Articles

Enable HTTP/2 in Cloud Functions Gen2 for Streaming (2026)

April 16, 2026 6 min read

HTTP/2 support isn’t automatically enabled for streaming in Cloud Functions Gen2; you have to explicitly configure your ingress settings.

You’re trying to stream data from a Cloud Function, likely to a client that expects HTTP/2 for efficient multiplexing and header compression, but it’s not working as expected. The core issue is that Gen2 functions, by default, might not expose the necessary ingress configuration to allow HTTP/2 connections. While the underlying infrastructure often supports HTTP/2, the way your function is exposed to the network needs to be tuned for it.

Here’s how to ensure HTTP/2 is enabled for your streaming Cloud Functions Gen2:

1. Understanding the Ingress Settings

Cloud Functions Gen2 run on Cloud Run, and their network exposure is controlled by ingress settings. By default, functions might be set to a more restrictive ingress, which doesn’t necessarily negotiate HTTP/2. To enable HTTP/2, you need to allow all ingress traffic, which signals to the load balancer that it should negotiate the best possible protocol, including HTTP/2.

2. Enabling "Allow all traffic" Ingress

The most direct way to enable HTTP/2 is to set your function’s ingress to "Allow all traffic." This tells Cloud Run (and by extension, your Cloud Function) to accept connections from the public internet and the Google network.

Diagnosis Command:

First, check your current ingress settings. You can do this using the gcloud command-line tool. Replace YOUR_FUNCTION_NAME and YOUR_REGION with your function’s actual name and region.

gcloud functions describe YOUR_FUNCTION_NAME --region=YOUR_REGION --format='value(ingressSettings)'

If the output is not ALLOW_ALL, you need to change it.

Fix:

You can update the ingress settings via the Google Cloud Console or gcloud.

Using gcloud:

gcloud functions update YOUR_FUNCTION_NAME \
  --region=YOUR_REGION \
  --ingress-settings=ALLOW_ALL

Using Google Cloud Console:

  1. Navigate to the Cloud Functions page in the Google Cloud Console.
  2. Select your Gen2 function.
  3. Click "Edit".
  4. Go to the "Networking" section.
  5. Under "Ingress settings", select "Allow all traffic".
  6. Click "Deploy".

Why it works:

Setting ingressSettings to ALLOW_ALL configures the underlying Cloud Run service to use a load balancer that supports HTTP/2 and will negotiate it with compatible clients. This makes the function endpoint accessible from anywhere, and the load balancer’s responsibility includes establishing the most efficient connection possible, which for modern clients and servers, is often HTTP/2.

3. Verifying HTTP/2 Support on the Client Side

Even with the function configured correctly, your client must also support and attempt to establish an HTTP/2 connection. Most modern HTTP clients (like curl version 7.66+, browser clients, and libraries like requests in Python when configured) will attempt to negotiate HTTP/2 if the server supports it.

Diagnosis (Client-side):

You can test this with curl. Ensure you have a recent version of curl installed.

curl --http2 -v YOUR_FUNCTION_URL

Replace YOUR_FUNCTION_URL with the URL of your deployed Cloud Function.

Expected Output Snippet:

Look for a line in the verbose output (-v) that indicates an HTTP/2 connection was established. It will typically look something like this:

* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* HTTP/2 stream 0 (GET /) started with 100 Continue headers

If you see HTTP/1.1 or no clear indication of HTTP/2, the client might not be negotiating it.

Fix (Client-side):

  • Update curl: If using curl, ensure it was compiled with HTTP/2 support (most recent builds are).
  • Library Configuration: For programmatic clients (e.g., Python requests, Node.js axios), consult their documentation to ensure HTTP/2 is enabled or that they are using an underlying HTTP client that supports it. For example, Python’s requests might require httpx as a backend for HTTP/2.
  • Browser Settings: Browsers generally enable HTTP/2 by default if the server supports it. You can check network developer tools in your browser to see the protocol used for requests.

Why it works:

The client’s ability to negotiate HTTP/2 is crucial. The --http2 flag with curl explicitly tells it to try HTTP/2. If the server (your Cloud Function via Cloud Run) supports it and is accessible (due to ALLOW_ALL ingress), a successful HTTP/2 connection can be made.

4. Considering Load Balancer and TLS

HTTP/2 typically requires TLS (HTTPS) to be enabled. Cloud Functions Gen2 endpoints are automatically secured with TLS. The load balancer in front of your Cloud Run service handles the TLS termination and HTTP/2 negotiation.

Diagnosis:

Ensure your function is accessed via its https URL. If you are using a custom domain, ensure the associated SSL certificate is correctly configured and active.

Fix:

  • Use HTTPS URL: Always use the https:// URL provided by Cloud Functions or your custom domain.
  • Custom Domains: If using a custom domain, verify its DNS records and SSL certificate status in the Cloud Console under "Cloud Run" -> "Custom Domains".

Why it works:

TLS is a prerequisite for HTTP/2 in most browser contexts and is a strong recommendation for security. The Google Cloud load balancer is configured to offer HTTP/2 over TLS.

5. Function Code and Streaming Libraries

While the infrastructure handles the protocol, your function code must be written to stream data effectively. This usually involves using framework-specific streaming responses.

Diagnosis:

If you’re seeing large buffers or the connection timing out during large data transfers, it might indicate your function isn’t streaming efficiently, even if HTTP/2 is established.

Fix (Example - Node.js Express):

Ensure your response object is treated as a writable stream.

// Example using Express in Cloud Functions Gen2
const express = require('express');
const app = express();

app.get('/stream', (req, res) => {
  // Set headers for streaming
  res.setHeader('Content-Type', 'text/plain');
  res.setHeader('Transfer-Encoding', 'chunked'); // Important for streaming

  // Write chunks of data
  let counter = 0;
  const intervalId = setInterval(() => {
    const data = `Data chunk ${counter++}\n`;
    res.write(data); // Write data chunk

    if (counter > 10) {
      clearInterval(intervalId);
      res.end('Stream finished.\n'); // End the response
    }
  }, 500);
});

// Deploy this function.
// Make sure you have --ingress-settings=ALLOW_ALL for the function.

Why it works:

By using res.write() and res.end(), you are treating the HTTP response as a stream. This allows data to be sent incrementally rather than buffering the entire response in memory, which is essential for large or continuous data streams and leverages the benefits of HTTP/2’s multiplexing.

The Next Hurdle: Backpressure

Once you have HTTP/2 streaming working, you might encounter issues with clients not consuming data as fast as your function produces it. This is known as "backpressure." Your streaming code should ideally handle this by pausing production when the stream buffer is full, preventing memory exhaustion and dropped connections. Libraries like through2 in Node.js or careful stream management in Python can help.

Want structured learning?

Take the full Cloud-functions course →