> simply expose containers to the world directly - without having to go via workers.
I run workers and containers and am curious what you mean. Do you have specific use cases in mind outside of the worker invocation model? If so, I'm curious what you'd want to run on Cloudflare. Otherwise, workers don't have to be much of a "lockin" if treated as a thin layer, more like configuration.
> You have other amazing parts of the stack anyway (D1, durable objects, a great object store).
Instead, if you mean accessing these resources from containers, it's a bit clunky [0] but it's there - you should be able to access worker bindings from containers through those outbound handlers.
I think you have it the other way around? D1, DO, KV are lockin. The worker is not lockin as it's just JavaScript/WASM and can run in a regular browser.
I know no one is writing copy anymore but i wish they tried to edit it a bit so it wasn’t so glaringly obvious. It just sours the product when it seems like so little effort was put into the message. And it’s not even hard - just change the prompt used!
Would love to know more about how Cloudflare plans to prevent abuse of ephemeral infrastructure to host malicious content. From elsewhere in their documentation, “Cloudflare limits how quickly you can create temporary preview accounts. If the Wrangler CLI cannot create an account because too many temporary preview accounts were requested too quickly, wait before retrying or authenticate the CLI with a permanent Cloudflare account,” and “Cloudflare applies additional abuse prevention checks to temporary preview accounts.”[1] This is a bit vague though. Creating a new account has never been a huge hurdle to overcome but this seems to reduce the barrier to entry even more.
Correct me if I'm wrong, but does Cloudflare still not have a "Create Account" button on the account listing page? I think you still have to sign up from scratch doing plus-code email tricks, then invite your original email address as an admin, juggling multiple accounts. They should consider fixing that first.
Cloudflare: let's give the bots their own accounts so they can scrape harder.
Also Cloudflare: let's send normal humans who are trying to go about their daily lives into endless Turnstile spinner loops with absolutely zero recourse, grievance, or support infrastructure.
I'm sure they don't want humans to have that experience - the issue is that the human behavior looks very bot-like. This is usually only experienced by people whose setup is peculiar
Just had 10 rounds of busses, motorcycles and fire hydrants with Google before I decided I don't actually want to see that page so much. So Cloudflare is unfortunately not the only offender here.
There's a certain type of Recaptcha challenge (the 4x4 single-photo one) that I have a 100% failure rate on. If Google decide to serve me 15 of those in a row, I will invariably fail 15 times until they decide to serve one of the other types for round 16. I'm very close to believing that that challenge is actually bugged and unsolvable for everyone, and simply nobody ever bothered to fix it.
Nah, I think this is Google's way of pushing against those who value privacy. Firefox? With uBO? No cookies? Not fetching Google fonts? Must be a bot for sure. /s
If all bots are subject to a rate limit, then the system works as designed. Especially if site operators can block bot accounts. Requiring accounts is one of the easiest solutions for that problem. One of the large issues with scrapers is that they pretend to be normal internet visitors that never visited your site before, because any bot that stored cookies would immediately be rate limited by basic config.
Turnstile isn't something Cloudflare put up to annoy you. It's what the website owners decided to put up, for many different reasons.
In the same vein, Anubis has a default configuration that lets honest scrapers and crawlers through, because those can easily be rejected by basic web server configurations. Only scrapers pretending to be browsers need to solve the proof-of-work puzzle. You can disable that feature, of course.
Cloudflare may play this smart: force bots to pay for access, then take 30% of the cut and give the rest to the website owners. That way, websites get paid when the AI slop machine digests their content. Normal visitors get in for free, turn the scraper hellscape into a sustainable model. Bonus points for letting websites set their own rates (pre-declared to scrapers, of course) to dissuade all but the most interested scrapers.
> Any agent can now run wrangler deploy --temporary and deploy a Worker to Cloudflare. This temporary deployment stays live for 60 minutes, during which time you can claim the temporary account, making it permanently your own. If you don't, it expires on its own.
Forget about agents, Cloudflare just provided free scratch deployments - ephemeral for 60 minutes - for anyone.
This is going to be amazing for things like PR previews and code review. Being able to deploy a preview to a working URL for free is a huge reduction in friction.
I hope it doesn't get abused so much that they turn it off again.
Obnoxious reply but I did this myself so I'm compelled to post it: review apps aren't that hard to implement yourself. You just need a VPS, domain name, and Caddy. Then tell any agent to connect the dots.
> This is going to be amazing for things like PR previews and code review. Being able to deploy a preview to a working URL for free is a huge reduction in friction.
