🎂 Birthday Week Spotlight: Speeding up Fonts, Live Streams, and more!
Welcome to Cloudflare Birthday Week 2023!
2023 marks Cloudflare’s 13th birthday! Each day this week we will announce new products and host fascinating discussions with guests including product experts, customers, and industry peers.
Tune in all week for more news, announcements, and thought-provoking discussions!
Read the blog post:
- Cloudflare Fonts: enhancing website font privacy and speed
- Cloudflare Stream Low-Latency HLS support now in Open Beta
- Traffic transparency: unleashing the power of Cloudflare Trace
Visit the Birthday Week Hub for every announcement and CFTV episode — check back all week for more!
Good morning. Welcome to Birthday Week Monday. My name is Taylor Smith, and with me is Matt Bullock.
I'm the product manager for Stream. Matt, why don't you tell us a little bit about yourself?
Yeah, so hi everyone. I'm Matt Bullock. I'm the product manager for the Speed team and also for the FL team that stands for Frontline at Cloudflare.
Let's see. So we've got three exciting announcements to share with you today.
Cloudflare Fonts, the Low Latency HLS Open Beta, and Cloudflare Trace.
Let's start off with Matt talking about Cloudflare Fonts. What's that?
So Cloudflare Fonts, which will be available starting next week, basically allows users that are using Cloudflare services for reverse proxying for them to automatically rewrite Google font domains.
Or if you're using Google fonts and it's coming through and it makes a request via the CSS and the HTML to load in a Google font, then what we will do is dynamically on the fly replace that to a URL that actually loads from your own host name.
So this means that when you look through the network trace, you don't see G -Static or Google fonts.
You actually see just your host name.
And then we've got a path, which is CFFonts. And then it will load the font into your website as if as if by magic.
So remove sort of, you know, making a request to Google allows you to cache, allows you to speed up and allows it to be a bit more private as well.
Oh, that's great. So who will that be available for?
So as with birthday week, this product really is for everybody. It's on all plans.
There is no different flavors between free or pro or biz or end. It's the same product for everybody.
And so, yeah, if you're using Google fonts on your website that, yeah, you will be able to use this and sort of get all of the perks across all of the plans.
Oh, that's great. So that's also going to be available for the free tier as well.
Yes, definitely. There's a lot of customers that are probably using WordPress.
Like that's when all of my test domains are WordPress sites and the themes and the plugins usually use Google fonts for beta.
Like Google fonts is a great open source tool for fonts. Yeah. So it's used widely throughout all of web development.
So, yeah, like free plans are obviously doing a lot of WordPress and sort of hosting things like that.
So, yeah, it's definitely available for free plans.
That's good. I do that, too. So is how does that how does that improve a site's speed?
So when you load up a website, usually, well, always you will load up the HTML that then within that contains a load of links to pull in different resources.
And one of those, or usually if you're not relying on the browser, is to pull in a font file.
The font file is you because you are going to G-Static or Google in this case, it means that you have to your browser actually has to make another connection, establish another TLS connection and then start downloading through Google's and Google CDN.
So the way it enhances performance is because we're serving on the same host name as the HTML that you're loading from.
We've already got the DNS address. We've already got a TLS connection established.
We can actually just start loading that font straight away.
So you're removing that overhead. And so, yeah, and because it's using our CDN as well, which is I think is a post later in the week of how fast we are globally compared to all of our competitors, you can it is loaded from that.
So it also allows you to cash closer to the eyeballs and serve fonts directly to them.
Oh, that's great, because because typefaces sometimes can be render blocking.
So. Yeah, that'll be great. And then you made a comment a little bit earlier about privacy implications.
How does how does both our fonts affect the privacy of the site?
So I think like privacy is obviously very important. Being in London, Europe is always a focus on privacy and making things as private as as possible.
So when you are creating your sort of page and sort of your third party services and obviously you are listing Google and some people even know Google States, like they do not collect any information, store it or use it.
But there is still a request to Google and some people can be a bit wary of that, may block it.
What Cloudflare Fonts does is obviously it loads from your own host name.
So it's coming from yours. It looks more transparent within the actual network tab.
It's loading from your resources. It's the same sort of Cloudflare stack as what all of your pages are used to.
And any time we have a miss and we have to go and load in the font library, it's basically coming from our infrastructure and it's completely oblivious.
