This Week in Net: From Rust to Python and a glimpse on what to expect from Security Week
Welcome to our weekly review of stories from our blog and other elsewhere, covering a range of topics from product announcements, tools and features to disruptions on the Internet. João Tomé is joined by our CTO, John Graham-Cumming.
In this week's program, we go over our recent blog posts related to two relevant programming languages, Rust and Python. The related posts are:
- Oxy is Cloudflare's Rust-based next generation proxy framework
- How we built an open-source SEO tool using Workers, D1, and Queues
- How Rust and Wasm power Cloudflare's 188.8.131.52
- Keeping the Cloudflare API 'all green' using Python-based testing
We also discuss how the new Zero Trust navigation is coming soon (and we need your feedback), how to build resiliency into systems with Cloudflare Workers, and why you should go over our White House’s National Cybersecurity Strategy related blog post.
Last but not least, we give you a teaser on what to expect of the upcoming Security Week (one of Cloudflare’s Innovation Weeks). And Andie Goodwin and Angela Huang share some insights about our blog post related to the International Women’s Day and give some suggestions.
- Deploying firmware at Cloudflare-scale: updating thousands of servers in more than 285 cities
- Embrace equity on International Women’s Day (and every day)
- Accelerate building resiliency into systems with Cloudflare Workers
- The White House’s National Cybersecurity Strategy asks the private sector to step up to fight cyber attacks. Cloudflare is ready
- New Zero Trust navigation coming soon (and we need your feedback)
- How Cloudflare runs Prometheus at scale
- How we built an open-source SEO tool using Workers, D1, and Queues
- Cloudflare's network expansion in Indonesia
Hello, everyone, and welcome to This Week in Net. It's the March 10th, 2023 edition, and our security week full of announcements is coming up, so we'll have a teaser at the end about it.
I'm João Tomé, based in Lisbon, and with me I have, as usual, our CTO, John Graham-Cumming.
Hello, John, how are you? Hello, I'm fine, thank you.
How are you? I'm good, too. It's been like two weeks since we did This Week in Net.
I know, I got a cold. I got a cold last week, and I was feeling kind of bleh.
It happens. It happens to all of us. It's still winter here in Lisbon, so it's happening.
Honestly, I was promised better weather in Lisbon than this. I want my money back.
Disappointed, disappointed. It's coming, it's coming, the good weather.
It's coming, you promise? I promise. I'm going to go see Marcelo and ask him about the weather.
I was promised more days of sunshine. President of Portugal, Marcelo, was at our Cloudflare booth that we had here in Lisbon a few days ago, last week, actually.
That was a moment. I will share a photo of that. You should do that.
It's worth saying, the event we were at is called Sinfo, and it's a student recruiting event held at a very well-known university here in Portugal called Técnico, where everybody calls it Técnico.
I gave a little speech about what Cloudflare does, and then Celso Martinho on the team did a workshop on building stuff using Cloudflare.
It was a good event. It was. Let's dig right into it. We had, actually, last week, a bunch of Rust -related blog posts.
Why not start there? It's not every week that we have more than one Rust-related blog post, so that's always interesting.
Actually, let's start with why Rust is important for us, really, as a coding language.
Yes, the language. Well, if you dial back to 2017, so six years ago, in February of that year, we had this awful security bug that got known as Cloudbleed.
And one of the reasons that Cloudbleed happened was that we were using what are called memory unsafe languages.
In particular, we were using C, and a memory problem in C caused us to leak memory, which caused the Cloudbleed thing.
And after that, we did a whole bunch of stuff to prevent that from happening again.
One of the things was a drive towards using memory safe languages, i.e. languages in which it is impossible to do the sorts of things that happened in the C code that caused Cloudbleed.
And so, one of those languages is Rust. Rust has a very specific way handling memory, which means that it's not garbage collected, but it makes sure that memory accesses are safe.
And so, Rust became a language that we were keen on using.
