Introducing Custom Domains for Workers
Today, we’re happy to announce Custom Domains for Workers. Custom Domains allow you to hook up a domain to your Worker, without having to fuss about certificates, origin servers or DNS – it just works. Let’s take a look at how we built Custom Domains and how you can use them.
The magic of Cloudflare DNS
Under the hood, we’re leveraging Cloudflare DNS to register your Worker as the origin for your domain. All you need to do is head to your Worker, go to the Triggers tab, and click Add Custom Domain. Cloudflare will handle creating the DNS record and issuing a certificate on your behalf. In seconds, your domain will point to your Worker, and all you need to worry about is writing your code. We’ll also help guide you through the process of creating these new records and replace any existing ones. We built this with a straightforward ethos in mind: we should be clear and transparent about actions we’re taking, and make it easy to understand.
We’ve made a few welcome changes when you’re using a Custom Domain on your Worker. First off, when you send a request to any path on that Custom Domain, your Continue reading
Introducing Pages Plugins
Last November, we announced that Pages is now a full-stack development platform with our open beta integration with Cloudflare Workers. Using file-based routing, you can drop your Pages Functions into a /functions folder and deploy them alongside your static assets to add dynamic functionality to your site. However, throughout this beta period, we observed the types of projects users have been building, noticed some common patterns, and identified ways to make these users more efficient.
There are certain functionalities that are shared between projects; for example, validating authorization headers, creating an API server, reporting errors, and integrating with third-party vendors to track aspects like performance. The frequent need for these patterns across projects made us wonder, “What if we could provide the ready-made code for developers to add to their existing project?”
Introducing Pages Plugins!
What’s a Pages Plugin?
With Pages Functions, we introduced file-based routing, so users could avoid writing their own routing logic, significantly reducing the amount of boilerplate code a typical application requires. Pages Plugins aims to offer a similar experience!
A Pages Plugin is a reusable – and customizable – chunk of runtime code that can be incorporated anywhere within your Pages application. A Continue reading
Our growing Developer Platform partner ecosystem
Deploying an application to the cloud requires a robust network, ample storage, and compute power. But that only covers the architecture, it doesn’t include all the other tools and services necessary to build, deploy, and support your applications. It’s easy to get bogged down in researching whether everything you want to use works together, and that takes time away from actually developing and building.
Cloudflare is focused on building a modern cloud with a developer-first experience. That developer experience includes creating an ecosystem filled with the tools and services developers need.
Deciding to build an application starts with the planning and design elements. What programming languages, frameworks, or runtimes will be used? The answer to that question can influence the architecture and hosting decisions. Choosing a runtime may lock you into using specific vendors. Our goal is to provide flexibility and eliminate the friction involved when wanting to migrate on to (or off) Cloudflare.
You can’t forget the tools necessary for configuration and interoperability. This can include areas such as authentication and infrastructure management. You have multiple pieces of your application that need to talk with one another to ensure a secure and seamless experience. We support and build standards Continue reading
Magic NAT: everywhere, unbounded, and lower cost
Network Address Translation (NAT) is one of the most common and versatile network functions, used by everything from your home router to the largest ISPs. Today, we’re delighted to introduce a new approach to NAT that solves the problems of traditional hardware and virtual solutions. Magic NAT is free from capacity constraints, available everywhere through our global Anycast architecture, and operates across any network (physical or cloud). For Internet connectivity providers, Magic NAT for Carriers operates across high volumes of traffic, removing the complexity and cost associated with NATing thousands or millions of connections.
What does NAT do?
The main function of NAT is in its name: NAT is responsible for translating the network address in the header of an IP packet from one address to another - for example, translating the private IP 192.168.0.1 to the publicly routable IP 192.0.2.1. Organizations use NAT to grant Internet connectivity from private networks, enable routing within private networks with overlapping IP space, and preserve limited IP resources by mapping thousands of connections to a single IP. These use cases are typically accomplished with a hardware appliance within a physical network or a managed service delivered by Continue reading
Introducing Workers Analytics Engine
Today we’re excited to introduce Workers Analytics Engine, a new way to get telemetry about anything using Cloudflare Workers. Workers Analytics Engine provides time series analytics built for the serverless era.
Workers Analytics Engine uses the same technology that powers Cloudflare’s analytics for millions of customers, who generate 10s of millions of events per second. This unique architecture provides significant benefits over traditional metrics systems – and even enables our customers to build analytics for their customers.
Why use Workers Analytics Engine
Workers Analytics Engine can be used to get telemetry about just about anything.
Our initial motivation for building Workers Analytics Engine was to help internal teams at Cloudflare better understand what’s happening in their Workers. For example, one early internal customer is our R2 storage product. The R2 team is using the Analytics Engine to measure how many reads and writes happen in R2, how many users make these requests, how many bytes are transferred, how long the operations take, and so forth.
After seeing quick adoption from internal teams at Cloudflare, we realized that many customers could benefit from using this product.
For example, Workers Analytics Engine can also be used to build custom security rules. You Continue reading
Is Fibre Channel Still a Thing?
Here’s another “do these things ever disappear?” question from Enrique Vallejo:
Regarding storage, is Fibre Channel still a thing in 2022, or most people employ SATA over Ethernet and NVMe over fabrics?
TL&DR: Yes. So is COBOL.
To understand why some people still use Fibre Channel, we have to start with an observation made by Howard Marks: “Storage is different.” It’s OK to drop a packet in transit. It’s NOT OK to lose data at rest.
Is Fibre Channel Still a Thing?
Here’s another “do these things ever disappear?” question from Enrique Vallejo:
Regarding storage, is Fibre Channel still a thing in 2022, or most people employ SATA over Ethernet and NVMe over fabrics?
TL&DR: Yes. So is COBOL.
To understand why some people still use Fibre Channel, we have to start with an observation made by Howard Marks: “Storage is different.” It’s OK to drop a packet in transit. It’s NOT OK to lose data at rest.
Hedge 129: Open Source Mentoring
Mentoring is a topic we return to time and again—because it’s one of the most important things we can talk about in terms of building your people skills, your knowledge, and your career. On this episode of the Hedge, Guedis Cardenas joins Tom Ammon and Russ White to talk about open source mentoring. We discuss how this is different than “regular” mentoring, and how it’s the same. Join us as we talk about one of the most important career and personal growth things you can do.
Tips for Putting Zero Trust into Practice in Kubernetes-Based Environments
If you work in IT, you’ve probably heard lots of talk in recent years about “zero trust,” a security strategy that requires all resources to be authenticated and authorized before they interact with other resources, rather than being trusted by default.
The theory behind zero trust is easy enough to understand. Where matters tend to get tough, however, is actually implementing zero-trust security and compliance, especially in complex, cloud-native environments.
Which tools are available to help you enforce zero-trust security configurations? What does zero trust look like at different layers of your stack – nodes, networks, APIs and so on? What does it mean to enforce zero trust for human users, as compared to machine users?
To answer questions like these, we’ve organized a webinar, titled “Zero Trust Security and Compliance for Modern Apps on Multi-Cloud,” that will offer practical guidance on configuring a zero-trust security posture in the real world.
The one-hour session will focus in particular on enforcing zero-trust in Kubernetes-based environments, with deep dives into the following:
- How to protect human and machine users in Kubernetes using a zero-trust model.
- Meeting Kubernetes data privacy and compliance requirements through zero trust.
- Securing user-to-app communications with zero-trust networking policies Continue reading