So there is no this is the IP address of the original user eyeball.
This is not who's connecting any cookies or anything is stored. We are just making the request, putting that font file in.
We are storing it within our KV files, our workers KV and then serving it to your end users from your domain.
So it really sort of adds an almost like a reverse proxy on a reverse proxy going to Google to sort of like high to sort of high to make sure no data is being leaked across.
So customers, yeah, like obviously we are built on trust, on privacy and sort of all of our frameworks and our best practices are built into this.
And, yeah, we don't log the data.
We don't use it for anything. It's just, yeah, another Cloudflare product built on our Cloudflare trust.
That's great. So how would a user get started with this?
So this will be available. Yeah, hopefully next week and we'll roll this out.
Just need the final release to go out within the speed tab within the optimizations.
You'll be able to go in and see Cloudflare fonts as a toggle button.
It'll be off by default. You'll have to go in and enable this. We won't enable it for anybody.
But, yeah, you can go in and sort of easily enable it.
And once that's done, you can load up your site and view the network tab and just see the fonts being loaded, loaded direct.
OK, so I wouldn't have to make like a code change to a site that I already have.
No, absolutely not. And that's part of the brilliant and ease of use of this is just, yeah, that one click toggle.
You're not going to have to update the HTML or any CSS or anything to reference Cloudflare fonts.
You just have your normal Google. Yeah, sort of. Basically, your normal setup for Google.
And then you can sort of enable it and we will just rewrite that on the fly.
And a request will will drop to any Google font files and just start going through Cloudflare and through our network.
And that allows you to cache.
That's great. Sounds like it'll be an easy, quick win for a lot of folks.
So it's good to hear. What's what's next on the roadmap for y 'all?
So there's a number of different things like we're looking at, you know, maybe more font providers.
Yes, Google is one of the main ones out there. There's obviously a lot of open source font providers that do this.
And it's, yeah, maybe looking at those and see how we can do those on the fly to just create enhanced performance with that.
So that's probably our next step to this in sort of long journey.
There's a lot of different there's been a lot of interest in this already.
So there's a lot of feedback and excitement and requests already flowing in.
So, yeah, we will see. But I think it's probably more providers in the future.
That'd be great. So, yeah. So over to flipping the roles now. So, Taylor, yeah.
Can you tell us what's been announced today from from your side? Sure. So Cloudflare Stream is our video platform.
And today we're taking the next step with our support for low latency HTTP live streaming.
So low latency HLS is an extension of HLS that allows us to get video encoded and delivered to viewers even faster and can reduce that glass to glass latency, which is like the time between when a broadcaster does something and when a viewer actually sees it to as little as three seconds in ideal conditions.
So back in Speed Week in June, when I was very new to this team, we brought the closed beta to some prospects and a few customers and a lot of internal testing.
We've been working really hard all summer on on expanding support for that today for birthday week as of about six o'clock this morning.
That is now open to all stream customers. That's amazing. That's really good.
And so you said three seconds, which, you know, I'm an avid Twitch watcher and sort of watch people streaming.
And obviously, like, you know, latency is everything.
Like, but why is it important? Why is latency so important in the streaming context?
So, you know, we talk about like glass to glass latency when something happens on the broadcast side to one of you actually sees it, not when a bite's delivered into a buffer.
And that can have a lot of different steps to it to get video processed and into, you know, onto somebody's screen that fast.
But it becomes really clear that like you've got a latency lag.
If you've got any kind of, you know, two way or out of band something happening with with a user.
So if you've got like chats or Q&A in an e -learning context or you've got, you know, live attendees at an event or there's, you know, sports or gaming, like anything that's time sensitive, that latency becomes really exaggerated and it can be really disconcerting to someone's experience.
So, like an example case, you know, if a teacher's leading a class and they ask students to answer in chat, they might ask the question, you know, in the old world that could take, you know, a while to get to students, then they would answer, teacher would read it, and then like that delay repeats itself again.
So really quickly, like one unit of latency can get doubled if something's like back and forth interaction.
Or, you know, my dad's always, he watches football on TV, but he likes to listen to it on the radio.
And radio broadcast gets in a lot faster than like all of the machinations of cable TV.
And so it makes this really disjointed experience and it really draws attention to how long it took the video to get there.
