🎂 Birthday Week Spotlight: Speeding up Fonts, Live Streams, and more!
Presented by: Matthew Bullock, Taylor Smith
Originally aired on September 26, 2023 @ 1:30 AM - 2:00 AM EDT
Welcome to Cloudflare Birthday Week 2023!
2023 marks Cloudflare’s 13th birthday! Each day this week we will announce new products and host fascinating discussions with guests including product experts, customers, and industry peers.
Tune in all week for more news, announcements, and thought-provoking discussions!
Read the blog post:
- Cloudflare Fonts: enhancing website font privacy and speed
- Cloudflare Stream Low-Latency HLS support now in Open Beta
- Traffic transparency: unleashing the power of Cloudflare Trace
Visit the Birthday Week Hub for every announcement and CFTV episode — check back all week for more!
English
Birthday Week
Transcript (Beta)
Good morning. Welcome to Birthday Week Monday. My name is Taylor Smith, and with me is Matt Bullock.
I'm the product manager for Stream. Matt, why don't you tell us a little bit about yourself?
Yeah, so hi everyone. I'm Matt Bullock. I'm the product manager for the Speed team and also for the FL team that stands for Frontline at Cloudflare.
Let's see. So we've got three exciting announcements to share with you today.
Cloudflare Fonts, the Low Latency HLS Open Beta, and Cloudflare Trace.
Let's start off with Matt talking about Cloudflare Fonts. What's that?
So Cloudflare Fonts, which will be available starting next week, basically allows users that are using Cloudflare services for reverse proxying for them to automatically rewrite Google font domains.
Or if you're using Google fonts and it's coming through and it makes a request via the CSS and the HTML to load in a Google font, then what we will do is dynamically on the fly replace that to a URL that actually loads from your own host name.
So this means that when you look through the network trace, you don't see G -Static or Google fonts.
You actually see just your host name.
And then we've got a path, which is CFFonts. And then it will load the font into your website as if as if by magic.
So remove sort of, you know, making a request to Google allows you to cache, allows you to speed up and allows it to be a bit more private as well.
Oh, that's great. So who will that be available for?
So as with birthday week, this product really is for everybody. It's on all plans.
There is no different flavors between free or pro or biz or end. It's the same product for everybody.
And so, yeah, if you're using Google fonts on your website that, yeah, you will be able to use this and sort of get all of the perks across all of the plans.
Oh, that's great. So that's also going to be available for the free tier as well.
Yes, definitely. There's a lot of customers that are probably using WordPress.
Like that's when all of my test domains are WordPress sites and the themes and the plugins usually use Google fonts for beta.
Awesome.
Like Google fonts is a great open source tool for fonts. Yeah. So it's used widely throughout all of web development.
So, yeah, like free plans are obviously doing a lot of WordPress and sort of hosting things like that.
So, yeah, it's definitely available for free plans.
That's good. I do that, too. So is how does that how does that improve a site's speed?
So when you load up a website, usually, well, always you will load up the HTML that then within that contains a load of links to pull in different resources.
So, for instance, you could be pulling a JavaScript library, you could be pulling in a CSS.
And one of those, or usually if you're not relying on the browser, is to pull in a font file.
The font file is you because you are going to G-Static or Google in this case, it means that you have to your browser actually has to make another connection, establish another TLS connection and then start downloading through Google's and Google CDN.
So the way it enhances performance is because we're serving on the same host name as the HTML that you're loading from.
We've already got the DNS address. We've already got a TLS connection established.
We can actually just start loading that font straight away.
So you're removing that overhead. And so, yeah, and because it's using our CDN as well, which is I think is a post later in the week of how fast we are globally compared to all of our competitors, you can it is loaded from that.
So it also allows you to cash closer to the eyeballs and serve fonts directly to them.
Oh, that's great, because because typefaces sometimes can be render blocking.
So. Yeah, that'll be great. And then you made a comment a little bit earlier about privacy implications.
How does how does both our fonts affect the privacy of the site?
So I think like privacy is obviously very important. Being in London, Europe is always a focus on privacy and making things as private as possible.
So when you are creating your sort of page and sort of your third party services, and obviously you are listing Google and some people even know Google states like they do not collect any information, store it or use it.
But there is still a request to Google and some people can be a bit wary of that, may block it.
What Cloudflare Fonts does is obviously it loads from your own host name.
So it's coming from yours. It looks more transparent within the actual network tab.
It's loading from your resources. It's the same sort of Cloudflare stack as what all of your pages are used to.
And any time we have a miss and we have to go and load in the font library, it's basically coming from our infrastructure and it's completely oblivious.
