Cloudflare TV

⚡️ What Launched Today - Wednesday, June 21

Presented by Sam Marsh, David Tuber, Matthew Bullock, Charlie Burnett, Alex Krivit
Originally aired on 

Welcome to Cloudflare Speed Week 2023!

Speed Week 2023 is a week-long series of new product announcements and events, from June 19 to 23, that are dedicated to demonstrating the performance and speed related impact of our products and how they enhance customer experience.

Tune in all week for more news, announcements, and thought-provoking discussions!

Read the blog post:

Visit the Speed Week Hub for every announcement and CFTV episode — check back all week for more!

Speed Week

Transcript (Beta)

Hello, everybody. Good morning. Good afternoon. Good evening. Welcome back to Cloudflare TV Speed Week Takeover.

Today's day three. We're at the Midway Point. Today we launched or announced six blogs covering everything from snippets, purge architecture, how workers KVs faster than ever, turpentine and helping you get off fastly in Akamai faster than ever, Zero Trust performance, and also a really great case study from one of our customers Kinsta on how they used workers and workers KV to dramatically increase their cash hits, their cash ratios.

I'm pleased to say I am joined on the show today by four of those authors to talk about their posts.

So let's start with David Tuber. Tubes, welcome. Can you start off by introducing yourself to the audience for those who don't know you, what your role is at Cloudflare and what it is your post was announcing today?

Yeah. Hi, everybody. My name's Tubes.

I run the network availability and performance outfits at Cloudflare.

And my job is to make Cloudflare, you know, fast and available and, you know, it well interconnected everywhere.

And, you know, today, we announced, we published our findings about how we compare, you know, Cloudflare against Zscaler, Netscope and Palo Alto and a whole bunch of different Zero Trust scenarios.

And now what we're trying to show is how we're faster than them in as many of the scenarios as we can.

And we announced a fresh set of numbers that show that.

So we're super excited to have those numbers out. Super excited to talk about them.

Yeah. So yeah, let's talk about them. So at a high level, what are we testing?

Essentially, what are we comparing? Yeah. So when we look at zero trust, Zero Trust is not a monolith.

There's a whole bunch of different scenarios.

We're testing three distinct scenarios. We're testing secure gateway, which basically tests our ability to reach the Internet from a web, from a device client through the gateway, which is either Cloudflare, Netscope, Zscaler or Palo Alto.

We're testing Zero Trust network access. So how fast can we reach an endpoint that is protected by the Zero Trust network?

So basically what we did for that test was we stood up a whole bunch of catch point nodes, 400 around the world.

And we had those catch point nodes try and log in to the application. And then once it got the application credentials, it would reauthenticate and then try and hit the endpoint again.

We did that for 14 endpoints hosted in a whole bunch of different clouds around the world.

We measured the performance to see who was faster.

Spoiler alert, it was Cloudflare pretty much everywhere. And then finally, we did a remote browser isolation, which allows us to log in to websites through our remote browsing support.

And that's actually not supported by all of our Zero Trust services, but the ones that were able to be supported, we tested.

And for the ones that we tested, we were faster in pretty much everywhere. Why do you think it is that we were?

I know we obviously show our test methodology in the post, but why do you think we were so much faster or faster in the majority?

Well, really, when you think about it, the answer is our network. And that's a really tired kind of response.

Like you say, it's our network all the time.

But in reality, that network is actually kind of our superpower and what powers performance across all of our applications and services.

So now if you think about it, imagine that you're in, and we actually talked about this in Impact Week a while ago, imagine that you're in a place that maybe doesn't have the greatest Internet connectivity.

Let's say that you're in like Nigeria or America.

America. When you do that, when you're there, you want to be able to connect to your services as close to you as possible.

And what that does is that shortens the last mile.

It shortens the time that you spend on your ISP. And that's not to say that every ISP is bad, but not all ISPs are created equal.

We've got a lot of blog posts that talk about that.

And the shorter you can make that path from you to the kind of front door of your content, which is Cloudflare or any Zero Trust provider, the better of your performance will be.

And also the thing that kind of helps us benefit, and I think that Matt and Krivett can talk about that a lot, is how we are able to process requests very quickly, because we've got this really powerful CDN.

Now it's up to like, how many requests today? Like billions, almost trillions of requests today, that all of our other competitors don't even have anything sort of like that.

So like the lessons that we've learned for optimizing performance on that end, carry over to our Zero Trust suite, which allows us to be faster.

And in terms of being fastest, right? And the kind of blog today does a really good job of covering the scenarios in which we're fastest, but also how much faster in kind of the coverage.