Okay, that's really interesting. Yeah, and I've never thought about that, having it on the, watching a broadcast on radio and then TV and it's almost like, you know, gold could be shouted on the radio and then five seconds later it goes in.
It's almost, yeah. It can be a lot higher than that.
Although I don't know how common that is, maybe he's just a weirdo.
No, it's definitely things, especially in British TV where you can select the commentary and it's usually with BBC, it can be Radio 5 Live or just the normal commentators.
And similar to my dad, if a commentator annoys them, then they will switch the commentary or just switch it off directly.
That's it, it's always the commentators in life.
Yes, definitely. So who's this available for? This is available now for all of our stream customers.
So, anybody who's using stream for live.
You can go into your live input configuration and toggle the beta for HTTP live streaming support sorry for low latency HLS support.
That way, you know, we're not going to immediately flip anybody into the beta that doesn't want to opt in and we're also not opting an entire account in at a time so you can provision a new live input it's free, you know, like you can have as many live inputs as you want.
And you can opt in or out once specifically so that you can control your testing of this new flow.
That's really cool. So, if you want to be the next streamer, I'm guessing and like you want to use Cloudflare stream for that and sort of connect to OBS and you can do, and not sort of impact anything else.
That's really cool.
So yeah, like this is obviously an exciting release for Cloudflare stream.
What's, what's next, what are you working on? So we've been working, you know, most of the year on building out support for low latency HLS will be, you know, continuing our work to scale and support that.
And, you know, as we get new folks in and see what they do and what combinations they they use.
We've got more browser support to add, and we've got more broadcast configurations to test.
One of the things that I have over the last few months gained a big appreciation of is how nuanced video configuration can be.
So as we get folks ready for, you know, different broadcast settings and hardware encoders.
You know all that stuff needs to be, you know, tested it with both flows.
And then also I think it's really important to talk about you know latency in video delivery is really important and low latency HLS is only one part of that.
We're also continuing our work on the web RTC beta, which allows for sub second latency and two way video communication.
Also, we allow for our TMP and SRT pull that allows you to restream from Cloudflare stream to other providers and services on endpoints that support our TMP and SRT as well.
Really cool. So there's a lot on the roadmap. Yeah, sort of keep keep abreast of really cool and sort of yeah how can people get started with this or even, you know, potentially learn about the future and what you're working on.
So there's a blog post that went up this morning that shows the steps in dash to go, you know, enable an input for that.
And I have written and received feedback for edits on a dev docs update so I'll have documentation updated in the next couple of hours to clarify all those points.
And as we make more progress in our development of this open beta, we'll be making regular updates to the dev docs.
And, and back to you.
Let's see. Next up is Cloudflare trace. Tell me a little bit about that.
So Cloudflare traces. I'm really excited for this product Cloudflare trace allows you to put in or mimic a URL request by Cloudflare and it will show you via the UI.
So you can use this for API and get the JSON done, but it will tell you what rules and rule sets are actually matching for a request.
So we yeah so like this was actually built from the idea of, we have an internal tool called flutes that shows all of the requests coming through and sort of like what's matching and sometimes support team shared that with customers and or it's in the community and people are this is really cool.
This is really useful. And we've never been really great at showing sort of the way giving customers a way to debug themselves or to understand how Cloudflare is manipulating requests or how requests, sort of go like change going through our edge.
So this is our first step like and it's a big step.
There's a lot of exciting feedback, not just for customers but customer support on sort of making this available to our to our customers.
Yeah, that you can do a lot in the rules engine and you can. I have made a mess in there before.
So, illustration of that is great. So can you talk about like some example use cases like what somebody might.
Yeah, and yeah, definitely.
So I actually saw there is a, as with everything birthday week there is a blog post already open and I obviously with the blog post I wanted to show some real world examples of how Cloudflare traces helps.
This has been in the API for it's a good nine months.
It's just never had the UI wrap around it that sort of really brings it makes ease of use for all of our customers.
And there's been a couple of things and it's like internally we have a customer escalation process.
So if something goes to our support team, and they see an issue they will raise a customer escalation or go to one of the teams to investigate that will then sort of fold out into the engineering team if there is an issue.
One of the issues was for their customers trying to use transform rules, which is another product, I own to rewrite URL to origin.
So the customer deployed a rule. However, the sysadmin on the origin was looking at the logs, and for a very small random percent, he saw like the path not being transformed, and it was going to the old origin.
