• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..--

src/18-Mar-2025-1,042769

CMakeLists.txtD18-Mar-20252.4 KiB8064

KconfigD18-Mar-20252.2 KiB7358

README.rstD18-Mar-20258.4 KiB258169

cc1352-enable-subg.overlayD18-Mar-2025249 2217

ieee802154-overlay.confD18-Mar-2025469 176

overlay-netusb.confD18-Mar-2025227 115

overlay-tls.confD18-Mar-2025823 2724

prj.confD18-Mar-20251.7 KiB7551

sample.yamlD18-Mar-2025399 1918

sections-rom.ldD18-Mar-2025217 53

README.rst

1.. zephyr:code-sample:: sockets-http-server
2   :name: HTTP Server
3   :relevant-api: http_service http_server tls_credentials
4
5   Implement an HTTP(s) Server demonstrating various resource types.
6
7Overview
8--------
9
10This sample application demonstrates the use of the :ref:`http_server_interface` library.
11This library provides high-level functions to simplify and abstract server implementation.
12The server supports the HTTP/1.1 protocol which can also be upgraded to HTTP/2,
13it also support native HTTP/2 protocol without upgrading.
14
15Requirement
16-----------
17
18`QEMU Networking <https://docs.zephyrproject.org/latest/connectivity/networking/qemu_setup.html#networking-with-qemu>`_
19
20Building and running the server
21-------------------------------
22
23There are configuration files for various setups in the
24:zephyr_file:`samples/net/sockets/http_server` directory:
25
26.. list-table::
27
28    * - :zephyr_file:`prj.conf <samples/net/sockets/http_server/prj.conf>`
29      - This is the standard default config.
30
31    * - :zephyr_file:`ieee802154-overlay.conf <samples/net/sockets/http_server/ieee802154-overlay.conf>`
32      - This overlay config can be added for IEEE 802.15.4 support.
33
34    * - :zephyr_file:`overlay-netusb.conf <samples/net/sockets/http_server/overlay-netusb.conf>`
35      - This overlay config can be added for connecting via network USB.
36
37    * - :zephyr_file:`overlay-tls.conf <samples/net/sockets/http_server/overlay-tls.conf>`
38      - This overlay config can be added to build the HTTPS variant.
39
40To build and run the HTTP server application:
41
42.. code-block:: bash
43
44   $ west build -p auto -b <board_to_use> -t run samples/net/sockets/http_server
45
46For the HTTPS version:
47
48.. code-block:: bash
49
50   $ west build -p auto -b <board_to_use> -t run --test samples/net/sockets/http_server/sample.net.sockets.https.server
51
52When the server is up, we can make requests to the server using either HTTP/1.1 or
53HTTP/2 protocol from the host machine.
54
55**With HTTP/1.1:**
56
57- Using a browser: ``http://192.0.2.1/``
58- Using curl: ``curl -v --compressed http://192.0.2.1/``
59- Using ab (Apache Bench): ``ab -n10 http://192.0.2.1/``
60
61**With HTTP/2:**
62
63- Using nghttp client: ``nghttp -v --no-dep http://192.0.2.1/``
64- Using curl: ``curl --http2 -v --compressed http://192.0.2.1/``
65- Using h2load: ``h2load -n10 http://192.0.2.1/``
66
67Web browsers use stricter security settings for the HTTP/2 protocol. So to use HTTP/2
68with a web browser, you must ALPN (add ``-DCONFIG_NET_SAMPLE_HTTPS_USE_ALPN`` to
69the west build command) on top of the HTTPS build shown above.
70Additionally the server certificate must be signed by a CA certificate trusted
71by your browser.
72
73The best way to do this is to generate your own CA certificate:
74
75.. code-block:: bash
76
77   $ west build -b <board_to_use> -t sample_ca_cert samples/net/sockets/http_server
78
79Generate a server certificate signed by this CA certificate:
80
81.. code-block:: bash
82
83   $ west build -t sample_server_cert samples/net/sockets/http_server
84
85And then build the application with the newly generated server certificate and key:
86
87.. code-block:: bash
88
89   $ west build samples/net/sockets/http_server
90
91The CA certificate should be added to your browser's list of trusted authorities to
92enable usage of HTTP/2. If using Firefox, it may also be required to change the setting
93``network.http.http2.enforce-tls-profile`` to false, since it seems that using a CA
94certificate issued by an authority unknown to Firefox is considered a security error when
95using HTTP/2.
96
97Server Customization
98---------------------
99
100The server sample contains several parameters that can be customized based on
101the requirements. These are the configurable parameters:
102
103- ``CONFIG_NET_SAMPLE_HTTP_SERVER_SERVICE_PORT``: Configures the service port.
104
105- ``CONFIG_HTTP_SERVER_MAX_CLIENTS``: Defines the maximum number of HTTP/2
106  clients that the server can handle simultaneously.
107
108- ``CONFIG_HTTP_SERVER_MAX_STREAMS``: Specifies the maximum number of HTTP/2
109  streams that can be established per client.
110
111- ``CONFIG_HTTP_SERVER_CLIENT_BUFFER_SIZE``: Defines the buffer size allocated
112  for each client. This limits the maximum length of an individual HTTP header
113  supported.