Why does it matter from a Zero Trust perspective?

Obviously we've kind of, we've talked a lot about it from like a traditional sense, like websites being faster, web pages loading faster, files downloading faster, but from the Zero Trust perspective, why does it, who cares?

Why does it matter that we're the best, we're the fastest? Yeah. We cover this actually in pretty good detail in this blog and actually a blog post that's coming out tomorrow as well.

Performance in Zero Trust is a threat vector. If you're using a SecureWebGateway client and you're having a bad experience, the first thing that you're going to want to do is you're going to turn it off.

And when you turn it off, the second that you do that, you lose all the protection that the client and the service offers you.

You know, a lot of customers are pushing really, really hard to be like, we want this on all the time.

It needs to be transparent so that employees don't know that it's there.

And when they don't know it's there, they don't turn it off.

So that's really how performance is kind of the threat vector.

And so the better your performance is, the less likely you're going to turn it off and you know, the more secure you'll be.

Yeah. And the better end user experience as well, the employee experience.

Yeah. Awesome. Cool. Thank you very much.

Let's move on, keeping it on this tough an hour. Next we've got Alex.

Welcome back. For those of you who've been studiously watching all week, Alex was with us on Monday talking about smart hints, and now he's back today talking about something completely different, which is a turpentine, which probably doesn't make a lot of sense to people who are in the know.

So Alex, could you introduce yourself again for people who didn't watch on Monday and just kind of give us a little bit about what is turpentine is and what are we announcing today?

Yeah. Thanks, Sam. I am Alex and I am the product manager for cash and some CDN things at Cloudflare.

And today I'm going to talk about turpentine, which is a product that was announced maybe a year and a half or so ago.

And sort of the promise of that product was like, how do you get off of other sort of CDN providers as quickly as possible?

When you sort of experience other vendors and other things, as a customer, you might be a little bit nervous about signing really long-term commitments, and you really want to make sure that there is this good sort of synergy between how you make these decisions regarding pricing, but you also want to make sure that those things really coalesce well with the features that you have available in the future trajectory of the vendors that you are committing to.

And so there's this sort of generalized problem that we're seeing today, especially within this macroeconomic environment where customers get locked into various vendors, which sort of is bad for them because as you might expect, like maybe other vendors have different features that they might want to move to or they might want to use.

And so they're sort of stuck in this situation where they might want to move and they can't for a while.

And that's sort of the promise of turpentine.

How do you quickly and easily without this, like a lot of issues or hullabaloo, like how do you right now move from like Fastly or Akamai or CloudFront, any of these other CDNs to Cloudflare without there being a lot of issues?

And so that's sort of the promise of turpentine.

And so today we announced that you have guides available for you to allow for you to sort of self-serve guide.

How do you translate sort of this complex coding environment in VCL or in XML or whatever into Cloudflare first-class products?

And then how do you do that across Akamai or other vendors while at the same time looking at, you know, like, hey, like maybe I'm a really big organization and maybe I don't have, you know, like the time or energy or personnel that I want to move.

And so you're moving with a new team that we just announced that is a professional services organization.

So if you want to work with them, you can, you can, you know, work with them to move your things over.

That was sort of a long windup for like that to be like, yes, you can work with a team to help you move over if you want as well.


And like you said, there's the guides, there's the professional services team, you know, what is it, you know, who's the primary audience for this kind of migration hub, which we're launching today?

Yeah, I would say that it sort of falls on both sides of sort of the continuum, right?

You have customers that are, you know, want to do it themselves.

They want to sort of figure out is Cloudflare the best place for their website or their web properties.

And so they don't really want to talk to anybody.

They just sort of want to explore, learn sort of what Cloudflare is and how they can use it within their environment.

And so we have published public facing guides for them.

So if they want to move pieces of their website over, they can do that.

They can look at their configs on VCL or whatever, and then look to see how those different products that they're calling in VCL map to Cloudflare products.

But on the other side of the continuum, we have really large organizations, customers that say like, hey, I'm committed to Cloudflare's product trajectory.

They're launching a lot of cool stuff that I want to use.

And eventually, you know, I think that we can grow together and become really good business partners.

And so I want to have somebody sort of help me through this process, a team of dedicated experts that can help me sort of figure out how I can do all of this without there being a lot of like testing and configuration and stuff like that.

Having that dedicated team that can help me make that transition in like a really time efficient way, I think is the other side of the spectrum there.

