Your next Web server will be written in... PHP

Your next Web server will be written in... PHP

Presentation at ConFoo Montreal 2017

D6ccd6409910643d05ddaea3b2cd6f13?s=128

David Zuelke

March 09, 2017
Tweet

Transcript

  1. YOUR NEXT WEB SERVER WILL BE WRITTEN IN... PHP MIGHT

    ConFoo Montréal 2017 Montréal, QC, Canada
  2. David Zuelke

  3. None
  4. dz@heroku.com

  5. @dzuelke

  6. CGI

  7. NCSA, 1993

  8. None
  9. RFC 3875, 1997-2004

  10. None
  11. /cgi-bin/counter.pl?site=8712

  12. None
  13. None
  14. HOW CGI WORKS 1. Web server parses request from client

    2. Web server sets request info into environment
 (PATH_INFO, REQUEST_METHOD, HTTP_ACCEPT, …) 3. Web server executes CGI script 4. CGI script echos status, headers, and body 5. Web server returns response to client
  15. slow

  16. (but simple)

  17. #!/bin/bash cat <<EOF Content-Type: text/html <html> <head> <title>Hello World</title> </head>

    <body> <h1>Hello World</h1> <p>Your browser is ${HTTP_USER_AGENT:-unknown}</p> <p>This page was served by $(hostname)</p> </body> </html> EOF
  18. CGI VARIABLES (SEE $_SERVER) • Server info:
 SERVER_SOFTWARE, SERVER_NAME, GATEWAY_INTERFACE

    • Request info:
 SERVER_PROTOCOL, SERVER_PORT, REQUEST_METHOD, PATH_INFO, PATH_TRANSLATED, QUERY_STRING, REMOTE_ADDR, CONTENT_TYPE, CONTENT_LENGTH, … • Request headers:
 HTTP_HOST, HTTP_ACCEPT, HTTP_USER_AGENT, …
  19. PHP's SAPIs
 & EXECUTION MODEL

  20. a SAPI is the "gateway" to the PHP engine

  21. marshals input and output from and to the interface

  22. PHP WEB SAPI (SIMPLIFIED) • populate $_SERVER and $_ENV •

    parse QUERY_STRING into $_GET • " application/x-www-form-urlencoded into $_POST • " multipart/form-data into $_FILES • return header() data as headers, anything echo()d as content
  23. PHP was built for web scripting, for CGI

  24. execution model modeled around statelessness "blank slate"

  25. PHP CGI EXECUTION LIFECYCLE
 (SIMPLIFIED) 1. core init, load extensions

    etc 2. MINIT for all modules (extension initialization etc) 3. SAPI ready for (one and only) request 4. RINIT for all modules (e.g. ext-session if session.auto_start) 5. script executes 6. RSHUTDOWN 7. engine cleanup (unset all variables and state) 8. MSHUTDOWN
  26. all of that on each CGI request

  27. NEIN NEIN NEIN NEIN DAS IST ZU LANGSAM

  28. mod_php

  29. embeds PHP into the Apache httpd process

  30. mod_php EXECUTION LIFECYCLE
 (SIMPLIFIED) 1. SAPI ready for (next) request

    2. RINIT for all modules (e.g. ext-session if session.auto_start) 3. script executes 4. RSHUTDOWN 5. engine cleanup (unset all variables and state)
  31. but now PHP is in each httpd process

  32. even when serving static files

  33. APACHE PROCESS MODELS • mpm_prefork creates worker processes
 (each with

    a PHP) • mpm_worker uses threads
 (so you need ZTS, and stuff will generally crash a lot) • mpm_event uses an event loop
 (best, but you can't embed something like PHP at all)
  34. so... what do we do?

  35. ¯\_(ツ)_/¯

  36. "let's just use Nginx!"

