Cloudflare's new serverless platform lets its Workers run for 15 minutes before giving them the boot

Instant startup, expanded execution, and more programming languages


Interview Cloudflare CEO Matthew Prince doubts developers care all that much about speed.

It's nice to have, he told The Register in a phone interview about his company's latest serverless product, Cloudflare Workers Unbound. But, he added, it's not the most important thing in an edge computing platform.

"I think we were dead wrong in the value proposition of the platform," Prince said. "We thought that speed was the most important thing. Speed is actually the least important thing. A lot of the world is getting the value proposition of edge computing wrong."

What matters more? Cost, he said, then ease of use. And finally: compliance.

Compliance, he conceded, may not matter much for individual developers, but for large companies it's a big deal.

"It's going to turn out that regulatory compliance is the most important thing of all," he insisted.

Cloudflare CEO Matthew Prince

The boss ... Matthew Prince. Source: Cloudflare

The reason, Prince explained, is that governments around the world are imposing restrictions on technology companies, for example on where they can store their data.

"If you work at a big bank or insurance company or healthcare company or consumer products brand, if you're the CIO or general counsel, what you're terrified by is that increasingly countries are saying the data from their users has to remain local," said Prince. "If you're running all your instances from AWS East, that's a problem."

Edge computing – where processing happens at the edge of the network, close to the client, instead of in a distant data center that may be in another country – helps address that concern.

"What we're hearing from our largest customers is this is the real killer app of edge computing," said Prince. "It's that it will be able to deal with an increasingly complicated regulatory environment."

EU flags against cloudy backdrop

Franco-German cloud framework floated to protect European's data from foreign tech firms slurpage

READ MORE

Cloudflare debuted its initial serverless product, Cloudflare Workers, in 2017. It allows developers to run JavaScript or Rust code against the Service Worker API.

Service Workers are essentially proxy servers that mediate between web applications, the network, and the browser. They're used in Progressive Web Apps (PWAs), for example, to intercept requests to the application server when the PWA is running in the user's browser without a network connection.

Cloudflare Service Workers run on the network edge rather than in the browser. They're used by developers to handle HTTP requests in serverless applications, which are designed to start up, respond to requests, then shut down until called upon again.

A related product, a key-value store called Workers KV, was introduced in 2018.

On Monday, the firm plans to announce Cloudflare Workers Unbound as a private beta, meaning developers have to sign up to be considered for admission.

Workers Unbound improves on Cloudflare Service Workers, now renamed Workers Bundled, by vastly expanding the execution time limit from 10ms (Free tier) and 50ms (on the evidently misnamed Unlimited tier) to 15 minutes.

What's more, Cloudflare is rolling out serverless improvements for both Workers Unbound and Workers Bundled such as instant cold starts: one of the major challenges of serverless platforms is that it generally takes several hundred milliseconds to load application code into memory and get it running.

Unless someone invents a time machine, we don't think anyone will have a faster start time

"We did something pretty clever," said Prince. "The first thing that has to happen when you connect is the TLS handshake. The very first request as part of the handshake, we use that as a hint there's going to be a request. During the time that handshake happens, we pre-warm the Worker so it loads instantly. Unless someone invents a time machine, we don't think anyone will have a faster start time."

Both services promise unthrottled CPUs – other serverless platforms dial down their CPUs – and rapid updates that go live in 15 seconds rather than minutes. And both are getting expanded programming language support. Instead of just JavaScript, C/C++, and Rust, developers will be able to write Cloudflare Worker code in Python, Go, Scala, Kotlin, and COBOL. There's also a way for developers to add other preferred languages.

"If you want to add Lua, you can do that," said Prince.

Then there's the price, which is broken down by resource consumption (data transfer, execution time, and request price) with Workers Unbound and combined into a single figure with Workers Bundled.

Cloudflare claims Workers Unbound costs 75 per cent less than AWS Lambda, 52 per cent less than Google Cloud Functions, and 24 per cent less than Microsoft Azure Functions.

Ninety per cent of the savings, said Prince, come from building a sandboxing platform based on Isolates that is more efficient with underlying computing resources than VMs or containers. The other 10 per cent, he said, comes from lower operating costs, a consequence of a symbolic and mutually beneficial relationship with ISPs around the world that provide access to their data center infrastructure.

Cloudflare's serverless sandboxing relies on the V8 JavaScript engine, "one of the most battle-tested, bug-bountied codebases out there," said Prince, who also noted Cloudflare's platform had been reviewed by some of the researchers involved in uncovering the Spectre process flaws.

Cloudflare, he said, has done a series of mitigations to stay in front of Spectre-style timing attacks. "Because we control the timers, we can stop them to make sure code isn't being used to exfiltrate data," he explained.

Prince expects there will be naysayers, just as VM fans said containers can't be secure. "More and more, platforms will offer an Isolates approach," he said.

To participate in the Workers Unbound private beta, you can sign up on Cloudflare's website. ®


Biting the hand that feeds IT © 1998–2020