It also is a language which is in some ways closely tied to Wasm, and Wasm WebAssembly underlies our developer platform workers.
And so, the fact that Rust compiles so easily to Wasm means that that becomes kind of interesting, and you can actually run Rust Wasm code.
And so, the third thing is that the number of developers in Cloudflare are interested in using Rust and were highly motivated to use it.
So, it was memory safe, good stuff with Wasm, people were highly motivated, and the performance is very, very good with Rust.
And we obviously want very low latency through our systems.
And so, Rust has grown like rust on us, basically.
It's made us go all rusty. So, we have a lot of things that are written in Rust now.
And this week, we put out a number of blog posts about things that are written in Rust that people perhaps hadn't heard of.
This particular blog post you brought up is actually rather interesting because it encompasses Rust and Wasm.
So, Cloudflare runs this DNS resolver, public DNS resolver 184.108.40.206, which has been around now for about five years.
And originally, we started out using a thing called NotResolver.
And this thing has grown enormous, right?
You're talking about trillions of DNS requests going through this thing.
And so, over time, like any system, once you get to know what functionality you need, you start to want to build things yourselves.
And, you know, 220.127.116.11 fits in the whole Cloudflare architecture, something called the super cloud, where we have stuff running all over the world.
And Not was using Lua, which we're quite familiar with because it was part of Nginx and OpenResty when we were using that.
And we used that, and we were able to customize it through Lua modules.
But over time, a lot of things became difficult. Lua isn't that popular language, unfortunately.
So, you know, people have to get up to speed on it and learn about it.
There are issues, you know, with performance, there's issues with memory.
There's all sorts of things that made us say we need to own our own destiny here.
And we've done this in the past, right? We did this with our own authoritative DNS server, which we wrote rrdns, which is used for the authoritative DNS that is out there.
And we wrote this thing, which is called Big Pineapple. And I actually have forgotten to ask the team why it's called Big Pineapple.
But anyway, Big Pineapple.
It's a good name. It's a very good name. Yeah. It's a very interesting name, but I don't know why.
I'm curious now. I'll have to learn. But Big Pineapple is written in Rust and becomes the DNS resolver, which is everyone is using for 18.104.22.168.
And in addition, and this is where it gets kind of kind of interesting.
When you scroll down in this blog, you'll see WASM rears its head now.
The reason is you want to have some customization. So you want to be able to, you know, do modifications and add and dynamically add and remove functionality from these things.
And especially when you're operating off scale, it's very useful to do that.
So here it is. It has this plugin functionality.
Now, originally we used Lua, but now actually we're using WASM. So within this program, there's actually WASM running.
And so you can actually send a WASM program in here and it can run within a sandboxed environment inside this other program.
And we distribute those using Quicksilver, which is our very fast key value store, global key value store, which allows us to push stuff out.
So this is a great example of, you know, Rust and WASM together for one of the largest, you know, DNS resolver things in the world.
Right. So which is what we're running. So that was one of the Rusty future things that we talked about.
Exactly. And for those who don't know, 1.1.1, our public, our DNS resolver that has millions of users.
So millions of people are using it for privacy, safety online.
So yeah, this impacts a lot of users there, which is interesting.
Yeah. I mean, to give you give you an idea of scale, we do about 25 million DNS queries per second.
So just over 2 billion per day.
And, you know, that's all running through code that we wrote, be it our DNS, which is our authoritative or 22.214.171.124, which is our public resolver.
So it's, you know, this code is running really at scale across and globally as well.
And why there's advantages in writing your own code more specifically?
Well, I mean, one thing you can do is you can take an existing project and modify it.
And we've done that over the years. I mean, for example, before we wrote Quicksilver, which is this, you know, way of distributing configuration and data around our entire network, we used to use a thing called Kyoto Tycoon.
And that worked out pretty well for us for a long time.
And it used a thing called Kyoto Cabinet, which just all the data.
But over time, you start to add functionality to it.
