HackerTrans
TopNewTrendsCommentsPastAskShowJobs

kentonv

19,603 karmajoined 15 ปีที่แล้ว
Tech lead for Cloudflare Workers: workers.dev

Also created: capnproto.org, sandstorm.io, lanparty.house

Submissions

Sandboxing AI agents, 100x faster

blog.cloudflare.com
52 points·by kentonv·4 เดือนที่ผ่านมา·13 comments

comments

kentonv
·5 วันที่ผ่านมา·discuss
I wasn't personally involved in pricing here so I can't really say exactly why it is the way it is.

However, I'd note that, in terms of our costs, it's often cheaper for us to run your Worker than to serve from cache. Consider that Workers run locally in whatever edge location the request landed in. We are not saving any bandwidth costs by putting the cache in front of Workers rather than behind, and we've built an architecture such that running a Worker is extremely cheap, almost free.

In that light, making cache hits free would basically be giving away money. To be honest, that is another reason why implementing cache in front of Workers has been held back so long. I think the team finally decided that the only way we can deliver it without giving away too much money is to charge full price for the requests. Workers pricing is already incredibly generous, and we do need to run a business at the end of the day.

(Of course, a cache hit still saves you the CPU pricing. CPU time pricing more directly translates to costs for us, so that makes sense.)

I admit the side effect on static assets is a little weird. But no other provider offers unlimited free static asset serving to start with -- so it's only weird relative to our own unreasonable standards. :) I think the thought here is that if you need caching in front of Workers, that implies you are doing complex work in Workers and getting a lot of value out of them. So a bit of "price segmentation" kicks in here. That said, you can work around it by serving static assets from another hostname, etc.
kentonv
·5 วันที่ผ่านมา·discuss
Realizing there's a more fundamental piece I'm not explaining well here.

Our architecture is something like:

ingress -> routing -> security -> workers -> cache -> origin

That is, workers run "in front of" cache. That's usually what you want. Workers run on the edge, so putting them in front of cache doesn't cost anything in terms of latency, and there's a lot of useful stuff you can do only if they run in front, e.g. serving pages from cache but customizing them for specific users.

Putting workers behind cache is an architectural change. All of the logic around routing to them lives in front of the cache. And it makes Workers a lot less useful.

We weren't that excited about it until we had a clearer story for how to run custom logic on both sides of the cache, but it was pretty unclear how to do that in a nice way until the recent developments around ctx.props, ctx.exports, channel tokens, etc.
kentonv
·5 วันที่ผ่านมา·discuss
The honest answer is:

We implemented the "standard" Cache API back in the early days because it was a standard, one which was intended to be used together with the Service Workers API, which we were also building around back then.

But it was never a good fit. The get/put API was designed for a local browser cache, not a distributed cache like Cloudflare's. We probably should have realized this before implementing it, but it really became obvious over the years of actual use.

But given we had something that mostly worked for most use cases, it was hard to prioritize redoing it against all the other things on our plate. So we deferred.

More recently, architectural changes we've been making in Workers for other reasons happened to make it significantly easier to finally implement this the way we wanted, and we were able to find some engineering time to get it over the line.

Gory details for the curious: We've been improving the infrastructure around the notion of workers having multiple "entrypoints", with the ability to parameterize those entrypoints. ctx.props[0] and ctx.exports[1] are part of this. A lot of this was motivated by Dynamic Workers sandboxing, but the concept also presents a clean way to inject a cache between two parts of the same worker, by applying it to the entrypoint and having the worker call itself using ctx.exports.

Moreover, the introduction of "channel tokens" made a big difference[2][3]. Essentially I created a way to encode a token (bytes) representing an arbitrary entrypoint to a Worker, complete with its serialized parameters. I did this to enable these entrypoint stubs to be passed over RPC, which is again useful for sandboxing use cases, but it also created a convenient, encapsulated way to pass information through our cache infrastructure about what worker should run at the other end.

It's not a huge breakthrough or anything, but I think it made the architecture clearer in everyone's mind to the point that we got excited about using it to implement caching properly, finally.

[0] https://developers.cloudflare.com/workers/runtime-apis/conte...

[1] https://developers.cloudflare.com/workers/runtime-apis/conte...

