Snakeway v0.13.1
Highlights
HTTP/2 to HTTP/1.1 protocol translation
Snakeway no longer requires TLS-enabled upstreams when serving HTTP/2 clients. Previously, HTTP/2 downstream connections were only supported for gRPC routes with TLS backends.
Now, HTTP/2 clients can connect to any TLS ingress bind and the proxy translates requests to HTTP/1.1 for plaintext upstream services automatically.
This means you can enable enable_http2 = true on an ingress bind and point it at standard HTTP/1.1 backends without
any additional configuration.
The proxy handles the protocol difference transparently.
Three protocol paths are now supported:
| Client protocol | Upstream | Behavior |
|---|---|---|
| HTTP/2 + TLS | TLS | End-to-end HTTP/2 (gRPC, h2-to-h2) |
| HTTP/2 + TLS | Plaintext | HTTP/2 to HTTP/1.1 translation (new) |
| HTTP/1.1 | Either | HTTP/1.1 pass-through (unchanged) |
Response device pipeline for HTTP/2
Response devices (logging, header manipulation) now run on all HTTP/2 responses, not just HTTP/1.1 responses. Previously, the response device pipeline was skipped for HTTP/2 connections. This was incorrect for the h2-to-h1 path where the response is a normal HTTP response that should be processed by devices.
Upgrade Notes
No configuration changes are required.
Existing enable_http2 = true ingresses will continue to work as before for gRPC and TLS upstreams.
The new h2-to-h1 translation activates automatically when an HTTP/2 client connects to an ingress that routes to
plaintext upstreams.