And for example, in the case of the Kyoto Tycoon world, we added TLS connections to it.
And then we started to get issues of scale, right? So what happens is maybe it works great at some particular number of key values stored in it, but at some point it doesn't scale so well.
And in particular, we ran into a problem of systems getting out of sync on the network.
And actually how long it would take one system to catch up with another one.
So one option is, well, can I modify the existing thing I have?
And that's often a really good option if you can, because you haven't got to write everything from scratch and always writing from scratch is hard work.
But at some point, you end up forked away maybe from the original project, or you end up with so much customization that you're kind of working around the architecture of the piece of software that you built this thing on.
And so at some point, and we saw this way back actually with our DNS. So originally we were using PDNS, PowerDNS, which was fantastic.
But at some point you've got enough modifications and things you're doing that you're like, that'd be really better if we had a different architecture, maybe for IO performance, or maybe something to do with memory.
There's many reasons why you might want to do that.
And so what Cloudflare has always done is kind of like gone as far as we can with an existing open source project.
And until we've seen a point where it's like, we're now hamstrung perhaps by performance characteristics or architecture of that project, it makes sense to write something new.
I mean, for example, in the case of RRDNS, people often ask us if we could open source it, which we could.
The problem is RRDNS is so bound to Cloudflare's own architecture and Cloudflare's own business logic, you'd have to extract most of it for it to be interesting to anybody else.
Otherwise, it's like very specifically tied in. So, you know, it's these things you have to sort of make a decision on how hard is it for us to make real progress.
And, you know, in the case of 126.96.36.199, we knew that we'd really push the not lower combination as far as we could.
And as we're scaling, as we also want to optimize the performance, it just becomes a good idea to write something new.
Exactly. There's other Rust-related blog posts. Do you want to go over any of the others or...?
We've got some more, right? Bring up some more. So, I mean, Oxy.
So, the post by Ivan about Oxy is also another really interesting thing.
So, a lot of what Cloudflare does is around parsing traffic, web traffic, and other sorts of traffic from clients to servers, right?
And doing something to that connection.
It might be like caching in the case of the CDN, or in the case of the WAF, it might be blocking a request because we've, you know, seen it as something malicious in that.
Or it might be from the Zero Trust Gateway, it might be blocking access to a domain that the organization doesn't want to be there.
Or in the case of iCloud Private Relay about jumping between hops that provide privacy.
All of those things have in common that they are proxies. They do something on behalf of the client.
So, you come to Cloudflare, you say, hey, I need to get this webpage, for example, or I need to go send this SSH connection somewhere.
And we, in the middle, we'll take that, maybe we're inspecting it for DDoS or WAF or something like that, and then pass it on.
So, this idea of proxying is really, really important.
When Cloudflare started, we used Nginx, which is a well-known web server and also can be a proxy to do this.
And over time, we have needed more and more and more sophisticated proxies.
And so, the cache team built a thing called Pingora, which is a proxy that gets from the backend of Cloudflare to our customers' servers.
And another team built this thing called Oxy. And Oxy is actually almost a framework for building proxies.
And what I think is perhaps the thing that's perhaps most fascinating to me is it is a proxy that allows it to dynamically operate at different layers of the OSI stack.
So, it might be proxying an IP, a stream of IP traffic, because we might be handling that for somebody, but there might be necessity to look at the TCP layer or UDP if it's in there, or go up to the HTTP layer.
So, it can actually operate at different levels of the stack, which gives you an enormous amount of power to handle different types of traffic in the same framework.
And so, the team built this thing called Oxy, and it's in Rust.
There are a sequence of different blog posts coming out. So, two have come out already, I believe.
So, this one, which really tells you about the overall architecture and the motivation and why we did it.
And then there are specific things about how we dealt with particular problems.
But Oxy is a foundation for a very large amount of what Cloudflare does.
Actually, between Oxy and Pingora, an enormous amount of what Cloudflare does is being actually handled in Rust.