Yeah, yeah, I think that's a good point. I think the point is, whatever your size, we can either do it for you and have our consultants come in, understand it, and basically guide you and essentially do the migration for you.

Or if that's not an option, for kind of commercial reasons, or you just kind of want to do it yourself, you want to take the time to understand it, then the guides help to kind of understand, I think, the best way of doing it, right?

Understand what you've got right now and how that translates to what we have, you know, and so you know, okay, this product means I should be looking at this Cloudflare product, whatever it may be.

I mean, if we take a look back at Turpentine, right, this launched September 2021, as this idea of essentially a parser, right?

I mean, we kind of give this parser VCL output, and it essentially generates JavaScript that can be ran in Word, because the whole idea was customers give us VCL, we kind of churn it through, and then it goes into workers to run.

But obviously, we're kind of moving away slightly from that now as an idea.

Can you kind of talk through why that is, and kind of why we decided to pivot away?

Yeah, now, there's a variety of different customers, right?

And they all sort of fit within various buckets. And so the situation is that, like, not everybody can fall into the bucket where like, they can perfectly and easily have their code translated into different workers.

And so that sort of stratification of different customers, sort of, it was the impetus for us launching this migration hub, we want to be able to meet our customers where they want to be met.

And having that those different customers sort of across all the different user groups sort of means that you have to have different groups that are thought of and configured.

And so by putting, like, everybody in that bucket, where it's like one code, like one button migration, we found after, like, you know, a year or so of user research, it didn't always work for everybody.

And so we wanted to really create a generalized solution that no matter what there was a path forward, there's a path to getting on to Cloudflare and exploring all those options that were available.

And so that was sort of the impetus behind, like, creating these additional options such that, you know, you can always, you know, talk to a sales rep and get hooked up with a solutions engineer and help translate some of your config to Cloudflare.

But if you want to do it yourself, or if you want to just be completely hands off and have a white glove sort of experience, then that's completely fine.

And I think that should be allowed and, you know, not necessarily allowed, but should have all those different groups met with a different solution.

And that's sort of the reason.

Yeah. Options. And I think that's the word, options. Yes. That's the word I was searching for.

Yes. So cool. Last question. How can people learn more? How can they kind of get started?

Yeah. Within the blog post that we launched today, there's a link to the migration hub.

They should definitely click that, go to the hub, click around, see the guides.

If they want to talk to somebody within the professional services organization or an expert, there's a place to sign up and get triaged there as well.

So there's a lot of different places for you to go to sort of be met with all of that, wherever you want to be met, essentially.

Perfect. Lovely. Thanks very much for that.

Who's next? Charlie is next. I'm first time on Cloudflare TV this week.

So can you start off the usual? Can you introduce yourself? What your role is here at Cloudflare and what it is you're announcing today?

Absolutely, Sam.

So, hey, everybody, my name is Charlie Burnett. I am a product manager here at Cloudflare on the workers KV team and also the Hughes team and the pub sub team.

And today I'm here to talk to you about worker KV and some of the new things that we have going on in terms of its architecture and how it's powered.

So what is workers KV, right?

Workers KV is a key value store database. It's great for having simple structured information that's accessed in a fast path, like for routing to certain websites, routing to certain information.

If it's a simple enough data structure and you need it quickly, workers KV is the product you want.

And as a part of being something that's in the fast path, we're always trying to make workers KV faster, right?

So now I want to tell you guys about a new feature that we have in terms of our backend.

So originally the way that it worked was our cache was a single tier caching model, right?

So that means that we have our origin servers, where we keep all the data.

We have a single level of cache, and then we have our customers who are reading from that cache, right?

And this is great in terms of being able to access things quickly from a cache, but sometimes you have cache misses.

And sometimes the spread of how fast caches can be read from in the latter half, like 50th percentile to the 99th percentile plus, it gets a little slow, especially if you're hitting those cache misses.

So let's talk about what we've changed.

We've moved to a new tiered caching model. And in this tiered caching model, we're still going to have that same top level cache that's very quick for customers to access.

But if that happens to be a cache miss, then we're going to have a regional cache behind that, that'll still be pretty fast to get to.

And then behind that, there will be a cache in front of our origin servers, such that even if you miss that, there's still a chance that you're going to read cache from there.

So what this does is this dramatically reduces the amount of cold reads you get.

A cold read, for example, is something where you try to read from a cache, it's not there, so you've got to go all the way back to the database and get it and bring it back, right?

So in this case, now you're able to have more opportunities to have a hotter read, a faster path, and we really just kind of reduced the frequency that we're doing those cache misses, and to also be able to serve these requests faster as well.

