Cloudflare has made its container platform publicly available in preview, allowing developers to deploy almost any kind of Linux-based containerized application as well as lightweight Worker applications, and with scale-to-zero pricing, though with initial limitations including the specification of the container and the extent to which it can auto-scale upwards.
Cloudflare containers are based on its Durable Objects service, which combine a Worker (serverless application) with persistent storage for the container image. Since Cloudflare’s primary business is its CDN (content delivery network), both Workers and Durable Objects come with automatic global low-latency, though this is imperfect if only one container is running and subsequent requests come from different regions, as it is started in a location close to the first request. There is an option for autoscaling, where additional instances are started if CPU usage exceed 75 percent of capacity.
Currently there are three types of container instance, dev with 256 MB RAM and 1/16th vCPU, basic with 1 GB plus a quarter of a vCPU, and standard with 4 GB and half of a vCPU. Containers scale to zero, that is, there is no charge when they are not running. Pricing is usage-based and like many cloud services, hard to predict exactly as there are separate changes for vCPU, RAM, Disk, requests and egress (amount of data served). Cloudflare operates what it calls a Workers standard plan with a minimum monthly charge of $5.00, which in the case of containers would include up to 25 GB hours of RAM, 375 vCPU minutes and 200 GB hours of disk, after which charges are pay as you go.
Observability is built into the platform with the ability to track status and resource usage in the Cloudflare dashboard and logs.
Cloudflare claims that its container prices are similar (but a little below) Google’s Cloud Run service, but much less than AWS Lambda, based in part on its own experience when Baselime, an observability platform, was acquired by Cloudflare and moved its hosting from AWS, including use of Lambda, reducing cost by over 80 percent. One reason is that AWS Lambda starts a new instance of the execution environment for every request whereas Cloudflare and Cloud Run containers can handle multiple requests; by default Cloud Run supports up to 80 concurrent requests. AWS has other options for running containers, including App Runner and Fargate, both of which do support concurrent requests for a single container instance so one should be cautious about Cloudflare’s figures.
There are limitations to the new service. Scale is limited to 40 GB RAM and 40 vCPU and the company promises to increase this, as it says it is already doing for “select customers.” Improved autoscaling and latency-aware routing is also promised. Deeper integration between containers and Workers is planned, with the ability to set up handlers in Workers for HTTP requests from containers. There are also plans to improve integration with other Cloudflare services including R2 storage, KV (key-value) data and more.
We tried running a demo container on a Mac, the main requirements being Node.js 20 or higher and the docker CLI (command line interface) and daemon running. Developers need to become familiar with Wrangler, which is the Cloudflare CLI. The code for a project includes both Worker TypeScript code to manage the container, and the container itself. We successfully ran the demo container, which runs a Go application, locally. According to the documentation, the only limitation on containers is that they must run on the linux/amd64 architecture. Deployment to Cloudflare can be done using Wrangler.
There are several points to note in the documentation. One is that all container disks are ephemeral. If a container sleeps and restarts it will have a fresh disk. Apparently persistent disks are being explored by the team but “not slated for the near future.”
Another issue is cold starts, which “can often be in the 2-3 second range,” the docs state. This is slow enough to impact user experience. It is possible to keep container instances running indefinitely, but Cloudflare may restart the host server at any time, in which case the container is sent a SIGTERM signal warning of the shutdown, followed by a SIGKILL signal after 15 minutes if it has not shut itself down gracefully. Out of memory conditions will also restart the container.
Cold starts may be an issue, but this is an important new service from Cloudflare which will be suitable for anything from small experiments to high-scale applications, once initial scaling limits have been lifted.