So, you think the DNS is happening in Rust, or at least the resolver is.
A lot of the proxying is happening in Rust as well. The Edge Rules engine is in Rust.
There's a bunch of stuff. So, this one is going to turn out to be the first of, I don't know, five blog posts.
So, if you're interested in Rust, well worth looking at.
Yeah. And it explains here, I like this explanation in terms of flexibility, scalable solutions, and the power of Rust being that basis to make things safe and fast.
I didn't know that. So, it's always good to learn about these types of projects.
Yeah. Yeah. I mean, there's a ton of stuff there. Yeah. We also had different types of blog posts related to Prometheus.
Well, Prometheus. Okay.
So, this is a really interesting one, Prometheus, right? So, if you're running a thing like Cloudflare, I mean, how the hell do you know what it's doing?
And you have to monitor it, right?
And we've used Prometheus for a very, very long time, which is a great thing for looking at time series of data, like what's health and performance over time.
But the thing is, we now have almost 5 billion time series in Prometheus that we're measuring all sorts of stuff.
You imagine all the health of our systems and traffic flowing through us and what's happening and interfaces over there.
Almost a thousand instances of- For those who don't know, what is Prometheus?
It's a piece of software where you measure the performance and health of some system over time.
So, you can imagine, an example in your home might be, is my Internet connection working?
Something tests every minute, does my Internet connection work?
And then it puts a time series into Prometheus and you can get a nice little graph.
Yeah, it was working fine. Or maybe I measure the bandwidth.
Oh, the bandwidth is in this kind of line. And we use it for all sorts of measurement of our systems.
There's actually an example in here where we imagine a car going along and somebody's drinking hot drinks or cool drinks while they're driving.
Gives an example of how many times did they drink a drink during the journey?
And so, what sort of drink was it? And Prometheus is great because you can just throw stuff in there.
But actually, when you operate the scale we're operating at, you get what's called a cardinality explosion.
If you start to put in too many different variants, in the example here, it's like there's coffee and tea and there's hot and there's cold, right?
And there's four variants.
You get this incredible explosion in the number of time series you're dealing with.
And so, this talks about how we handle that and talks about some of the patches we made to Prometheus to make it operate at our scale.
Yeah. Makes sense.
It's a good one also. A technical one too. We had a bunch of technical ones here in the past two weeks.
Yeah. Let's just talk about the Python one because we've done Rust.
We've just done a bit of Prometheus there. And then there's one about testing.
So, this post about keeping the Cloudflare API all green by Ellie is really interesting because one of the things we want to do is if we really...
Cloudflare is based on an API. Everything is being done in Cloudflare's API.
And if we want to make sure that that API is running correctly, we need to have tests and we need to run those tests in a realistic environment.
And so, actually, the team built this thing called Scout, which allows them to automatically test our APIs in an environment that's production-like so that we can be sure that when we go to production with an API change, we haven't broken anything.
And many people depend on an API, its results being correct, its results being unchanging.
And if we break something, then we have to be very, very, very careful about it.
So, Scout is actually a nice piece of work done in Python to make sure that we can absolutely test our API before we put it out to production use.
Another technical one, a different language and a different purpose.
So, it's doing a different thing, in this case, related to the API. It's always interesting to see that different languages give you different possibilities in terms of what to build, right?
Well, sure. I mean, like here in Lisbon, we've got a lot of people actually working with Python because of all the data science stuff we're doing for Cloudflare Radar.
That's true. So, we see a lot of Python here and here you see it for testing.
So, I think within Cloudflare, you have a lot of different languages being used for different purposes.
Makes sense. Also, a blog post related to the new Zero Trust navigation that's coming soon.
And in a sense, we were trying to get feedback from people to make it better.
Yeah, yeah. So, if you're a Zero Trust customer, then you would have noticed probably that the Zero Trust dashboard looks a little bit different from the main dashboard of Cloudflare or the traditional dashboard.