So that's what we're working with. That's a great product and great release.

But I think a question that a lot of us have is, so you talk about tiered caching, and Alex and Matt are both great, and they've done a lot of good work on tiered caching.

What's the use case for queues in this tiered caching, and how does that differ from our CDN today?

For queues or for Workers' KV?

Yes. Workers' KV, all right. I mean, look, there's a lot of great caching products at Cloudflare, and I think that's an excellent question.

And really where Workers' KV shines is in that fast path of configuration, right?

So when we're trying to send data to and from, when we're routing network requests, that's really the sweet spot for Workers' KV.

But our customers can do all sorts of things.

It's arbitrary. It's simple data structures, right? So what we can put in there is anything from like we have folks for storing certain information for neural network models, things like that.

You can do whatever you want with it, as long as it's something that you can access quickly.

So there's a lot of different ways you can go with it.

I think other caching services, you have great caching for CDNs, for web pages, and things that are a little bit more customer facing and focused.

This is more the routing and the network layer, but really it's anything you want.

Whatever you can build with it, build with it. So a summary is this is really for improving the developer experience for building these websites that end up becoming customer facing.

Whereas Alex and Matt built kind of the customer facing caching, this is the backend that makes that stuff really go.


I mean, Workers' KV powers a lot of the backend, not just for our customers, but also for a lot of Cloudflare as well.

There's a lot of technology that we build our own tools on, on top of Workers' KV to make Cloudflare itself faster.

I mean, our philosophy is if we can make our customers faster and we can make ourselves faster, it helps us improve our products.

So anything we can do on that front, I think that's a great way to go.

Awesome. Nice. I like it when people do my job for me and ask the questions.

Alex, Matt, you got anything you want to ask?

I'll just sit here. No. So I guess the kind of second to last question really is how do people get hold of this?

How do they turn it on? Is there anything that they need to do to start to get this performance benefit?

No, that's a great question.

So this is a feature that we're rolling out right now. Obviously these things are gradual.

We want to make sure that we're testing them and making sure that they work safely.

So this is going to take a little bit of time. The great news is if you're a customer, you don't have to do anything to access this.

Our backend just sort of changes.

All the APIs are the same. All the ways you interact with KB is the same.

So nevertheless, all you have to do is just wait for us to roll it out for you.

It's going to be at least a few weeks, maybe a month or two.

It sort of depends on how that rollout goes. We want to make sure that we're being safe with your data and getting it just right for you so you can have the best possible experience with KB.

So just stick around and wait for it. That's all you got to do.

Nice. Lovely. Thank you very much. Moving on to our last guest of the Wednesday, Matthew Bullock.

Welcome back. You've done one, two, one, at least one session.

This is the second. Second one, second one. So can you introduce yourself again just for people who didn't dial in yesterday for the observatory and experiments post?

A bit about yourself, what your job is here and what it is you're announcing today?

So yeah, I'm Matt Bullock. I'm product manager for Speed and FL.

So this announcement's FL, which stands for front line.

So every request that traverses Cloudflare basically hits FL. So yeah, that's all the products that sit within that.

That's what I manage. Nice. So what is Snippets, first and foremost?

Yeah. So as you asked, yeah, I should really announce what I'm talking about, which is Snippets.

So people may be familiar with Snippets.

You yourself introduced Snippets to the world in birthday week last year as sort of this idea of a new way of allowing customers to customize rules.

So within the products I look after, we have configuration rules, we have transform rules.

Alex has cash rules, and it's a way of telling Cloudflare what to do with a specific request.

And then we have rules built on our Edge Rules engine. So you can say if host name is this, if country is that, or if a cookie contains this, then do an action.

We built a lot of features and functionality, and we continue to add functionality to our rules products.

But we still get featured requests. I know we've had a few bounced around this week where people have had ideas where it rules are great, but it'd be cool if they could do X.

And we just have a massive queue. We don't have a million engineers to build everything and wish we could.

So we thought, what's a halfway house?

So we have Cloudflare Workers where people usually go away and build the workarounds or the things that they wish they could do.

But we wanted to make it easier. And so we're introducing Snippets, which is the Edge Rules engine functionality combined with a way of creating small pieces of JavaScript that you either write for proper developers or for people like me will go to ChatGPT and ask, how do I create a dynamic cookie?

And stick that in and run that on a request.

So it's built to make it simple. People were going to go, well, what's the difference between workers and Snippets?

Well, Charlie's just talked about KV.