So, by the API and sort of using this, he was able to get the URLs from his Cloudflare logs to see what was matching what wasn't put them into the trace.
And the way the rule sets and this is sort of the confusing thing and why we built this it's like every rule that the filter matches actually can change like has can enforce an action.
So in one of the traces two rules were matching with the regex one specifically matching on one which was the correct behavior on the other URL, the regex was not matching so it was only showing one rule out of the two.
So he was able to then look at the rule and basically understand that the regex is wrong.
Updated the regex, put the URLs in again, rerun the trace. Both of the rules were now working and there was nothing going through to the origin.
So that is that is one example and the other one is just really understanding like how things are flowing through.
So if I put this in and the bot score, which is a product available to our enterprise customers, but you can mimic a bot score to show how your firewall rules can trigger.
So if you have a lot of WAF custom rules and you put in a request, you can also spoof the country that it's coming from.
You can actually see like is the rule matching, is the rule actually being blocked as expected or is it going through and there's something misconfigured in the rules that you have to go and change.
So it's really giving them the transparency of a request and sort of what's matching.
But yeah, like firewall rules is definitely one and all of the new rules products, as you said, like everything is built, not everything.
A lot of things are built on rule sets now and our rule sets engine.
So giving customers the ability to see that and how it's changing and what is interacting is like a really, yeah, a cool product and a cool feature.
But also our support customers, the support team wanted so that, you know, they didn't have to answer as many support questions because customers could find the information themselves.
Yeah, absolutely. Yeah, the last team I was on was marketing engineering.
And when we do a ton of work in the rules engine and, you know, user facing diagnostic display of all that would have been super helpful.
So this is really great.
And who's this available for? Everybody. Free, pro, business, again, part of the birthday briefing.
But if you are a business customer or an enterprise customer, then you probably do have access to support at some level, be it chat or you can put a ticket in.
The free and pro customers are able to use all the rule sets products, but they only have community.
So we wanted to make this available to all because we wanted everyone could be able to sort of understand what's happening, what's going wrong.
And you can also export out the JSON, if you wish, of all the rules.
And you can use that to show within a community chat or to the support team from that.
So, yeah, everyone struggles with the rule sets.
It's not just customers. Sometimes it's internally from our SEs, it's product going, what's happening here?
Why is this not working? Or how do I do X? So, yeah, everyone benefits from this and everyone will get this within their dashboard.
That's great. And, you know, where is it in the dash or, you know, how will folks get started?
So the beta is so it's enabled for 25 percent. We're going to enable it 25 percent every day, Thursday being the last day.
So everyone will see it.
It's at the account level. So within the beta, you do need either admin permissions or super admin permissions.
Currently, the reason for it is we needed to make sure that you are allowed to see all the rule sets that evaluating because some people could only have cash.
And it's like, OK, you need to be able to see the whole traces to understand that.
So it will be an account level. And because we have account level rules and zone level rules, that's why it's there as well.
So it's just in the dashboard.
You go into your account and you see trace. Click it. Real simple UI.
It gives you information and URL. Click next. And then you see sort of the outputs of what's happening.
So, yeah, that's awesome. OK, so two things are really important in there that might be like Cloudflare jargon.
Account level dashboard.
So like zone overview page or like where you see your list of websites is where you'll find it.
And what was the permission set again? Admin or super admin.
So majority of people on our free and pro like will be that sort of you probably not use yet sort of segmenting down.
But like for enterprise customers, that would probably make more sense.
Yes, it is jargon. It's like the root of sort of permissions from like a Cloudflare set.
So, yeah, that's what we need. Those sort of eliminated permissions to be able to run a trace successfully.
Awesome. And then any thoughts on on the future?
Where's this? Where's this headed? So we're thinking about.
Running traces like it would be cool if you could run them on and sort of a cron job sorts of frequency.
Or if you're using CI CD pipelines that people are pushing by Terraform, a change to the rules.
And you always expect an outcome of something happening.
So if you push something and it changes fundamentally how your configuration looks in the output for a specific URL, then thinking about alerting off that.
So it opens up a path. And this is sort of where I'm really excited.
And this is going to be something like, you know, 2024 vision is customers being able to sort of write their own test cases that use Cloudflare trace for them to do expect like for this URL.
I will always expect this rule or this response and this to happen.