And there's work being done to unify those experiences.
And this blog post teases some changes we're doing to make sure that things are really integrated really, really well together.
And also, it's asking for feedback.
So, if you are a Zero Trust customer, we would love to know about the usability because I think one thing that Cloudflare really cares about is that it's a truly integrated experience.
I mean, there are companies, competitors of Cloudflare that have grown by acquisition.
So, what they do is they buy a bunch of companies.
They tell a great marketing story about, we have all these services, but behind the scenes, those services are not really heavily integrated.
And what you end up with is what I think of as like Frankenstein's monster type companies where they've sewn together a bunch of bits.
They tell you it's alive and it's kind of moving around, but the UI experience isn't good.
And in fact, the overall experience isn't good because stuff isn't integrated.
So, we've always really, really focused on deep integration if we bought something or on something, if it's something new.
And the Zero Trust thing was a little bit odd because the dashboard looked a bit different than the rest of it.
And we're now correcting that because we really want to stay on this single pane of glass, everything is available everywhere model because I think it's a promise we made to our customers.
And in a sense, it's like consistency. Different dashboards are similar to others.
So, you'll feel accustomed to the Zero Trust dashboard if you know about Koffler.
Absolutely. And there's a short survey that people can give us their input.
If you're a Zero Trust customer, we would love to hear from you.
And that's also always a good thing to have feedback from customers. We have a few more blog posts.
One about the Women's Day, International Women's Day. Actually, at the end of this segment, we'll have Andy and Angela giving us some inputs there.
That's great. But also, one related to Koffler Workers, in this case. Yeah, can we talk about this one?
It's one of those interesting uses of Koffler Workers. So, what we're writing about is we send emails to our customers.
So, if you ask to reset your password, we have to email you the link to click on, right?
How do we do that?
We use what are called ESPs, email service providers. So, we use external companies to actually do the email sending.
The reason we do that is they're the ones who maintain the reputation of their service.
And so, the email gets delivered.
Because if you send email, you don't have a good reputation. It goes in the spam box.
And we can't have a, your password needs to be changed, or some other critical email was sending you, go and spam.
So, we send through ESPs. But what if an ESP has an outage?
And we can't send email, and some things are super critical.
For example, if it's a one-time password login email, that needs to arrive in five minutes, right?
There's usually a timeout on that. Sometimes less. Sometimes less, right?
It should arrive as quickly as possible. And so, critical emails really matter to us.
And so, what the team did was they built this very simple thing in Koffler Workers, which allows them to move traffic from one ESP to another by putting an API in front of it.
Because most of these things use an HTTP API. And then, well, okay, send an email, and it will make a decision about which ESP it goes to.
And they just set there as a configuration parameter, where they can adjust the percentage that goes to different ESPs.
But it's not necessarily a one or a zero thing, because you actually want to keep email flowing through both of them.
First of all, to build your own reputation of sending email. But also, it allows you to flip to one or zero if there's a problem.
And it's really nice, actually.
And so, the code is really simple. And if you look at the example of how it works in here, and they've actually used this in the real world.
And I think right down at the bottom, there's a thing where they say, an actual example of how fast they flipped over between things.
Oh, there's an outage here represented in terms of ESP.
Yeah, it was a real thing. So, it was basically five minutes. And that included humans making a decision.
And they have this lovely graph here, where the load on one email provider went down to zero, the other one ramped up as we switched over.
And what was nice about this is, this isn't an example of something which is deep computer science, or AI, or any magical stuff like this.
But this is incredibly valuable and so easy to do in Cloudflare Workers.
The code is so simple.
And so, I think this is one of those great, lovely examples of there's so much you can do on a thing like Cloudflare, you can deploy something like this.
It's not costing you anything when you're not using it, or it's very inexpensive.
And when it needs to be used, bam, just go make it happen. Yeah, and there's that example of simple code, and the help that it's giving, which is also interesting.