Lets keep in mind this is cloudflare workers runtime - it only makes sense to deploy small things there, maybe static sites. Unless the agent creates something for cf workers from scratch, asking it to „now deploy to cloudflare” will fail so bad.
This would only work if they would provision docker image deployment, similar to google cloud run, but the still, everything serveless has its own caveats…
Looks like Cloudflare still haven't shipped the most valuable possible feature for Cloudflare Workers though: hard billing caps.
I want to set a cap of $100/month and know, for sure, that if something untoward happens my apps will all stop serving traffic rather than me getting hit with a bill for $1000s.
This falls Within my predictions of how the AI playing field is become more leveled, in terms with human digital activity. Soon it wouldn't be so what you can do with the computer but what the agent can do BETTER. We are already there for the most part. These are the early steps of full re-genitive self hosting, fully capable AI the is far more advanced then asking it to solve a 2 + 2 question.
The article worded it perfectly; friction-less "efforts"
The idea of giving a non deterministic automated process direct deployment control is fucking madness to me. That’s why I don’t get the obsession with MCP. Deployment can be scripted. It doesn’t need an LLM, it is a completely deterministic process and you want it to run identically every single time.
The right model for agentic API usage is having LLMs write scripts that use APIs. Connecting agents to MCPs and telling them to go and do stuff over and over not only wastes money but invites catastrophe.
50 comments
[ 2.6 ms ] story [ 59.0 ms ] thread- simply expose containers to the world directly - without having to go via workers.
- You have other amazing parts of the stack anyway (D1, durable objects, a great object store). These aren't considered "lockin".
- workers is "lockin" - not similar enough to lambda/cloud functions and so becomes CF specific.
Not having a simple container based compute piece has made me hesitate in taking up CF. (Fly or firebase won out)
I run workers and containers and am curious what you mean. Do you have specific use cases in mind outside of the worker invocation model? If so, I'm curious what you'd want to run on Cloudflare. Otherwise, workers don't have to be much of a "lockin" if treated as a thin layer, more like configuration.
> You have other amazing parts of the stack anyway (D1, durable objects, a great object store).
Instead, if you mean accessing these resources from containers, it's a bit clunky [0] but it's there - you should be able to access worker bindings from containers through those outbound handlers.
[0] https://developers.cloudflare.com/containers/platform-detail...
This could lead to people having a large amount of separate accounts.
[1] https://developers.cloudflare.com/workers/platform/claim-dep...
Also Cloudflare: let's send normal humans who are trying to go about their daily lives into endless Turnstile spinner loops with absolutely zero recourse, grievance, or support infrastructure.
Turnstiles per minute.
Turnstile isn't something Cloudflare put up to annoy you. It's what the website owners decided to put up, for many different reasons.
In the same vein, Anubis has a default configuration that lets honest scrapers and crawlers through, because those can easily be rejected by basic web server configurations. Only scrapers pretending to be browsers need to solve the proof-of-work puzzle. You can disable that feature, of course.
Cloudflare may play this smart: force bots to pay for access, then take 30% of the cut and give the rest to the website owners. That way, websites get paid when the AI slop machine digests their content. Normal visitors get in for free, turn the scraper hellscape into a sustainable model. Bonus points for letting websites set their own rates (pre-declared to scrapers, of course) to dissuade all but the most interested scrapers.
https://snail-game.solstice-barometer.workers.dev/
pretty cool.
> Any agent can now run wrangler deploy --temporary and deploy a Worker to Cloudflare. This temporary deployment stays live for 60 minutes, during which time you can claim the temporary account, making it permanently your own. If you don't, it expires on its own.
Forget about agents, Cloudflare just provided free scratch deployments - ephemeral for 60 minutes - for anyone.
This is going to be amazing for things like PR previews and code review. Being able to deploy a preview to a working URL for free is a huge reduction in friction.
I hope it doesn't get abused so much that they turn it off again.
The limits are 100 workers on free and 500 on paid.
And if need more then you can always go their platform which supports tenancy.
As long as you have a cronjob or similar to clean up the cost of having per PR preview is pretty much zero.
Uh that's already true?
This would only work if they would provision docker image deployment, similar to google cloud run, but the still, everything serveless has its own caveats…
I want to set a cap of $100/month and know, for sure, that if something untoward happens my apps will all stop serving traffic rather than me getting hit with a bill for $1000s.
The safest way to use Workers is on the free tier, which will shut off after 100,000 requests/day: https://developers.cloudflare.com/workers/platform/pricing/#...
The article worded it perfectly; friction-less "efforts"
The right model for agentic API usage is having LLMs write scripts that use APIs. Connecting agents to MCPs and telling them to go and do stuff over and over not only wastes money but invites catastrophe.