Real-Time APIs for Serverless and Beyond

Real-Time APIs for Serverless and Beyond

Mercure is a protocol allowing to push data updates to web browsers and other HTTP clients in a convenient, fast, reliable and battery-efficient way. It is especially useful to publish real-time updates of resources served through web APIs, to reactive web and mobile apps. The protocol is designed for serverless, HTTP/2+, hypermedia and GraphQL, and is fully-featured: auto-discoverable, authorization, re-connection, state reconciliation...

E66449b8260b07a1cf51c5ab5eaa8180?s=128

Kévin Dunglas

July 16, 2019
Tweet

Transcript

  1. 2.

    @dunglas - mercure.rocks Kévin Dunglas ❏ Founder of Les-Tilleuls.coop ❏

    Creator of Mercure, API Platform… ❏ Symfony Core Team @dunglas
  2. 3.

    @dunglas - mercure.rocks API and cloud experts ✊ Self-managed, 100%

    employee-owned 40 people, 1,000% growth in 6 years contact@les-tilleuls.coop Les-Tilleuls.coop
  3. 5.

    @dunglas - mercure.rocks Mercure: Push from Server to Clients ❏

    Push notifications ❏ Synchronize connected devices in real-time ❏ Collaborative editing (Google Docs-like) ❏ Notify users when an async task has finished Modern and high level alternative to WebSocket
  4. 9.

    @dunglas - mercure.rocks WebSocket (RFC 6455) Benefits over SSE: ❏

    Full-duplex communication ❏ Low level: full control Drawbacks over SSE: ❏ Low level: no native ❏ auth ❏ re-connection ❏ state reconciliation ❏ events history ❏ Obsoleted by HTTP/2 & 3 ❏ Hard to secure
  5. 10.

    @dunglas - mercure.rocks The Persistent Connections Problem ❏ WebSocket and

    SSE rely on persistent connections ❏ Serverless platforms (AWS Lambda, Cloud Run, Azure functions…), PHP, FastCGI…
 are designed for short-lived connections ❏ Persistent, long-lived, concurrent connections are better handled by
 dedicated and optimized software and hardware
  6. 11.
  7. 14.

    @dunglas - mercure.rocks Mercure, at a Glance ❏ Full-duplex, but

    plain old HTTP ❏ Publish: HTTP POST ❏ Subscribe: SSE ❏ Built-in: reconnection, retrieving of lost messages, history ❏ Auto-discoverable: designed for REST and GraphQL ❏ JWT-based authorization mechanism (private updates) ❏ Designed for serverless, PHP, FastCGI… ❏ End-2-End encryption support
  8. 17.
  9. 28.
  10. 32.

    @dunglas - mercure.rocks Authorization ❏ Uses JSON Web Token (JWT

    - RFC 7519) ❏ An update can be intended for one or several targets ❏ Publisher: must be authenticated ❏ Subscriber: ❏ Can be anonymous (if allowed by the config) ❏ Must be authenticated to receive private updates ❏ Two transports: cookie and Authorization header
  11. 35.

    @dunglas - mercure.rocks Reference Implementation ❏ Implements 100% of the

    Mercure protocol ❏ Fast, written in Go ❏ Works everywhere: static binaries and Docker ❏ Automatic HTTP/2 and HTTPS (Let’s Encrypt) ❏ CORS support, CSRF protection ❏ Cloud Native (12Factor App) ❏ Open source (AGPL) ❏ Optional: a server can implement directly the protocol
  12. 39.

    @dunglas - mercure.rocks Alternative Implementations ❏ No hubs: the hub

    is optional ❏ Go library (AGPL) ❏ Node.js library (GPL) ❏ HA version (managed and on premise)
 in private beta: dunglas@gmail.com
  13. 40.

    @dunglas - mercure.rocks iGraal / Glory4Gamers Benchmarks ❏ Open Source

    version (EC2 t3.micro) ❏ 40k concurrent connections ❏ HA version (on premise) ❏ 200k concurrent connections
  14. 41.
  15. 43.

    @dunglas - mercure.rocks Integrations ❏ Official integrations: ❏ Symfony, API

    Platform ❏ Community integrations: ❏ Laravel ❏ Official examples: ❏ JS, Python, Go, Ruby, PHP
  16. 46.

    You get a fully-featured API supporting: ❏ JSON-LD + Hydra

    + schema.org ❏ GraphQL, JSON:API, HAL ❏ OpenAPI ❏ auth, pagination, filters, validation, HTTP/2 push, test framework… ❏ and Mercure support! MIT license