We also have, actually from today, a blog post, still not published.
Sneak preview! Yeah, we can give a sneak preview.
Although, when this will be out... Yeah, by the time this is out, it's no longer a sneak preview.
So, you have to go back in time, and it's a sneak preview.
So, it's all about deploying firmware at a global scale, which is the Cloudflare scale.
Yeah, one of the things about anything at scale is that when you scale something up, things that are relatively simple actually become a real pain.
So, for example, we have 285 cities where we have our hardware, and we can upgrade the software on those machines that we built that Quicksilver, we built, we use Salt, as we've written about in the past, for configuration.
We're able to upgrade the software stack that's on there. But sometimes you need to upgrade the firmware on those machines, or some subset of machines.
And so, there's a whole world of, okay, so how do I upgrade thousands and thousands and thousands of machines at the firmware level?
And what Chris has written about here is how we do that, which he gives you an idea of how we update.
Because we have to update the BMC, we have NICs, we have other cards in there, like all sorts of stuff that needs to be updated.
So, he gives an actual idea of how we do that on our fleet.
So, coming soon, by the time you see this, we will see how we do those updates of the BIOS, and et cetera, on the machines.
And this has once turned out to be really important, and we're going to bring it back to Cloudbleed, that after Cloudbleed, one of the things we wanted to do was get down to zero segfaults, zero crashes of our software per day on our network, because crashing often happens if there's a memory problem.
So, it was a way of saying, look, if we eliminate all these problems, there's no crashes happening.
And we really drove that down, and there were still some crashes.
And there's a really great blog post by David Rag about the search for those last few crashes, which turned out to be a problem in the microcode of a particular set of Intel processors.
It was literally a CPU fault, and we actually had to update the microcode.
Again, something, you know, when you suddenly are at scale, you suddenly discover all sorts of interesting things.
And there's a very interesting effect, which is that as you get a large number of machines, the long tail of problems becomes interesting, become interesting things to find in them.
And that was one of them.
I really found interesting also that Chris does explain that you should update the firmware of your laptop, of your desktop, of your IoT device.
And in this case, it's like the larger scale of doing that typical every user should do type of thing, which is always interesting.
Yeah. And we have to do this for security reasons, for performance reasons, for stability reasons.
At our scale, it's necessary. Exactly. We also have a blog post that I invite everyone to see about the White House's National Cybersecurity Strategy, asking the private sector to step up to the fight of cyberattacks.
And Zaid, Zaid from our team explains how Koffler is ready in this matter.
Yeah, I mean, this is really worth reading.
I mean, actually, the National Cybersecurity Strategy is worth reading because although it's written by the US government, I mean, it's very applicable, cyberspace is everywhere, to the rest of the world in terms of how do you protect yourselves against cyber threats.
And this lays out a strategy for dealing with it.
There's a lot of interesting stuff in here, not just around like critical infrastructure, which is power and hospitals, all this kind of stuff, but also around the general use of the Internet.
So my sense is that you should at least read our blog post, which will give you sort of a taste of it, but it's well worth reading the actual National Cybersecurity Strategy.
True, and I think this is a good segment for what's coming.
We have Security Week next week, one of Koffler's innovation weeks.
We already had CIO Week back in January, and now Security Week is coming up.
What can we say to everyone about Security Week? There's a lot of blog posts.
I think there's 41 at this point. So eight a day, basically.
So a lot of stuff. I think perhaps the big theme of next week is gonna be machine learning.
Cloudflare is using a tremendous amount of machine learning across our systems, and we have a bunch of announcements.
So we use it for bot management, detecting whether a human is a human or not.
We use it in turnstile, which is our capture replacement to figure out whether we think you're likely to be a bot or not.
We use it in our WAF to detect unknown threats. We use it in Eurotrust to find lookalike domains, to find domain generation algorithms, to find DNS tunneling.
We're using it in support in order to figure out what replies people need and get the right data to our support clients.