We've not done integrations with KV or things like that. We've created it as simple as possible, where if a request matches, just run this small piece of code designed for simplicity for people like me.

Yeah, which leads on to my next question.

Who is this the target audience for? Who is this intended for?

What's the kind of demographic here? So the beautiful thing about Snippets is we've made it available to all plans at some level.

So you're not going to be charged on number of Snippets in locations or what workers do.

We want it to be sort of, you have an idea of number of rules and Snippets in this one -to-one relationship, how many loads you can deploy, the higher the plan, the more you can deploy.

And it's really designed for people. So yeah, people that really want to sort of do difficult Cloudflare functionality or things we can't do in rules to people like me that are, you know, they'll go on our DevDocs or they'll find something in Stack Overflow where they can copy that and just paste in, test it using a filter for, you know, use my home IP address or anyone's on that and then deploy it to the real world.

So really for everyone and anyone that sort of wants to customize our CDN space or sort of layer seven products.

And what are some of those, you know, typical or common use cases where people look at, like you say, cache rules or transform rules, redirect rules, and they can't do it, whatever it may be.

What are some of those kind of common use cases, which are going to be now possible with Snippets?

So I think the big thing this unlocks is like dynamic things.

So let's say you are a Cloudflare for SaaS customer and you want to set a specific cookie and you want to do it on the host name of the request that's coming in.

And then you want to modify the time or the expires and do that from six months from today or this specific time.

It allows you, it unlocks all of the variables that you have in JavaScript.

So you're able to sort of use the set time functionality.

You're able to look at the host name and then create this concatenation of a cookie that you can then set on things like that.

So it's really, again, dynamic things, JWT tokens, where people want to set those or people want to decrypt base 64 requests coming in and sort of before sending onto the origin.

So it's really going to be around those use cases that I think a lot of customers are going to have interest in this.

Yeah. Yeah. And I know we kind of spoke about this on Tuesday, yesterday, in terms of experiments.

And in general at Cloudflare, we have this whole, what's the word for it?

Bad maths, basically of one plus one equals three, right?

Where we try and put two things together to generate another product or a kind of unique angle.

And one of the things we're kind of looking at is using snippets within experiments, right?

So the whole idea is you put some JavaScript that does optimizations and you do that within experiments.

But are there some other examples which we're looking at or may look at in the future where now we've built snippets and we've got these other products in these other areas that we kind of put them together to create something completely new, relatively cheap?

So, yeah, I think similar to what we've got with managed transforms, which is another product that we look after is where, you know, we do some analysis of like the commonly most used transformations or feature requests that people have, like, oh, I just want a single on button to add these 10 headers, such as bot management.

I think there'll be some similar feedback and analysis, or there'll be people that write documents to say, like, these are snippet ideas.

And then we'll probably have an idea of managed snippets. So again, for people like me that are confident in coding or don't know how to maybe go in a way to beginning of the developer's docs and sort of these are Cloudflare approved snippets, you can copy and paste that in to a point where you create an edge rule and you just deploy it from a dropdown, the cookie snippet or the JWT snippet, whatever, where it will just populate the JavaScript and you may have to make some minor modifications or it just runs from scratch that you can deploy.

So I think it's like we will obviously get the feature request, we'll crowdsource and sort of these ideas just to sort of bolt everything together and just again, make it easier for customers to deploy and yeah, new snippets.

Yeah. And I guess the final question, the question everyone's going to ask, reading the blog on or watching here is how do we get our hands on this?

How do we start to use it?

Yeah. So yeah, we are super close to this, releasing this, like the APIs, so internally APIs are done, we're just building the UI and then going through the final sort of checks and we had a beta sort of signup, alpha signup at birthday week, we'll start inviting customers that signed up to that, that form is still open, it's on the blog at the bottom, so you can still sign up and yeah, once we open it up, we'll send the invites, details of how you can deploy your first snippet.

Exciting, exciting. Cool. That's time, I'm afraid to say. Thanks everybody for your great answers, great session as always.

Don't forget to tune in tomorrow, I mean you guys can come as well if you want to ask some more questions Tubes, but otherwise, thanks very much for attending, thanks very much for listening and I will let everybody get on with the rest of their day.

Thank you very much, everybody.

Thumbnail image for video "Speed Week"

Speed Week
Relive Cloudflare's Speed Week with episodes showcasing how we keep everything fast, from lightning quick configuration updates and code deploys, to logs you don’t have to wait for, to ludicrously fast cache purges and real time analytics.
Watch more episodes