pull up a test system to experiment, that's why it is taking time. |
Hi guys, just to let you know that nginx-1.11.5 fixed it for me. There's also something that may be of interest here:
This may be a clue that there's some http client configuration to do here to correctly connect to nginx. EDIT: just to be clear, the http golang client was working without any problem on previous nginx version with spdy and it works just as fine with nginx-1.11.5 without any modification. |
As the lowest known tested version with HTTP/2 support is Nginx 1.11.5, I'm going to drop support for http2 and spdy for anything above 1.9.5 and below 1.11.5. I can't believe I'm doing feature detection in bash. Ugh. |
Certain versions of nginx have bugs that prevent HTTP/2 from properly responding to all clients, thus causing applications to be unavailable. Closes #2435
Closing as a pull request is available. |
in reference to dokku#2435 and dokku#2263 this should at least clearify which nginx versions result in SDPY/HTTP2 enabled TLS configurations.
Description of problem:
dokku turns on http2 for nginx 1.10.x and above. But this version of nginx has a broken http2 implementation, and http2 aware clients fail to connect to it. Here is an example case: curl/curl#1040
nginx 1.11.x seems to be fine.
Output of the following commands
uname -a
:free -m
:docker version
:docker -D info
:sigil -v
:docker run -ti gliderlabs/herokuish:latest herokuish version
:dokku version
:dokku plugin
:cat /home/dokku/<app>/nginx.conf
(if applicable):https://github.com/r-hub/rhub-frontend
Environment details (AWS, VirtualBox, physical, etc.):
AWS
How was Dokku installed?:
As in the dokku manual.
How reproducible:
See curl/curl#1040 (comment)
Steps to Reproduce:
--with-nghttp2
Actual Results:
Error.
Expected Results:
An HTTP response.
The text was updated successfully, but these errors were encountered: