http endpoints running on a small instances which needs to be optimized for peformance. can be done using 2 ways
- “Throwing resource to the problem” - easier approach,increase size of the backend instance, this increases cost.
- “Optimize Protocols” - to improve/reduce the traffic reaching small instance, similar or marginal cost increase.
Some opportunities to optimize protocols in nginx:
http/2 instead of http/1.1
http/2 provides header compression,multiplexing and server push features, since http request is foundational, any small improvement will have huge impact on performance and costs.
enabling http/2 protocol in nginx can be done as
listen 443 ssl http2;TLS1.3 and TLS1.2
Transport Layer Security(TLS) is successor of Secure Sockets Layer(SSL), TLS 1.2 requires 2 round trips for handshake, TLS 1.3 completes handshake with 1 round trip, this reduces encryption latency by 50% and thus improves performance.
TLS 1.3 also offers 0-RTT (zero Round trip time) Resumption, which helps clients which are previously connected to server with zero-handshake and thus improves performance, this feature is vulnerable to Replay attacks. Not all clients supports TLS1.3, hence better to enable both TLS 1.3 and TLS 1.2enabling TLS V1.3 and 0-RTT in nginx can be done as
ssl_protocols TLSv1.3 TLSv1.2; ssl_early_data on;http/3 and http/2
http/3 is evovled version of http/2 and upcoming standard for http, http/3 is based on QUIC (Quick UDP Internet Connections) which offers much improved handshake than TCP+TLS 1.3 combined and other performance improvements.
support to enable this protocol in nginx is limited , and expected to be added soon
Comments