So there is no this is the IP address of the original user eyeball.
This is not who's connecting any cookies or anything is stored. We are just making the request, putting that font file in.
We are storing it within our KV files, our workers KV and then serving it to your end users from your domain.
So it really sort of adds an almost like a reverse proxy on a reverse proxy going to Google to sort of like high to sort of high to make sure no data is being leaked across.
So customers, yeah, like obviously we are built on trust, on privacy and sort of all of our frameworks and our best practices are built into this.
And yeah, we don't log the data.
We don't use it for anything. It's just, yeah, another Cloudflare product built on our Cloudflare trust.
That's great. So how would a user get started with this?
So this will be available. Yeah, hopefully next week. And we'll roll this out.
Just need to find a release to go out within the speed tab within the optimizations.
You'll be able to go in and see Cloudflare fonts as a toggle button.
It'll be off by default. You'll have to go in and enable this. We won't enable it for anybody.
But yeah, you can go in and sort of easily enable it. And once that's done, you can load up your site and view the network tab and just see the fonts being loaded.
OK, so I wouldn't have to make like a code change to a site that I already have.
No, absolutely not. And that's part of the brilliant and ease of use of this is just that one click toggle.
You're not going to have to update the HTML or any CSS or anything to reference Cloudflare fonts.
You just have your normal Google.
Yeah, sort of. Basically, your normal setup for Google, and then you can sort of enable it and we will just rewrite that on the fly.
And a request will will drop to any Google font files and just start going through Cloudflare and through our network.
And that allows you to catch. That's great. Sounds like it'll be an easy, quick win for a lot of folks.
So it's good to hear. What's what's next on the roadmap for y 'all?
So there's a number of different things like we're looking at, you know, maybe more font providers.
Yes, Google is one of the main ones out there.
There's obviously a lot of open source font providers that do this.
And it's, yeah, maybe looking at those and see how we can do those on the fly to just create enhanced performance with that.
So that's probably our next step to this in sort of long journey.
There's a lot of different there's been a lot of interest in this already.
So there's a lot of feedback and excitement and requests already flowing in.
So, yeah, we will see. But I think it's probably more providers in the future.
That'd be great. So, yeah. So over to flipping the roles now.
So, Taylor. Yeah. Can you tell us what's been announced today from from your side?
Sure. So Cloudflare Stream is our video platform.
And today we're taking the next step with our support for low latency HTTP live streaming.
So low latency HLS is an extension of HLS that allows us to get video encoded and delivered to viewers even faster and can reduce that glass to glass latency, which is like the time between when a broadcaster does something and when a viewer actually sees it to as little as three seconds in ideal conditions.
So back in Speed Week in June when I was very new to this team, we brought the closed beta to some prospects and a few customers and a lot of internal testing.
We've been working really hard all summer on on expanding support for that today for birthday week as of about six o'clock this morning.
That is now open to all stream customers.
That's amazing. That's really good. And so you said three seconds, which, you know, I'm an avid Twitch watcher and sort of watch people streaming.
And obviously, you know, latency is everything. But why is it important?
Why is latency so important in the streaming context? So, you know, we talk about like glass to glass latency when something happens on the broadcast side to one of you actually sees it, not when it bites delivered into a buffer.
And that can have a lot of different steps to it to get video processed and into, you know, onto somebody's screen that fast.
But it becomes really clear that, like, you've got a latency lag.
If you've got any kind of, you know, two way or out of band, something happening with with a user.
So if you've got like chats or Q&A in an e-learning context, or you've got, you know, live attendees at an event or there's, you know, sports or gaming, like anything that's time sensitive, that latency becomes really exaggerated.
And it can be really disconcerting to someone's experience.
So, like, an example case, you know, if a teacher is leading a class, and they ask students to answer in chat, they might ask the question, you know, in the old world that could take, you know, a while to get to students, then they would answer.
Teacher would read it. And then like that delay repeats itself again. So really quickly, like one unit of latency can get doubled.
If something's like back and forth interaction, or, you know, my dad's always, he watches football on TV, but he likes to listen to it on the radio and radio broadcast gets in a lot faster than like all of the machinations of cable TV.
And, and so it makes this really disjointed experience and it really draws attention to how long it took the video to get there.
Okay, that's, that's really interesting. Yeah, and I've never thought about that having it on the, watching a broadcast on radio and then TV and it's almost like, you know, gold could be shouted on the radio and then five seconds later it goes in, it's all but yeah.
It can be a lot higher than that. Although I don't know how common that is maybe he's just a weirdo.
No, it's, it's definitely things especially in British TV where you can select the commentary and it's usually with BBC can be radio five live or just the normal commentators and similar to my dad if a commentator annoys them, then they will switch the commentary, or just switch it off directly.
