[kentonv]

It's actually somewhat different. AWS Lambda is intended to act as your origin server. Generally your Lambda functions run in a small number of locations, not necessarily close to users.

Cloudflare Workers will run in all of Cloudflare's 117 (and growing) locations. The idea is that you'd put code in a worker if you need the code to run close to the user. You might want that to improve page load speed, or to reduce bandwidth costs (don't have to pay for the long haul), or because you want to augment Cloudflare's feature set, or a number of other reasons. But, generally, you would not host your whole service on this. (Well, you could, but it's not the intent.)

We haven't nailed down pricing yet, but we've worked hard to create the most efficient possible design so that we can make pricing attractive.

[mtrimpe]

Can I use this together with CloudFlare streaming to open up stream ingestion based on some HMAC signed parameters?

To give regular end-user the rights to e.g. 'record one video of up to X seconds and Y mbps under ID "some-uuid"'

I've been waiting for a proper Content Ingestion Network for ages by now... if the CloudFlare video team ever wants to talk to someone who hand-rolled their own single-node version of this I'd be more than willing to share my experiences.

[kentonv]

That's a really interesting idea!

[mtrimpe]

If you added this with RTMP+WebRTC ingestion support all of these [1] companies would probably jump on the opportunity... and dozens more would start up in that space ;-)

[1] http://interviewingsoftware.com/

[smoll]

So, more like https://aws.amazon.com/lambda/edge/ ?

[kentonv]

That is correct. However, the design is very different. Lambda@Edge is, from what I can tell, based on running a full Node.js process in a process-level sandbox for each customer, whereas we are embedding V8 directly.

[tolmasky]

What are you embedding v8 into exactly? What happens if I figure out a buffer overflow in v8? What do I break out into? Is it solely process isolation? Is it in a container? A VM?

[kentonv]

> What are you embedding v8 into exactly?

C++ code.

Yeah, I know...

> What happens if I figure out a buffer overflow in v8?

You report it to Google for $15,000. ;)

More seriously, though, this is something we've spent a huge amount of effort worrying about. There are many layers of sandboxing and mitigation, including an incredibly tight seccomp filter, namespaces, cgroups, ASLR, architectural changes to keep sensitive secrets away from risky processes, etc. But we still worry and will continue to add more safeguards.

[michaelt]

  We haven't nailed down pricing yet

One of the things I like about AWS is the price doesn't jump from $0/year directly to $240/year the way cloudflare does.

[bogomipz]

Indeed, this would be the second product announcement from Cloudflare in 3 days that didn't have any pricing available.

[tyingq]

On the other hand, there's no surprise uncapped charges when something unexpected happens.

[ddorian43]

How do you store scripts in each edge ? Since in 1 of 117 datacenters, you'll need all scripts from all customers ready to go/execute.

[kentonv]

Same as any other site setting, all of which need to be pushed to every location. We have existing infrastructure for this that propagates changes everywhere within a couple seconds.