Bringing a unified developer experience to Cloudflare Workers and Pages
Today, we’re thrilled to announce that Pages and Workers will be joining forces into one singular product experience!
We’ve all been there. In a surge of creativity, you visualize in your head the application you want to build so clearly with the pieces all fitting together – maybe a server side rendered frontend and an SQLite database for your backend. You head to your computer with the wheels spinning. You know you can build it, you just need the right tools. You log in to your Cloudflare dashboard, but then you’re faced with an incredibly difficult decision:
Cloudflare Workers or Pages?
Both seem so similar at a glance but also different in the details, so which one is going to make your idea become a reality? What if you choose the wrong one? What are the tradeoffs between the two? These are questions our users should never have to think about, but the reality is, they often do. Speaking with our wide community of users and customers, we hear it ourselves! Decision paralysis hits hard when choosing between Pages and Workers with both products made to build out serverless applications.
In short, we don’t want this for our users — Continue reading
Modernizing the toolbox for Cloudflare Pages builds
Cloudflare Pages launched over two years ago in December 2020, and since then, we have grown Pages to build millions of deployments for developers. In May 2022, to support developers with more complex requirements, we opened up Pages to empower developers to create deployments using their own build environments — but that wasn't the end of our journey. Ultimately, we want to be able to allow anyone to use our build platform and take advantage of the git integration we offer. You should be able to connect your repository and have it just work on Cloudflare Pages.
Today, we're introducing a new beta version of our build system (a.k.a. "build image") which brings the default set of tools and languages up-to-date, and sets the stage for future improvements to builds on Cloudflare Pages. We now support the latest versions of Node.js, Python, Hugo and many more, putting you on the best path for any new projects that you undertake. Existing projects will continue to use the current build system, but this upgrade will be available to opt-in for everyone.
New defaults, new possibilities
The Cloudflare Pages build system has been updated to not only support new versions Continue reading
Improved local development with wrangler and workerd
For over a year now, we’ve been working to improve the Workers local development experience. Our goal has been to improve parity between users' local and production environments. This is important because it provides developers with a fully-controllable and easy-to-debug local testing environment, which leads to increased developer efficiency and confidence.
To start, we integrated Miniflare, a fully-local simulator for Workers, directly into Wrangler, the Workers CLI. This allowed users to develop locally with Wrangler by running wrangler dev --local. Compared to the wrangler dev default, which relied on remote resources, this represented a significant step forward in local development. As good as it was, it couldn’t leverage the actual Workers runtime, which led to some inconsistencies and behavior mismatches.
Last November, we announced the experimental version of Miniflare v3, powered by the newly open-sourced workerd runtime, the same runtime used by Cloudflare Workers. Since then, we’ve continued to improve upon that experience both in terms of accuracy with the real runtime and in cross-platform compatibility.
As a result of all this work, we are proud to announce the release of Wrangler v3 – the first version of Wrangler with local-by-default development.
A new default for Wrangler
Ask JJX: How Can I Stop Users From Joining Personal Devices To Our Network Using Their AD Credentials?
Messy RADIUS policies and misconfigurations may be allowing users to join personal devices to your network. Jennifer Minella provides a quick overview of RADIUS and 802.1x, common holes, and three options for filling them in this installment of her "Ask JJX" series.
The post Ask JJX: How Can I Stop Users From Joining Personal Devices To Our Network Using Their AD Credentials? appeared first on Packet Pushers.
VPP MPLS – Part 2
About this series
Ever since I first saw VPP - the Vector Packet Processor - I have been deeply impressed with its performance and versatility. For those of us who have used Cisco IOS/XR devices, like the classic ASR (aggregation service router), VPP will look and feel quite familiar as many of the approaches are shared between the two.
I’ve deployed an MPLS core for IPng Networks, which allows me to provide L2VPN services, and at the same time keep an IPng Site Local network with IPv4 and IPv6 that is separate from the internet, based on hardware/silicon based forwarding at line rate and high availability. You can read all about my Centec MPLS shenanigans in [this article].
In the last article, I explored VPP’s MPLS implementation a little bit. All the while, @vifino has been tinkering with the Linux Control Plane and adding MPLS support to it, and together we learned a lot about how VPP does MPLS forwarding and how it sometimes differs to other implementations. During the process, we talked a bit about implicit-null and explicit-null. When my buddy Fred read the [previous article], he also talked about a feature called penultimate-hop-popping which Continue reading
New: Disaster Recovery Resources
I wrote dozens of blog posts debunking disaster recovery fairy tales (mostly of the long-distance vMotion and stretched clusters variety) over the years. They are collected and sorted (and polished a bit) in the new Disaster Recovery Resources page. Hope you’ll find them useful.
New: Disaster Recovery Resources
I wrote dozens of blog posts debunking disaster recovery fairy tales (mostly of the long-distance vMotion and stretched clusters variety) over the years. They are collected and sorted (and polished a bit) in the new Disaster Recovery Resources page. Hope you’ll find them useful.
IPv6 Adoption: China Steps on the Deployment Pedal
A new initiative from the Central Cyberspace Administration of China and others aims for 750 million active IPv6 users by year-end and sets a 2024 cut-off date for IPv4.Kubernetes Security And Networking 7: Securing Kubernetes Manifests – Video
There’s lot of places to focus on application security, but don’t forget to scan your Kubernetes manifests! This video takes you step-by-step through scanning your repository using Kubescape. https://www.youtube.com/watch?v=kwF-JoIQRTA You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a diverse a mix of content from Ethan and […]
The post Kubernetes Security And Networking 7: Securing Kubernetes Manifests – Video appeared first on Packet Pushers.
