Your next Web server will be written in... PHP

Transcript

1. YOUR NEXT WEB SERVER WILL BE WRITTEN IN... PHP MIGHT

   ConFoo Montréal 2017 Montréal, QC, Canada

2. David Zuelke

3. None

4. [email protected]

5. @dzuelke

6. CGI

7. NCSA, 1993

8. None

9. RFC 3875, 1997-2004

10. None

11. /cgi-bin/counter.pl?site=8712

12. None
13. None

14. HOW CGI WORKS 1. Web server parses request from client

    2. Web server sets request info into environment
 (PATH_INFO, REQUEST_METHOD, HTTP_ACCEPT, …) 3. Web server executes CGI script 4. CGI script echos status, headers, and body 5. Web server returns response to client

15. slow

16. (but simple)

17. #!/bin/bash cat <<EOF Content-Type: text/html <html> <head> <title>Hello World</title> </head>

    <body> <h1>Hello World</h1> <p>Your browser is ${HTTP_USER_AGENT:-unknown}</p> <p>This page was served by $(hostname)</p> </body> </html> EOF

18. CGI VARIABLES (SEE $_SERVER) • Server info:
 SERVER_SOFTWARE, SERVER_NAME, GATEWAY_INTERFACE

    • Request info:
 SERVER_PROTOCOL, SERVER_PORT, REQUEST_METHOD, PATH_INFO, PATH_TRANSLATED, QUERY_STRING, REMOTE_ADDR, CONTENT_TYPE, CONTENT_LENGTH, … • Request headers:
 HTTP_HOST, HTTP_ACCEPT, HTTP_USER_AGENT, …

19. PHP's SAPIs
 & EXECUTION MODEL

20. a SAPI is the "gateway" to the PHP engine

21. marshals input and output from and to the interface

22. PHP WEB SAPI (SIMPLIFIED) • populate $_SERVER and $_ENV •

    parse QUERY_STRING into $_GET • " application/x-www-form-urlencoded into $_POST • " multipart/form-data into $_FILES • return header() data as headers, anything echo()d as content

23. PHP was built for web scripting, for CGI

24. execution model modeled around statelessness "blank slate"

25. PHP CGI EXECUTION LIFECYCLE
 (SIMPLIFIED) 1. core init, load extensions

    etc 2. MINIT for all modules (extension initialization etc) 3. SAPI ready for (one and only) request 4. RINIT for all modules (e.g. ext-session if session.auto_start) 5. script executes 6. RSHUTDOWN 7. engine cleanup (unset all variables and state) 8. MSHUTDOWN

26. all of that on each CGI request

27. NEIN NEIN NEIN NEIN DAS IST ZU LANGSAM

28. mod_php

29. embeds PHP into the Apache httpd process

30. mod_php EXECUTION LIFECYCLE
 (SIMPLIFIED) 1. SAPI ready for (next) request

    2. RINIT for all modules (e.g. ext-session if session.auto_start) 3. script executes 4. RSHUTDOWN 5. engine cleanup (unset all variables and state)

31. but now PHP is in each httpd process

32. even when serving static files

33. APACHE PROCESS MODELS • mpm_prefork creates worker processes
 (each with

    a PHP) • mpm_worker uses threads
 (so you need ZTS, and stuff will generally crash a lot) • mpm_event uses an event loop
 (best, but you can't embed something like PHP at all)

34. so... what do we do?

35. ¯\_(ツ)_/¯

36. "let's just use Nginx!"

37. FastCGI

38. protocol similar to CGI, but over a socket

39. persistent server process

40. old fcgi SAPI: web server manages FastCGI child processes

41. newer FPM: PHP manages its own child processes' lifecycle

42. no overhead in web server for static content

43. web server can use threading or whatever

44. still re-executes from ~RINIT for each request

45. still bootstraps Symfony/Laravel/… on each request

46. RUBY & PYTHON

47. Rack & WSGI

48. RUBY/RACK app = Proc.new do |env| ['200', {'Content-Type' => 'text/plain'},

    ['Hello World']] end def application(environ, start_response): start_response('200 OK', [('Content-Type', 'text/plain')]) yield 'Hello World\n' PYTHON/WSGI

49. THE RACK/WSGI STACKS 1. Web server:
 Unicorn, Gunicorn, Puma, Tornado,

    Nginx with Phusion Passenger, Apache with mod_wsgi, ... 2. Middlewares:
 Routing, authentication, filtering, post-processing, ... 3. Application/framework:
 Rails, Django, Sinatra, Flask, ...