So, that's it, it's always the commentators in life. Yes, definitely.
So who's, who's this available for. This is available now for all of our stream customers.
So, anybody who's using stream for live. You can go into your live input configuration and toggle the beta for HTTP live streaming support sorry for low latency HLS support.
That way, you know, we're not going to immediately flip anybody into the beta that doesn't want to opt in and we're also not opting an entire account in at a time so you can provision a new live input it's free, you know, like you can have as many live inputs as you want.
And you can opt in or out once specifically so that you can control your, your testing of this new flow.
That's really cool.
So, if you want to be the next streamer, I'm guessing and like you want to use Cloudflare stream for that and sort of connect to OBS and you can do not sort of impact anything else.
That's really cool. So yeah like this is obviously an exciting release for Cloudflare stream.
What's, what's next. What are you working on.
So we've been working, you know, most of the year on building out support for low latency HLS will be, you know, continuing our work to scale and support that.
And, you know, as we get new folks in and see what they do and what combinations they they use.
We've got more browser support to add, and we've got more broadcast configurations to test.
One of the things that I have over the last few months gained a big appreciation of is how nuanced video configuration can be.
So as we get folks ready for, you know, different broadcast settings and hardware encoders.
You know all that stuff needs to be, you know, tested it with both flows.
And then also I think it's really important to talk about you know latency in video delivery is really important and low latency HLS is only one part of that.
We're also continuing our work on the web RTC beta, which allows for sub second latency and two way video communication.
Also, we allow for our TMP and SRT pull that allows you to restream from Cloudflare stream to other providers and services on endpoints that support our TMP and SRT as well.
Really cool so there's a lot on the roadmap.
Yeah, so keep keep the rest of really cool. And so yeah, how can people get started with this or even, you know, potentially learn about the future and what you're working on.
Absolutely. So there's a blog post that went up this morning that shows the, the steps in dash to go, you know, enable an input for that.
And I have written and received feedback for edits on a dev docs update so I'll have documentation updated in the next couple of hours to clarify all those points.
And as we make more progress in our development of this open beta, we'll be making regular updates to the dev docs.
And, and then back to you.
Let's see. Next up is Cloudflare trace. Tell me a little bit about that.
So Cloudflare traces, I'm really excited for this product. Cloudflare trace allows you to put in or mimic a URL request by Cloudflare, and it will show you via the UI.
So you can use this for API and get the JSON done, but it will tell you what rules and rule sets are actually matching for a request.
So we, yeah, so like this was actually built from the idea of, we have an internal tool called flutes that shows all of the requests coming through and sort of like what's matching.
And sometimes support teams shared that with customers and or it's in the community and people are this is really cool.
This is really useful. And we've never been really great at showing sort of the way, giving customers a way to debug themselves or to understand how Cloudflare is manipulating requests or how requests sort of go like change going through our edge.
So this is our first step, like, and it's a big step.
And it's a lot of exciting feedback, not just for customers, but customer support on sort of making this available to our customers.
That's great.
Yeah, that you can do a lot in the rules engine and you can. I have made a mess in there before.
So, illustration of that is great. So can you talk about like some example use cases like what somebody might.
Yeah, and yeah, definitely.
So I actually saw there is a, as with everything birthday week, there is a blog post already open.
Obviously, with the blog post, I wanted to show some real world examples of how Cloudflare traces helps.
This has been in the API for it's a good nine months.
It's just never had the UI wrap around it. That sort of really brings it makes ease of use for all of our customers.
And there's been a couple of things.
And it's like internally, we have a customer escalation process.
So if something goes to our support team and they see an issue, they will raise a customer escalation or go to one of the teams to investigate.
That will then sort of fold out into the engineering team if there is an issue.
One of the issues was for their customers trying to use transform rules, which is another product I own to rewrite URL to origin.
So the customer deployed a rule. However, the sysadmin on the origin was looking at the logs and for a very small random percent, he saw like the path not being transformed and it was going to the old origin.
So by the API and sort of using this, he was able to get the URLs from his Cloudflare logs to see what was matching, what wasn't, put them into the trace.
And the way the rule sets and this is sort of the confusing thing and why we built this.
It's like every rule that the filter matches actually can change, like has can enforce an action.
So in one of the traces, two rules were matching with the regex one specifically matching on one, which was the correct behavior on the other URL.
The regex was not matching, so it was only showing one rule out of the two.
So he was able to then look at the rule and basically understand that the regex is wrong.
Updated the regex, put the URLs in again, re-ran the trace. Both of the rules were now working and there was nothing going through to the origin.
