This unofficial docker image provides HTTP/2.0 proxies and clients from nghttp2 by Tatsuhiro Tsujikawa:
nghttpxHTTP/2.0 proxy that can work in front of an existing HTTP/1.0 server to provide support for HTTP/2.0 http or https URLs.nghttpHTTP/2.0 client to make HTTP/2.0 requests and show debugging info.
See github for the sources to this docker image.
See github releases for the changes between versions.
If you want to build the image yourself use this command:
$ docker build -t dajobe/nghttpx .
The image is prebuilt and uploaded the Docker hub so you skip this step and follow the next section.
The proxy runs and uses a volume /data that generally should be
mapped to a local data directory e.g $PWD/data to store logs and
configuration.
The proxy will write access and error logs to files below the the
/data/logs dir so it should appear in $PWD/data/logs if you use
the volume mappings suggested. The default config file will be
written to /data/etc/nghttpx.conf if it doesn't exist; if it is
updated, it will not be replaced the next time the proxy is urn.
- Proxy from HTTP/2.0 (non-encrypted) to HTTP/1.0
To run the proxy with non-encrypted HTTP/2.0 on port 80 that can
serve http traffic, proxying to an HTTP/1.0 server, the hostname and
port of the HTTP/1.0 server (the backend ) needs to be given via
the HOST and PORT envariables:
$ mkdir -p data
$ docker run --name nghttpx -d -p 80:3000 -v $PWD/data:/data \
-e HOST=192.168.1.2 -e PORT=12345 \
dajobe/nghttpx
- Proxy from HTTP/2.0 (encrypted) to HTTP/1.0
To run the proxy with TLS/SSL HTTP/2.0 on port 443 that can serve
https traffic, in addition to the host and port config HOST and
PORT envariables as decribed above, you will need to put the server
TLS/SSL key file in $PWD/data/etc/keyfile and the certificate file
in $PWD/data/etc/certfile and set the KEY_FILE and CERT_FILE
envariable arguments to those paths like this:
$ mkdir -p data
$ docker run --name nghttpx -d -p 443:3000 -v $PWD/data:/data \
-e HOST=192.168.1.2 -e PORT=12345 \
-e KEY_FILE=/data/etc/keyfile \
-e CERT_FILE=/data/etc/certfile \
dajobe/nghttpx
Generally HOST should be set to a private IP address of the host
that docker(1) is running on and a separate server such as Apache
or Nginx used to deliver the HTTP/1.0 content on the PORT such as
12345 in the examples above.
- Proxy Admin
To stop the server container in either case above use:
$ docker stop nghttpx
and to delete the container (which won't lose the data and logs,
since they are in $PWD/data) use:
$ docker rm nghttpx
If you want to run both the http (port 80) and https (port 443)
HTTP/2.0 proxies, you can do that but you will need to run two
servers with separate data dirs and configurations since the proxy
runs in only one mode ( via the --frontend-no-tls flag to nghttpx ).
You will also need to give the containers different names with
the --name option to the docker(1) command
Finally the envariable ARGS can be used to set any additional proxy
runtime args that may be required. Creating a custom config file at
$PWD/data/etc/nghttpx.conf as describe above is an alternative.
You can also run the nghttp client included in the image if you
want to test out HTTP/2.0:
$ docker run --rm -it dajobe/nghttpx nghttp -v https://nghttp2.org/
[ 0.246] Connected
[ 0.360][NPN] server offers:
* h2
* h2-16
* h2-14
* spdy/3.1
* http/1.1
The negotiated protocol: h2
...
(lots of output truncated)
See the docs for details on how to use the client.
Alternately, the most recent Mozilla Firefox and Google Chrome browsers support HTTP/2.0 over https although it may require some configuration.