Category: Kubernetes, encryption, github

A project to bring HTTP/2 to the CloudFoundry application development platform ran into a roadblock when the keepers of the Go Language did not respond to requests, with sufficient swiftness anyway, for supporting the HTTP/2 over TCP “upgrade flow” process. As a result, the Cloud Foundry Go Router reverse proxy removes headers that would let a CF application know it can send and receive HTTP/2 traffic.

Long is part of a team to bring HTTP/2 to Cloud Foundry.

HTTP/2 relies on mTLS for encryption, which is terminated in Cloud Foundry not by the app itself but rather by the Envoy proxy.

The good news is is that H2C comes with an upgrade flow, in which the app is asked, through a few extra headers, if it accepts HTTP/2.

Related Articles