So that is that is one example.
And the other one is just really understanding like how things are flowing through.
So if I put this in and the bot score, which is a product available to our enterprise customers, but you can mimic a bot score to show how your firewall rules can trigger.
So if you have a lot of WAF custom rules and you put in a request, you can also spoof the country that it's coming from.
You can actually see like, is the rule matching? Is the rule actually being blocked as expected?
Or is it going through and there's something misconfigured in the rules that you have to go and change?
So it's really giving them the transparency of a request and sort of what's matching.
But yeah, like firewall rules is definitely one.
And all of the new rules products, as you said, like everything is built, not everything.
A lot of things are built on rule sets now and our rule sets engine.
So giving customers the ability to see that and how it's changing and what is interacting is like a really, yeah, a cool product and a cool feature.
Not our customers want, but also our support customers, the support team wanted.
So that, you know, they didn't have to answer as many support questions because customers could find the information themselves.
Yeah, absolutely. Yeah.
The last team I was on was marketing engineering. And when we do a ton of work in the rules engine and, you know, user facing diagnostic display of all that would have been super helpful.
So this is really great. And who's who's this available for?
Everybody. Free, pro, business, again, part of the birthday briefing.
But. If you are a business customer or an enterprise customer, then you probably do have access to support at some level, be it chat or you can put a ticket in.
The free and pro customers are able to use all the rule sets products, but they only have community.
So we wanted to make this available to all because we wanted everyone could be able to sort of understand what's happening, what's going wrong.
And you can also export out the JSON, if you wish, of all the rules. And you can use that to show within a community chat or to the support team from that.
So, yeah, everyone struggles with the rule sets. It's not just customers. Sometimes it's internally from our SEs, it's product going, what's happening here?
Why is this not working or how do I do X?
So, like, yeah, everyone benefits from this and everyone will get this within their within their dashboard.
That's great.
And, you know, where is it in the dash or, you know, how does it get started?
So the beta is so it's enabled for 25 percent. We're going to enable it 25 percent every day on Thursday being the last day.
So everyone will see it. It's at the account level.
So within the beta, you do need either admin permissions or super admin permissions.
Currently, the reason for it is we needed to make sure that you are allowed to see all the rule sets that evaluating because some people could only have cash.
And it's like, OK, you need to be able to see the whole traces to understand that.
So it will be an account level. And because we have account level rules and zone level rules, that's why it's there as well.
So it's just in the dashboard.
You go into your account and you see trace. Click it. Real simple UI gives you information and URL.
Click next. And then you see sort of the outputs of what's happening.
So, yeah, that's awesome. OK, so two things are really important in there that might be like Cloudflare jargon account level dashboard.
So like zone overview page or like where you see your list of websites is where you'll find it.
And what was the permission set again? Admin or super admin.
So majority of people on our free and pro like will be that sort of you probably not use yet sort of segmenting down.
But like for enterprise customers, that would probably make more sense.
Yes, it is jargon. It's like the root of sort of permissions from like a Cloudflare set.
So, yeah, that's sort of we need those sort of eliminated permissions to be able to run a trace successfully.
Awesome. And then any thoughts on on the future?
Where's this? Where's this headed? So we're thinking about.
Running traces like it would be cool if you could run them on and sort of a cron job sorts of frequency.
Or if you're using CI CD pipelines that people are pushing by Terraform, a change to the rules.
And you always expect an outcome of something happening.
So if you push something and it changes fundamentally how your Cloudflare configuration looks and the outputs for a specific URL, then thinking about alerting off that so it opens up a path.
And this is sort of where I'm really excited.
And this is going to be something like, you know, 2024 vision is customers being able to sort of write their own test cases that use Cloudflare trace for them to do.
So you expect like for this URL, I will always expect this rule or this response and this to happen.
And if it doesn't work, then send an alert or so like it's similar to all of our things.
So because obviously everybody builds things within Cloudflare.
If someone comes in and adds a rule and doesn't understand that it requires something else from here, like things can break.
So building that testing network and yeah, that's sort of where I want to go with this and the big vision.
That's awesome. Yeah, I look forward to taking that for a drive myself.
Well, cool. Thank you so much. And thank you, everybody, for tuning in and watching for this what launched on Monday, a birthday week.
We'll have announcements every day this week all the way through, I believe, Saturday or Sunday.
You can check out Cloudflare.com slash birthday dash week for the daily announcements.
Everything's going up on the blog and lots of mentions of all these things on social media as well.
Matt, thank you so much for joining. And thanks, everybody.
And have a great day. Thanks, everybody. Thanks, Taylor. Bye.