And if it doesn't work, then send an alert or so like it's similar to all of our things.
So because obviously everybody builds things within Cloudflare.
If someone comes in and adds a rule and doesn't understand that it requires something else from here, like things can break.
So building that testing network.
And yeah, that's sort of where I want to go with this and the big vision. That's awesome.
Yeah, I look I look forward to taking that for a drive myself. Well, cool.
Thank you so much. And thank you, everybody, for tuning in and watching for this.
This what launched on Monday, a birthday week. We'll have announcements every day this week, all the way through, I believe, Saturday or Sunday.
You can check out Cloudflare.com slash birthday dash week for the daily announcements.
Everything's going up on the blog and lots of mentions of all these things on social media as well.
Matt, thank you so much for joining. And thanks, everybody. And have a great day.
Thanks, everybody. Thanks, Taylor. Welcome to birthday week.
Birthday week. Cloudflare's birthday. Happy anniversary. Happy birthday.
Cloudflare's birthday. Birthday celebration. Birthday week. Cloudflare birthday week.
Birthday week. Happy birthday. Looking forward to all the announcements to come.
We're betting on the technology for the future, not the technology for the past.
So having a broad network, having global companies now running at full enterprise scale gives us great comfort.
It's dead clear that no one is innovating in this space as fast as Cloudflare is.
With the help of Cloudflare, we were able to add an extra layer of network security controlled by Allianz, including WAF, DDoS.
Cloudflare uses CDN and so allows us to keep costs under control and caching and improves speed.
Cloudflare's been an amazing partner in the privacy front. They've been willing to be extremely transparent about the data that they are collecting and why they're using it.
And they've also been willing to throw those logs away.
I think one of our favorite features of Cloudflare has been the worker technology.
Our origins can go down and things will continue to operate perfectly. I think having that kind of a safety net provided by Cloudflare goes a long ways.
We were able to leverage Cloudflare to save about $250,000 within about a day.
The cost savings across the board is measurable, it's dramatic, and it's something that actually dwarfs the yearly cost of our service with Cloudflare.
It's really amazing to partner with a vendor who's not just providing a great enterprise service but also helping to move forward the security on the Internet.
One of the things we didn't expect to happen is that the majority of traffic coming into our infrastructure would get faster response times, which is incredible.
Zendesk just got 50% faster for all of these customers around the world because we migrated to Cloudflare.
We chose Cloudflare over other existing technology vendors so we could provide a single standard for our global footprint, ensuring world-class capabilities in bot management and web application firewall to protect our large public-facing digital presence.
We ended up building our own fleet of HAProxy servers such that we could easily lose one and then it wouldn't have a massive effect.
But it was very hard to manage because we kept adding more and more machines as we grew.
With Cloudflare we were able to just scrap all of that because Cloudflare now sits in front and does all the work for us.
Cloudflare helped us to improve the customer satisfaction.
It removed the friction with our customer engagement.
It's very low maintenance and very cost effective and very easy to deploy and it improves the customer experiences big time.
Cloudflare is amazing. Cloudflare is such a relief. Cloudflare is very easy to use.
It's fast. Cloudflare really plays the first level of defense for us. Cloudflare has given us peace of mind.
They've got our backs. Cloudflare has been fantastic.
I would definitely recommend Cloudflare. Cloudflare is providing an incredible service to the world right now.
Cloudflare has helped save lives through Project Fairshot.
We will forever be grateful for your participation in getting the vaccine to those who need it most in an elegant, efficient and ethical manner.
My name is Vania and I'm a Research Program Manager here at Cloudflare.
I joined Cloudflare in June 2021.
I lead the processes of the team and how to deliver research internally and externally with academia.
I founded Geek Girls Portugal in 2010.
It's been running for 13 years. It's a community for women in tech in Portugal. The main goal, the main mission is to drive more women into tech roles and finding them a safe space for sharing their concerns, sharing their challenges and finding them the right track for their career in tech.
One of the things I really enjoy working at Cloudflare is collaborating with so many different people from different genders, from different ethnicities, from different countries and all those cultural things coming into our work relationships as well.
And that has been really a super interesting experience in driving more interesting work because I really believe that diversity at work really empowers the way we create, the way we think and the way we deliver new work.
My name is Vania and this is my life at Cloudflare.
Happy birthday. Looking forward to all the announcements to come. Thank you.