Google SPDY - Has anyone used it on Apache?

http apache-2.2 google spdy

I'm one of the developers on mod_spdy. At this stage the module is reasonably stable and fully SPDY/2 compliant (an earlier poster incorrectly claimed that it does not support multiplexing. That is incorrect). That said, it is not as stable as the core Apache modules like mod_ssl. I consider it a "beta" module suitable for use in environments where you can tolerate some issues. There are currently web sites using mod_spdy successfully today.

We are actively working on making the module fully production ready and we plan to release DEB/RPM packages (in addition to supporting build from source) within a few months time.

We will announce the availability of packages and other updates on our discussion forum: https://groups.google.com/group/mod-spdy-discuss Please join the group if you'd like to stay up to date with mod_spdy news. Thanks!

PS: Steve mentions "For example, its implementation of the SPDY protocol is just an svn external reference that pulls in a chunk of the Chromium C++ source tree." and I want to clarify that this is absolutely the right thing for mod_spdy or any other SPDY-compliant C++ component to do. SPDY is still changing rapidly so by leveraging the core SPDY encode/decode logic from Chromium we can stay in sync and up to date as the SPDY protocol changes. IMO it would be a mistake to do it any other way.

RE: SSL you pay a small penalty for SSL, yes, but for all but the simplest web pages the performance benefits of SPDY will make up for the SSL overhead and give your users a secure connection as well.


I've played around with mod_spdy on my personal site, purely out of curiosity. The Apache mod_spdy should be considered pre-alpha; it's basically a spike implementation and is nowhere near production quality. For example, its implementation of the SPDY protocol is just an svn external reference that pulls in a chunk of the Chromium C++ source tree. Currently it fails to implement some of important features of SPDY, such as multiplexing. Consequently I've seen negative performance gains using it (largely stemming from the need to force SSL and use FCGI).

It's not clear to me that Apache is the right place to put SPDY anyway; Apache is more of an application container nowadays; the caching layer (Nginx or Varnish) seems more appropriate.

All that said...

The mod_spdy wiki contains some instructions to build against Debian, but I don't recommend their method as it modifies the installed system. Instead I'd recommend building a fresh Apache/SSL install under /opt and run it from there; this gives you an easy rollback option. The rough steps to do this are:

  • Patch OpenSSL with the NPN implementation and install
  • Build Apache against this SSL implementation, enabling the hybrid engine and any mods you need
  • If you need PHP you'll need to build mod_fcgid against Apache
  • Port your existing site config to this new Apache install and test
  • Build and install mod_spdy; this requires Google's depot_tools
  • Configure the non-SSL site to push an "Alternate-Protocol" header (with mod_headers)
  • Disable your existing Apache and setup init scripts for the SPDY version
  • Observe no performance improvement, and a possibly unstable site :)

Related

How do I find out what version of SMB is enabled on a remote host?
Why (or how) does the number of open file descriptors in use by root exceed ulimit -n?
How to run two instances of apache on same system (Ubuntu)
Method to integrate Powershell scripts with non-Windows workflow?
using trailing slashes in nginx configuration
Banning IPv6 addresses
Check ufw default policy action
How do I make actual use an IPv4 block that I own?
Why are environment variables different with `bash -c`
How do I fix "no GLUE" problem with DNS lookups?
"Catch-All" access log with Apache Virtual Hosts?
When & how does logrotate run under Ubuntu 10.04?