Skip to main content
The /dsalathe/blog
Exploring ideas, sharing knowledge
Hidden Peaks Unlocked!
Looks like you found the hidden peaks! Future posts are now visible.
Peaks Hidden Again
The future posts are hidden once more. You know how to find them again.

Cloudflare

Bet

Web infrastructure, CDN, and edge computing platform

DevSecOps |

Metrics

Learning UX Potential Impact Ecosystem Market Standard Maintainability
Learning UX
4/5
Potential
4/5
Impact
5/5
Ecosystem
4/5
Market Standard
2/5
Maintainability
3/5

What is it

Cloudflare is a web infrastructure and security company that provides CDN services, DDoS mitigation, DNS, and edge computing. They’ve expanded beyond CDN into a full-stack platform offering serverless computing (Cloudflare Workers), zero-trust networking, object storage (R2), and edge databases (D1). This blog actually runs on Cloudflare Workers, not Pages—more on that below.

My Opinion

Cloudflare is what happens when you actually care about developer experience. AWS has a dozen different services that do what Cloudflare Workers does, each with its own pricing model and configuration hell. Cloudflare gives you one product that works, with simple pricing and a management console that doesn’t make you want to cry.

The Network Advantage

Cloudflare’s biggest asset is its network. They operate data centers in over 300 cities worldwide, which means your content is served from wherever your users are. The CDN is fast, the DDoS protection is automatic, and the DNS is resilient. You don’t have to configure regions or edge locations—Cloudflare handles it.

Compare this to setting up CloudFront on AWS: region selection, origin configuration, cache behaviors, SSL certificates, WAF rules. On Cloudflare, you point your DNS and you’re done.

The Workers Revolution

Cloudflare Workers changed the game. Serverless functions at the edge, running in V8 isolates, with cold starts measured in milliseconds. Compare this to AWS Lambda, where cold starts can take seconds. The difference is user-perceivable.

Workers are deployed globally and executed closest to the user. For latency-sensitive applications, this architecture is unbeatable.

The Developer Experience

This is where Cloudflare shines. The dashboard is intuitive, the CLI (Wrangler) is well-designed, and the pricing is predictable. No surprise bills, no complex IAM policies, no multi-region configuration. You configure once, it works everywhere.

The analytics are also excellent—and GDPR-compliant without cookie banners. No Google Analytics scripts slowing down your pages.

The “Not a Hyperscaler” Problem

Cloudflare is not AWS, GCP, or Azure. They don’t offer the same breadth of services. If you need managed Kubernetes, GPU instances, or machine learning platforms, you’ll still need a hyperscaler. Cloudflare complements, it doesn’t replace.

The “Lock-in” Reality

While Cloudflare’s pricing is transparent, they’ve expanded into so many areas that you can become dependent. Workers, KV store, D1 database, R2 storage, Pages, Tunnels—they’ve built an entire platform. Migrating off Cloudflare means re-architecting your edge strategy.

For this blog, I use Workers for hosting, R2 for static assets, and Tunnels for connecting to my Keycloak server. The lock-in is real, but the simplicity is worth it.

Conclusion

Cloudflare is a strong choice for edge computing, CDN, and DDoS protection. The network and developer experience are excellent. However, there’s a significant transition happening: Cloudflare is merging Pages and Workers into a unified platform, strongly encouraging developers to start new projects on Workers instead of Pages.

This transition to the workerd environment isn’t fully stable yet. I attempted to have only the root page SSR-generated with caching to minimize compute time. The free tier offers 10ms of CPU time per invocation, while the paid tier ($5/month) provides 5 minutes per request. Looking at my telemetry for a not-so-complex root page, CPU time varies wildly between 1ms and 450ms, with P50 at 70ms. This massive variance makes it impossible to reliably stay under free tier limits.

What makes this worse: the first requests all worked fine, but subsequent reloads consistently failed. Whether this is a soft limit behavior or something else remains unclear. The point is that on the free tier, you’re fighting an invisible wall with unpredictable compute costs. If I were on the paid tier, this would likely be a non-issue. But their push to make Workers the default while the free tier remains this constrained—and the platform this unpredictable—makes it hard to recommend unconditionally.

Just understand that you’ll likely need a hyperscaler for services Cloudflare doesn’t provide. See my post on migrating to Cloudflare for a real-world implementation.

Share this article
Back to all concepts