Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Mercure: Real-Time for PHP Made Easy

Mercure: Real-Time for PHP Made Easy

Mercure is a protocol allowing to push data updates to web browsers and other HTTP clients in a convenient, fast, reliable and battery-efficient way. It is especially useful to publish real-time updates of resources served through web APIs, to reactive web and mobile apps. It is provided with an open source implementation written in Go.

It provides:

* native browser support, no lib nor SDK required (built on top of HTTP and server-sent events)
* compatible with all existing servers, even those who don't support persistent connections (PHP, serverless architecture, , FastCGI...)
* built-in connection re-establishment and state reconciliation
* JWT-based authorization mechanism (securely dispatch an update to some selected subscribers)
* performant, leverages HTTP/2 multiplexing
* designed with hypermedia in mind, also supports GraphQL
* auto-discoverable through web linking
* message encryption support
* can work with old browsers (IE7+) using an EventSource polyfill
* connection-less push in controlled environments (e.g. browsers on mobile handsets tied to specific carriers)

E66449b8260b07a1cf51c5ab5eaa8180?s=128

Kévin Dunglas

October 24, 2019
Tweet

Transcript

  1. Real-Time for PHP and Beyond

  2. @dunglas - mercure.rocks Kévin Dunglas ❏ Founder of Les-Tilleuls.coop ❏

    Creator of Mercure.rocks, Vulcain.rocks, API Platform… ❏ Symfony Core Team Member @dunglas
  3. @dunglas - mercure.rocks PHP, API and cloud experts ✊ Self-managed,

    100% employee-owned 45 people, 1,000% growth in 6 years Come to our booth!
 contact@les-tilleuls.coop Les-Tilleuls.coop
  4. @dunglas - mercure.rocks Real-Time APIs?!

  5. @dunglas - mercure.rocks Mercure: Push from Server to Clients ❏

    Push notifications ❏ Synchronize connected devices in real-time ❏ Collaborative editing (Google Docs-like) ❏ Notify users when an async task has finished Modern and high level alternative to WebSocket
  6. @dunglas - mercure.rocks

  7. @dunglas - mercure.rocks Why a New Protocol?

  8. © Ilya Grigorik High Performance Browser Networking (O'Reilly)

  9. @dunglas - mercure.rocks WebSocket (RFC 6455) Benefits over SSE: ❏

    Full-duplex communication ❏ Low level: full control Drawbacks over SSE: ❏ Low level: no native ❏ auth ❏ re-connection ❏ state reconciliation ❏ events history ❏ Obsoleted by HTTP/2 & 3 ❏ Hard to secure
  10. @dunglas - mercure.rocks The Persistent Connections Problem ❏ WebSocket and

    SSE rely on persistent connections ❏ PHP but also Serverless platforms, FastCGI…
 are designed for short-lived connections ❏ Persistent, long-lived, concurrent connections are better handled by
 dedicated and optimized software and hardware
  11. None
  12. @dunglas - mercure.rocks The Mercure Protocol

  13. @dunglas - mercure.rocks

  14. @dunglas - mercure.rocks Mercure, at a Glance ❏ Full-duplex, but

    plain old HTTP ❏ Publish: HTTP POST ❏ Subscribe: SSE ❏ Built-in: reconnection, retrieving of lost messages, history ❏ Auto-discoverable: designed for REST and GraphQL ❏ JWT-based authorization mechanism (private updates) ❏ Designed for serverless, PHP, FastCGI… ❏ End-2-End encryption support
  15. @dunglas - mercure.rocks Stream Events to Clients

  16. @dunglas - mercure.rocks Internet Draft: draft-dunglas-mercure

  17. None
  18. @dunglas - mercure.rocks Mercure and HTTP/2+

  19. @dunglas - mercure.rocks © Narayan Prusty - What is Multiplexing

    in HTTP/2? HTTP/2: Multiplexing, and more ❏ Headers compression ❏ Headers deduplication ❏ No per-host connections limits
  20. @dunglas - mercure.rocks HTTP/2 support: 92% of all users ...and

    SSEs also work with HTTP/1.x
  21. @dunglas - mercure.rocks SSE support: 93% of all users

  22. @dunglas - mercure.rocks No IE? No Edge?!

  23. @dunglas - mercure.rocks There is a Polyfill for That! SSEs

    global support (with polyfill): ~100%
  24. @dunglas - mercure.rocks Publishing

  25. @dunglas - mercure.rocks Publishing

  26. @dunglas - mercure.rocks Publishing: PHP

  27. @dunglas - mercure.rocks Subscribing

  28. @dunglas - mercure.rocks Subscribing: Basic Usage

  29. @dunglas - mercure.rocks Subscribing: Several Topics

  30. @dunglas - mercure.rocks Subscribing: URI Templates

  31. None
  32. @dunglas - mercure.rocks The Discovery Mechanism

  33. @dunglas - mercure.rocks Discovery Mechanism Web Linking: RFC 5988

  34. @dunglas - mercure.rocks Authorization

  35. @dunglas - mercure.rocks Authorization ❏ Uses JSON Web Token (JWT

    - RFC 7519) ❏ An update can be intended for one or several targets ❏ Publisher: must be authenticated ❏ Subscriber: ❏ Can be anonymous (if allowed by the config) ❏ Must be authenticated to receive private updates ❏ Two transports: cookie and Authorization header
  36. @dunglas - mercure.rocks