Full Stack Journey 078: Using pyATS For Network Testing With John Capobianco
On today's Full Stack Journey podcast we examine pyATS, a Python testing framework typically used for network testing. Our guest to explain all things pyATS is John Capobianco. John is a Developer Advocate for Cisco Training Bootcamps and a proponent of Python and automation.
The post Full Stack Journey 078: Using pyATS For Network Testing With John Capobianco appeared first on Packet Pushers.
Full Stack Journey 078: Using pyATS For Network Testing With John Capobianco
On today's Full Stack Journey podcast we examine pyATS, a Python testing framework typically used for network testing. Our guest to explain all things pyATS is John Capobianco. John is a Developer Advocate for Cisco Training Bootcamps and a proponent of Python and automation.
Detect malicious activity and protect your containerized workloads in Amazon EKS or AWS
As containerized applications become increasingly complex, it can be challenging to design and execute an effective container security strategy. With the growing trend towards cloud-based applications and services, cyber criminals are also evolving their attack techniques, making container security solutions more critical than ever. Calico provides robust detection capabilities to detect known and zero-day container and network-based attacks. In this blog, we will look at Calico’s capabilities to detect network-based attacks.
Calico offers comprehensive protection against both known and zero-day network-based attacks. Using a combination of workload-based IDS/IPS, Calio can detect and block connections to known malicious IPs identified with AlienVault and custom threat intelligence feeds. Calico also uses heuristics-based learning to identify anomalous network activity and prevent zero-day attacks. To further protect against OWASP Top 10 attacks, Calico provides a web application firewall (WAF) that can intercept attacks and prevent them from reaching your applications. Additionally, Calico can also block requests from malicious IPs to prevent DDoS attacks from overwhelming your system.
Malicious attack on cloud-native application and how to prevent it
In this blog, we will go through a scenario where an attacker compromises a public-facing application and gains a foothold in the AWS EC2 or EKS network Continue reading
Introducing SD-WAN With Integrated IoT
The following sponsored blog post was written by Shankar Ramachandran at Palo Alto Networks. We thank Palo Alto Networks for being a sponsor. Internet of things (IoT) devices are now an integral part of any organization’s network. Smart lights, cameras, card readers, printers, etc., are critical to the day-to-day operations of branch offices and retail […]
The post Introducing SD-WAN With Integrated IoT appeared first on Packet Pushers.
Heavy Wireless 002: Making The Transition To WPA3 With Jennifer Minella
On today's Heavy Wireless we discuss transitioning from WPA2 to WPA3, including pros and cons, managing the project, supporting WPA2 and WPA3 simultaneously, and more. My guest is Jennifer Minella, founder and Principal Advisor at Viszen Security. She's also an author, instructor, and blogger.
The post Heavy Wireless 002: Making The Transition To WPA3 With Jennifer Minella appeared first on Packet Pushers.
Heavy Wireless 002: Making The Transition To WPA3 With Jennifer Minella
On today's Heavy Wireless we discuss transitioning from WPA2 to WPA3, including pros and cons, managing the project, supporting WPA2 and WPA3 simultaneously, and more. My guest is Jennifer Minella, founder and Principal Advisor at Viszen Security. She's also an author, instructor, and blogger.Announcing database integrations: a few clicks to connect to Neon, PlanetScale and Supabase on Workers
One of the best feelings as a developer is seeing your idea come to life. You want to move fast and Cloudflare’s developer platform gives you the tools to take your applications from 0 to 100 within minutes.
One thing that we’ve heard slows developers down is the question: “What databases can be used with Workers?”. Developers stumble when it comes to things like finding the databases that Workers can connect to, the right library or driver that's compatible with Workers and translating boilerplate examples to something that can run on our developer platform.
Today we’re announcing Database Integrations – making it seamless to connect to your database of choice on Workers. To start, we’ve added some of the most popular databases that support HTTP connections: Neon, PlanetScale and Supabase with more (like Prisma, Fauna, MongoDB Atlas) to come!
Focus more on code, less on config
Our serverless SQL database, D1, launched in open alpha last year, and we’re continuing to invest in making it production ready (stay tuned for an exciting update later this week!). We also recognize that there are plenty of flavours of databases, and we want developers to have the freedom to select what’s Continue reading
Goodbye, section 2.8 and hello to Cloudflare’s new terms of service
Earlier this year, we blogged about an incident where we mistakenly throttled a customer due to internal confusion about a potential violation of our Terms of Service. That incident highlighted a growing point of confusion for many of our customers. Put simply, our terms had not kept pace with the rapid innovation here at Cloudflare, especially with respect to our Developer Platform. We’re excited to announce new updates that will modernize our terms and cut down on customer confusion and frustration.
A bit of background on our legal terms of service
We want our terms to set clear expectations about what we’ll deliver and what customers can do with our services. But drafting terms is often an iterative process, and iteration over a decade can lead to bloat, complexity, and vestigial branches in need of pruning. Now, time to break out the shears.
Snip, snip
To really nip this in the bud, we started at the source–the content-based restriction housed in Section 2.8 of our Self-Serve Subscription Agreement:
Cloudflare is much, much more than a CDN, but that wasn’t always the case. The CDN was one of our first services and originally designed to serve HTML content like webpages. Continue reading