50. NATIVE PHP WEB SERVERS

51. PHP IS NOW READY • PHP 7+ performance is amazing

    • Almost all engine errors are catchable since PHP 7 • Signal handling without ticks in PHP 7.1 • Concurrency frameworks and event lib extensions

52. FRAMEWORKS FOR EVENT- DRIVEN NON-BLOCKING I/O • http://reactphp.org • https://icicle.io

    • http://amphp.org

53. IT'S ALL A REACTOR echo "-- before run()\n"; Amp\run(function() {

    Amp\repeat(function() { echo "tick\n"; }, $msInterval = 1000); Amp\once("Amp\stop", $msDelay = 5000); }); echo "-- after run()\n";

54. SIMPLE WEB SERVER, ReactPHP $app = function ($request, $response) {

    $response->writeHead(200, array('Content-Type' => 'text/plain')); $response->end("Hello World\n"); }; $loop = React\EventLoop\Factory::create(); $socket = new React\Socket\Server($loop); $http = new React\Http\Server($socket, $loop); $http->on('request', $app); $socket->listen(1337); $loop->run();

55. https://github.com/M6Web/PhpProcessManagerBundle & https://github.com/php-pm/php-pm

56. $kernel = new AppKernel('prod', false); $reactHttp->on('request', function ($request, $response) use

    ($kernel) { $headers = $request->getHeaders(); if (in_array(strtoupper($request->getMethod()), ['POST','PUT','DELETE','PATCH']) && isset($headers['Content-Type']) && (0 === strpos($headers['Content-Type'], 'application/x-www-form-urlencoded')) ) parse_str($request->getBody(), $post); $sfRequest = new Symfony\Component\HttpFoundation\Request( $request->getQuery(), $post ?? [], array(), array(), $request->getFiles(), array(), $request->getBody() ); $sfRequest->setMethod($request->getMethod()); $sfRequest->headers->replace($headers); $sfRequest->server->set('REQUEST_URI', $request->getPath()); if (isset($headers['Host'])) $sfRequest->server->set('SERVER_NAME', explode(':', $headers['Host'])[0]); $sfResponse = $kernel->handle($sfRequest); $response->writeHead($sfResponse->getStatusCode(), $sfResponse->headers->all()); $response->end($sfResponse->getContent()); $kernel->terminate($request, $response); });

57. WHAT BECOMES POSSIBLE

58. speeeeeeeeeed :)

59. http://marcjschmidt.de/blog/2014/02/08/php-high-performance.html

60. processing request data while it's still uploading

61. handling Web Sockets in the same process

62. git clone project && cd project && composer install &&

    php server.php

63. WHAT BECOMES IMPOSSIBLE

64. native session handling

65. ignoring memory leaks

66. MAYBE, IN A BRIGHT FUTURE...

67. PSR-7 (HTTP Message Interface) + PSR-15 (HTTP Middlewares) = ultimate

    interop :)

68. a universe of useful middlewares :)

69. competition between different native web servers :)

70. "legacy" server that runs in FPM SAPI and translates a

    request :)

71. "legacy" middleware that runs in new server and populates $_GET

    and friends :)

72. READING MATERIAL • https://gnugat.github.io/2016/04/13/super-speed-sf-react-php.html • http://blog.kelunik.com/2015/09/20/getting-started-with-amp.html • http://blog.kelunik.com/2015/10/21/getting-started-with-aerys.html • http://blog.kelunik.com/2015/10/20/getting-started-with-aerys-

    websockets.html • http://marcjschmidt.de/blog/2014/02/08/php-high-performance.html • http://marcjschmidt.de/blog/2016/04/16/php-high-performance-reactphp- jarves-symfony-follow-up.html

73. The End

74. THANK YOU FOR LISTENING! Questions? Ask me: @dzuelke & [email protected]