114
115- ``CONFIG_HTTP_SERVER_MAX_URL_LENGTH``: Specifies the maximum length of an HTTP
116  URL that the server can process.
117
118- ``CONFIG_NET_SAMPLE_WEBSOCKET_SERVICE``: Enables Websocket service endpoint.
119  This allows a Websocket client to connect to ``/`` endpoint, all the data that
120  the client sends is echoed back.
121
122To customize these options, we can run ``west build -t menuconfig``, which provides
123us with an interactive configuration interface. Then we could navigate from the top-level
124menu to: ``-> Subsystems and OS Services -> Networking -> Network Protocols``.
125
126Websocket Connectivity
127----------------------
128
129You can use a simple Websocket client application like this to test the Websocket
130connectivity.
131
132.. code-block:: python
133
134   import websocket
135
136   websocket.enableTrace(True)
137   ws = websocket.WebSocket()
138   ws.connect("ws://192.0.2.1/ws_echo")
139   ws.send("Hello, Server")
140   print(ws.recv())
141   while True:
142     line = input("> ")
143     if line == "quit":
144       break
145     ws.send(line)
146     print(ws.recv())
147   ws.close()
148
149
150Testing over USB
151----------------
152
153Let's see a real example on how the HTTP(S) server can be tested on a real device
154using an USB connection toward a Linux host PC. For this purpose let's take an
155NRF52840 board as example.
156
157First of all build the sample enabling HTTPS service and flash the board:
158
159.. zephyr-app-commands::
160         :zephyr-app: samples/net/sockets/http_server/
161         :board: nrf52840dk/nrf52840
162         :goals: build
163         :gen-args: -DCONFIG_NET_SAMPLE_HTTPS_SERVICE=y -DEXTRA_CONF_FILE=overlay-netusb.conf
164
165Then connect the USB cable to the host PC and issue:
166
167.. code-block:: bash
168
169   $ ip link show
170
171to get the device name Linux assigned to the USB-Ethernet interface. For the
172following let's assume that the name is ``eth-device``.
173
174Now we need to configure IP and routing for this interface:
175
176.. code-block:: bash
177
178   $ sudo ip addr add 192.0.2.2/24 dev eth-device
179   $ sudo ip route add 192.0.2.0/24 dev eth-device
180
181Here:
182
183* we picked an IP address for the interface, i.e. ``192.0.2.2/24``, which is
184  different form the server one, i.e. :kconfig:option:`CONFIG_NET_CONFIG_MY_IPV4_ADDR`,
185  but in the allowed IP range defined by the ``/24`` mask.
186* we assume that 192.168.0.x range do not conflict with other addresses and
187  routes in the host system. If that's the case, then all IP addresses should
188  be fixed (sample, host IP interface, certificate).
189
190Once this is done, it should be possible to test either HTTP and HTTPS with
191``curl``:
192
193.. code-block:: bash
194
195   $ curl -v --compressed http://192.0.2.1
196   $ curl -v --compressed https://192.0.2.1
197
198.. note::
199
200   To have a successful HTTPS connection ensure to update the CA certificates
201   of the host Linux system adding
202   :zephyr_file:`samples/net/sockets/http_server/src/certs/ca_cert.pem` to the
203   list of known CAs.
204
205Performance Analysis
206--------------------
207
208CPU Usage Profiling
209*******************
210
211We can use ``perf`` to collect statistics about the CPU usage of our server
212running in native_sim board with the ``stat`` command:
213
214.. code-block:: console
215
216   $ sudo perf stat -p <pid_of_server>
217
218``perf stat`` will then start monitoring our server. We can let it run while
219sending requests to our server. Once we've collected enough data, we can
220stop ``perf stat``, which will print a summary of the performance statistics.
221
222Hotspot Analysis
223****************
224
225``perf record`` and ``perf report`` can be used together to identify the
226functions in our code that consume the most CPU time:
227
228.. code-block:: console
229
230   $ sudo perf record -g -p <pid_of_server> -o perf.data
231
232After running our server under load (For example, using ApacheBench tool),
233we can stop the recording and analyze the data using:
234
235.. code-block:: console
236
237   $ sudo perf report -i perf.data
238
239After generating a file named ``perf.data`` which contains the profiling data,
240we can visualize it using ``FlameGraph`` tool. It's particularly useful for
241identifying the most expensive code-paths and inspect where our application is
242spending the most time.
243
244To do this, we need to convert the ``perf.data`` to a format that ``FlameGraph``
245can understand:
246
247.. code-block:: console
248
249   $ sudo perf script | ~/FlameGraph/stackcollapse-perf.pl > out.perf-folded
250
251And, then, generate the ``FlameGraph``:
252
253.. code-block:: console
254
255   $ ~/FlameGraph/flamegraph.pl out.perf-folded > flamegraph.svg
256
257We can view flamegraph.svg using a web browser.
258