[2] https://github.com/cloudflare/workerd/blob/main/src/workerd/...

[3] https://github.com/cloudflare/workerd/blob/main/src/workerd/...
kentonv
·5 วันที่ผ่านมา·discuss
You are saying $1.5B of AI spend would not have shown up in either of these numbers?

Please do tell us how that works, I'm sure it's fascinating and would love to know more.
kentonv
·5 วันที่ผ่านมา·discuss
Would you be happier if I said "non-GAAP profitable"?
kentonv
·5 วันที่ผ่านมา·discuss
> (partially driven by the fact that the company was bleeding money also because of its token costs from one estimate being 500 million$ per month, don't quote me on that though)

Cloudflare had 5000 employees (pre-layoff), so you are suggesting that every single one of them (eng, HR, legal, finance, receptionists) was using $100k tokens per month (that's $1.2M annualized, per employee), for a total of 3x gross revenue going to AI spend.

Let's imagine that this isn't absurd on its face. If true, then you'd expect Cloudflare's Q1 earnings to show a massive, massive net loss. In fact Cloudflare was cash flow positive in Q1.

The rest of your post is more qualitative, so harder to disprove, but from what I can tell, it seems equally made up.

(I work at Cloudflare.)
kentonv
·6 วันที่ผ่านมา·discuss
This is really cool!

Quick suggestion: When not tracking a train, the mouse wheel should zoom into / out from where the cursor is pointing, rather than the center of the window.
kentonv
·16 วันที่ผ่านมา·discuss
Oh no... KV is not a distributed database and is really not intended as a database alternative at all. It's more meant for distributing bits of config globally. Cost aside, writes are way too slow for database-ish use and "eventually consistent" isn't what you want for state that is changing often. Durable Objects (SQLite) or Hyperdrive (edge caching in front of a normal postgres/mysql database) are what you want, and will probably be a lot cheaper. Sorry for the confusion.
kentonv
·21 วันที่ผ่านมา·discuss
Part of the point of Workers is they run everywhere, not on a specific machines where they've been "deployed". We generally run a Worker in the colo where we received the HTTP request triggering it.

There is a feature called "smart placement" which, when enabled, tells us to detect if a Worker commonly makes multiple round trips to a particular backend and, if so, try to run the Worker close to that back-end, instead of close to the user. This helps with D1. But even if you have the Worker running in the same colo or even same machine as the D1 database, you're still speaking a network protocol to talk to it, serializing and deserializing data, switch contexts, etc. Directly invoking SQLite locally will still be orders of magnitude faster.

Also with Durable Objects you can have many objects, e.g. one object per user or one object per document, spread around the world. It's a distributed systems building block. Many of the things you can build on it can't really be "smart" auto-detected.
kentonv
·21 วันที่ผ่านมา·discuss
I'll let you in on a sort of dirty secret:

It's almost always better to use Durable Objects storage, rather than D1. Even if you only want a single global database, it's better to implement that as a singleton Durable Object, than by using D1. Because that's all D1 itself actually is: a singleton Durable Object that exposes an API to its SQLite database. It's just a wrapper.

With raw Durable Objects, you get to bring your code to run on the same machine as the database itself. Your queries run on a local file, synchronously, rather than going over a network. There is essentially zero latency when using sqlite storage in a Durable Object.

If your app does no more than one DB query per request, then D1 is fine: the Worker runs near the end user, and talks over the long-haul network to D1 just once. Whereas with Durable Objects, your Worker would talk over the long-haul network to the Durable Object. No difference.

But if your app ever does two or more queries in series for a single request, then Durable Objects becomes vastly better, because you get to move that query-chaining code to happen directly where the database lives, rather than have multiple round trips.

Really, though, the only reason D1 exists is for comfort. Once you know how to use Durable Objects, there's no reason to use D1. We offer D1 because a lot of people don't want to learn a new model. (Which is fair. People are busy and may have better things to do.)

One caveat: D1's read replica support still isn't exposed in a way that you can use it in raw Durable Objects, so if you are using that, it's a legitimate advantage to D1. But we do plan to bring this functionality to raw Durable Objects at some point.
kentonv
·21 วันที่ผ่านมา·discuss
> it only makes sense to deploy small things there

What makes you say that?
kentonv
·เดือนที่แล้ว·discuss
Yes, the Cloudflare Workers Runtime is open source: https://github.com/cloudflare/workerd

You can definitely run workerd in production on your own machines and some people do.