  37. @dunglas - mercure.rocks JSON Web Token and Targets

  38. @dunglas - mercure.rocks Publishing or Subscribing to All Targets

  39. @dunglas - mercure.rocks Cookie-based Authorization ❏ Set by the app

    server during the discovery ❏ The app server and the Mercure hub must share the same domain (or subdomain) ❏ Supported by EventSource ❏ Recommended for web browsers
  40. @dunglas - mercure.rocks HTTP Header-based Authorization ❏ Set by the

    client ❏ Not supported by native EventSource ❏ Supported by the polyfill ❏ Recommended for servers
  41. @dunglas - mercure.rocks Publishing to Specific Targets

  42. None
  43. @dunglas - mercure.rocks The Mercure Hub

  44. @dunglas - mercure.rocks Reference Implementation ❏ Implements 100% of the

    Mercure protocol ❏ Fast, written in Go ❏ Works everywhere: static binaries and Docker ❏ Automatic HTTP/2 and HTTPS (Let’s Encrypt) ❏ CORS support, CSRF protection ❏ Cloud Native (12Factor App) ❏ Open source (AGPL) ❏ Optional: a server can implement directly the protocol
  45. @dunglas - mercure.rocks Reference Implementation https://mercure.rocks

  46. @dunglas - mercure.rocks Starting the Hub https://mercure.rocks

  47. @dunglas - mercure.rocks

  48. @dunglas - mercure.rocks Using Docker

  49. @dunglas - mercure.rocks On a Kubernetes Cluster

  50. @dunglas - mercure.rocks Alternative Implementations ❏ No hubs: the hub

    is optional ❏ Go library (AGPL) ❏ Node.js library (GPL) ❏ HA version (managed and on premise)
 in private beta: dunglas@gmail.com
  51. None
  52. @dunglas - mercure.rocks Case Study:
 Mercure on a
 Large Scale

    at iGraal
  53. @dunglas - mercure.rocks Quick intro about iGraal ❏ leader of

    cashback in France (5 millions members) ❏ cashback: earn money on your online purchases ❏ tech team of 30 persons ❏ available on website, mobile apps and web extensions
  54. @dunglas - mercure.rocks What are iGraal Web Extensions ? ❏

    tool to detect merchants & activate cashback ❏ demo
  55. @dunglas - mercure.rocks About iGraal Web Extensions ❏ detect merchant

    cashback compatible ❏ activate cashback ❏ user account
  56. @dunglas - mercure.rocks About iGraal Web Extensions

  57. @dunglas - mercure.rocks Large Scale to Handle ❏ 500,000 extensions

    currently installed ❏ 1 browser « opened » = 1 extension « connected » ❏ average of 100 000 extensions « connected » simultaneously
  58. @dunglas - mercure.rocks Architecture without Mercure

  59. @dunglas - mercure.rocks Architecture without Mercure ❏ poll our API

    every 4H to sync user data in background
  60. @dunglas - mercure.rocks Architecture With Mercure

  61. @dunglas - mercure.rocks On Premise Configuration

  62. @dunglas - mercure.rocks Developper Feedbacks ❏ quick and simple to

    integrate (online docs are enough) ❏ sending « update me » messages is easier 
 than generating data diff
  63. @dunglas - mercure.rocks Devops Feedbacks ❏ backend resources savings €€€

    ❏ small resources needs: ❏ 2 instances t3.medium for Mercure Nodes ❏ 1 instance t3.small for Kafka ❏ Load Balancing Tips ❏ enable Mercure’s heartbeat mechanism for Amazon’s Application Load Balancer (ALB) compatibility ❏ set a low « TTL » for Mercure connections to spread the load
  64. @dunglas - mercure.rocks Future usages ❏ mobile applications?

  65. @dunglas - mercure.rocks Study Conclusion « T’as mis des paillettes

    dans ma vie Kevin ! »
  66. @dunglas - mercure.rocks Integrations

  67. @dunglas - mercure.rocks Integrations ❏ Libs: PHP, amphp, JS, Python,

    Dart ❏ Official integrations: ❏ Symfony, API Platform ❏ Community integrations: ❏ Laravel, Yii framework, GitHub Actions ❏ Official examples: ❏ PHP, JS, Go, Ruby, Python
  68. @dunglas - mercure.rocks Example using
 API Platform & React

  69. @dunglas - mercure.rocks Create a Mercure-enabled Web API api-platform.com

  70. You get a fully-featured API supporting: ❏ JSON-LD + Hydra

    + schema.org ❏ GraphQL, JSON:API, HAL ❏ OpenAPI ❏ auth, pagination, filters, validation, HTTP/2 push, test framework… ❏ and Mercure support! MIT license
  71. @dunglas - mercure.rocks Scaffold Mercure-Enabled Clients api-platform.com

  72. @dunglas - mercure.rocks Try it! bit.ly/2H17hN3

  73. https://mercure.rocks

  74. @dunglas les-tilleuls.coop .rocks