  37. FastCGI

  38. protocol similar to CGI, but over a socket

  39. persistent server process

  40. old fcgi SAPI: web server manages FastCGI child processes

  41. newer FPM: PHP manages its own child processes' lifecycle

  42. no overhead in web server for static content

  43. web server can use threading or whatever

  44. still re-executes from ~RINIT for each request

  45. still bootstraps Symfony/Laravel/… on each request

  46. RUBY & PYTHON

  47. Rack & WSGI

  48. RUBY/RACK app = Proc.new do |env| ['200', {'Content-Type' => 'text/plain'},

    ['Hello World']] end def application(environ, start_response): start_response('200 OK', [('Content-Type', 'text/plain')]) yield 'Hello World\n' PYTHON/WSGI
  49. THE RACK/WSGI STACKS 1. Web server:
 Unicorn, Gunicorn, Puma, Tornado,

    Nginx with Phusion Passenger, Apache with mod_wsgi, ... 2. Middlewares:
 Routing, authentication, filtering, post-processing, ... 3. Application/framework:
 Rails, Django, Sinatra, Flask, ...
  50. NATIVE PHP WEB SERVERS

  51. PHP IS NOW READY • PHP 7+ performance is amazing

    • Almost all engine errors are catchable since PHP 7 • Signal handling without ticks in PHP 7.1 • Concurrency frameworks and event lib extensions
  52. FRAMEWORKS FOR EVENT- DRIVEN NON-BLOCKING I/O • http://reactphp.org • https://icicle.io

    • http://amphp.org
  53. IT'S ALL A REACTOR echo "-- before run()\n"; Amp\run(function() {

    Amp\repeat(function() { echo "tick\n"; }, $msInterval = 1000); Amp\once("Amp\stop", $msDelay = 5000); }); echo "-- after run()\n";
  54. SIMPLE WEB SERVER, ReactPHP $app = function ($request, $response) {

    $response->writeHead(200, array('Content-Type' => 'text/plain')); $response->end("Hello World\n"); }; $loop = React\EventLoop\Factory::create(); $socket = new React\Socket\Server($loop); $http = new React\Http\Server($socket, $loop); $http->on('request', $app); $socket->listen(1337); $loop->run();
  55. https://github.com/M6Web/PhpProcessManagerBundle & https://github.com/php-pm/php-pm

  56. $kernel = new AppKernel('prod', false); $reactHttp->on('request', function ($request, $response) use

    ($kernel) { $headers = $request->getHeaders(); if (in_array(strtoupper($request->getMethod()), ['POST','PUT','DELETE','PATCH']) && isset($headers['Content-Type']) && (0 === strpos($headers['Content-Type'], 'application/x-www-form-urlencoded')) ) parse_str($request->getBody(), $post); $sfRequest = new Symfony\Component\HttpFoundation\Request( $request->getQuery(), $post ?? [], array(), array(), $request->getFiles(), array(), $request->getBody() ); $sfRequest->setMethod($request->getMethod()); $sfRequest->headers->replace($headers); $sfRequest->server->set('REQUEST_URI', $request->getPath()); if (isset($headers['Host'])) $sfRequest->server->set('SERVER_NAME', explode(':', $headers['Host'])[0]); $sfResponse = $kernel->handle($sfRequest); $response->writeHead($sfResponse->getStatusCode(), $sfResponse->headers->all()); $response->end($sfResponse->getContent()); $kernel->terminate($request, $response); });
  57. WHAT BECOMES POSSIBLE

  58. speeeeeeeeeed :)

  59. http://marcjschmidt.de/blog/2014/02/08/php-high-performance.html

  60. processing request data while it's still uploading

  61. handling Web Sockets in the same process

  62. git clone project && cd project && composer install &&

    php server.php
  63. WHAT BECOMES IMPOSSIBLE

  64. native session handling

  65. ignoring memory leaks

  66. MAYBE, IN A BRIGHT FUTURE...

  67. PSR-7 (HTTP Message Interface) + PSR-15 (HTTP Middlewares) = ultimate

    interop :)
  68. a universe of useful middlewares :)

  69. competition between different native web servers :)

  70. "legacy" server that runs in FPM SAPI and translates a

    request :)
  71. "legacy" middleware that runs in new server and populates $_GET

    and friends :)
  72. READING MATERIAL • https://gnugat.github.io/2016/04/13/super-speed-sf-react-php.html • http://blog.kelunik.com/2015/09/20/getting-started-with-amp.html • http://blog.kelunik.com/2015/10/21/getting-started-with-aerys.html • http://blog.kelunik.com/2015/10/20/getting-started-with-aerys-

    websockets.html • http://marcjschmidt.de/blog/2014/02/08/php-high-performance.html • http://marcjschmidt.de/blog/2016/04/16/php-high-performance-reactphp- jarves-symfony-follow-up.html
  73. The End

  74. THANK YOU FOR LISTENING! Questions? Ask me: @dzuelke & dz@heroku.com