The biggest catch is that workerd's implementation of Durable Objects currently doesn't work across multiple machines, but I'm working on fixing that: https://github.com/cloudflare/workerd/pull/6780
kentonv
·2 เดือนที่ผ่านมา·discuss
> bcryptjs reaches for crypto.randomBytes and a few other Node primitives that aren't polyfilled in Workers.

crypto.randomBytes is definitely in Workers' node compat layer. Is it possible you didn't enabled the node_compat flag?

https://developers.cloudflare.com/workers/runtime-apis/nodej...

I guess maybe it's time we turned this on by default...
kentonv
·2 เดือนที่ผ่านมา·discuss
I don't care what the attack is responding to, nor do I care what services are being provided.

If, when I visit your site, your site causes my browser to participate in a DDoS attack without my knowledge, your site is malicious.
kentonv
·2 เดือนที่ผ่านมา·discuss
archive.is is malicious -- as in, uses your browser to launch DDoS attacks, and other things.

Stop using it.

https://arstechnica.com/tech-policy/2026/02/wikipedia-bans-a...
kentonv
·2 เดือนที่ผ่านมา·discuss
Claude does not use the web search tool unless it thinks there's a good reason to. If you nudge it to search, it will, and then it'll tell you all about OpenClaw. You can easily go try this yourself -- I just did. It works fine.

> I gave it a direct link to openclaw.ai and the chat instantly ended and hit my 5hr usage limit.

Again, go to claude.ai yourself and try it. It works fine. It happily tells you about OpenClaw.

Whatever happened to jrflo must have been a coincidence. It frankly doesn't make any sense for Anthropic to be trying to block this.
kentonv
·2 เดือนที่ผ่านมา·discuss
Come on, folks. This is not a conspiracy.

LLMs have a knowledge cutoff date. Opus 4.7's documented cutoff date is in January. Older Claude models are earlier than that.

OpenClaw didn't have the name OpenClaw until January 30th. So indeed, even the latest Claude model does not know what OpenClaw is, unless you have it do a web search. If you have it search, it'll happily tell you all about it.
kentonv
·2 เดือนที่ผ่านมา·discuss
> Not that you would know that the way our genius CTO talks about it...

Honestly I find it bizarre that there are people at Cloudflare who have this attitude. Without Dane, the company wouldn't be half the size it is today.
kentonv
·2 เดือนที่ผ่านมา·discuss
None of the three major Cloudflare outages in the past six months had anything to do with LLMs. They were regular old human mistakes.

We did, however, determine that at least one of them (and perhaps all) would have been easily caught by AI code reviewers, had AI code reviewers been in use. So now we mandate that. And honestly, I love it, the AI reviewer spots all sorts of things that humans would probably miss.

(We also fixed a number of problems around configuration that would roll out globally too fast, leaving no time to notice errors and stop a bad rollout, as well as cases where services being down actually made it hard to revert the change... should be in a much better place now. But again, none of that had to do with LLMs.)
kentonv
·3 เดือนที่ผ่านมา·discuss
> about 68 degrees Fahrenheit (20 degrees Celsius)

Pet peeve: When the original source had only one significant figure ("20 degrees", probably the scientist rounded to the nearest 10 because it's approximate), but the reporter translates it to another unit with more ("68 degrees", makes it sound more exact).

This shows up all over the place. Temperatures quoted in Fahrenheit always seem more exact, just because naturally whatever science they originate from was inevitably done in Celsius and then someone else converted the number without understanding significant figures.

68°F in particular shows up all over the place (like, it's the recommended thermostat setting in the winter to save energy), and it sounds like it's some sort of exact thing, but usually "about 70°F" would be a more accurate representation of the original source.

Also we say that human body temperature is 98.6°F, and a fever is 100.4°F or higher. Wow those numbers are so exact! Four significant figures on the second one! But actually these just map to 37°C and 38°C. Americans are constantly unsure if 99.0°F counts as a fever but the rest of the world probably understands 37.2°C is not...