I mean, I think the really big thing that's happened is the machine learning is everywhere in Cloudflare now.
And realistically, a few years ago, it was primarily the bot management side of the things that was doing it.
Now, it's across the team. And the reason is that if this network is so large, we have so many signals about what's happening on the Internet.
We can use that data collectively to protect our clients, to provide better performance, et cetera, because we can use it to spot new things, spot new patterns, and train on that data, train on those signals to really build, I think, probably one of the most exciting machine learning things.
I know it's not chat GPT, and you can't chat to it, but we're in there able to figure out what is anomalous on the Internet.
And I think that's hugely powerful. True. And so I think what I found fascinating is that that impacts and is present in different products, our Zero Trust suite, Cloudflare 1 in general.
So it's embedded. A lot of improvements are embedded in those products that companies are using, people are using, really.
And we're also having this important thing in mind, which is security is...
Most governments are launching warnings, adding security strategies, like we saw recently with the White House, but also in the UK, in Germany, all sorts of countries.
So that area is building up. And I think we have a good approach there in terms of what we're doing.
Also in the email area, phishing, an old tactic, but still pretty much present and increasing, which is alarming.
I mean, the phishing side, we use machine learning too, right? Detecting the domains, and also if we're looking at the websites themselves, bringing out what is phishing and what is not.
And you spoke about chat GPT. Chat GPT tools, type of tools, can help hackers being more convincing in terms of phishing emails and all that.
So sophistication is coming. Yeah, yeah. It's definitely, I mean, those tools are definitely helping the attackers and the defenders.
So that's our time. And let's invite everyone to see what we have in place for the next week about Security Week.
Yeah. And you and I can get together next Friday and talk about all those announcements.
It'll be a bumper selection. Yeah, exactly. Thank you so much, John.
And that's a wrap. Cheers. Cheers. Before we go, we're trying out this concept where we invite our colleagues here at Kolfler to give some suggestions.
And in this case, we have Andy Goodwin and Angela Huang that wrote a blog post this week about the International Women's Day.
They also have a few suggestions.
Let's hear them out. Hi, I'm Andy. I'm based in Austin and I'm on Cloudflare's public policy team.
This week, Angela and I co -wrote a blog post for International Women's Day with information on the importance of prioritizing equity.
Check it out if you want to see what we have planned this month from Womenflare, one of our employee resource groups.
My Cloudflare fun fact is that in my free time, I like to brew kombucha with flavors like strawberry rhubarb and raspberry passion fruit.
I like scouring grocery stores to find fruits I've never tried for future flavors.
The best book I read recently was The Perfectionist's Guide to Losing Control.
I appreciated the argument that being a recovering perfectionist shouldn't be the goal and also information about different types of perfectionism and how they manifest.
Hi, I'm Angela and I'm on Cloudflare's customer success team.
I'm currently based in Sydney. However, this is still relatively new since I just transferred here from San Francisco about six months ago.
As Andy mentioned, she and I co-wrote a blog post that was published this week on behalf of Womenflare.
And for me, the importance of that blog post is really calling out equity versus equality.
I think everybody's very familiar with the idea of equality.
However, not everybody starts from the same place and so equality may not be enough.
So we're starting to think about this concept of embracing equity on our path to achieving equality.
A few things about me. If I had to choose a blog post that is my favorite, I'd have to say I'm partial to the one that Andy and I just published this week.
As far as habits that I'm starting to build, I watch videos now at 1.5x speed.
It was something that a co-worker of mine recommended and to be honest, when it comes to informational or educational videos, I do find that at that speed, I am paying closer attention and hopefully that means I'm also ingesting more of the information.
My Cloudflare fun fact that I shared almost five years ago when I first joined was that as a foodie, the craziest thing I've ever eaten was a grilled scorpion, two in fact.
Now, while it really wasn't as bad as I thought it was going to be, it's not something that I would choose to do again and I don't know that I would recommend it to anyone else either.