Cloudflare Recently Abandoned NGINX and Moved to Pingora. Why?
Before we get into the technical details of proxy and reverse proxy, let’s understand what Cloudflare does and the kind of customers they serve.
What is Cloudflare?
Cloudflare is a server network that improves internet-connected applications’ security and performance.
Think of Cloudflare as a system that acts as an intermediary between client and server. This system acts as a reverse proxy.
Cloudflare also serves as a CDN (Content Delivery Network) which means caching web resources (static content) to enhance the performance and speed of the web application.
What is Reverse Proxy?
We know that one of the ways a client communicates to a server is through a URL, something that looks like www.myserver.com. The actual server location, though, is accessed through an IP address that looks like 127.0.0.1.
This process of converting a URL to its appropriate IP address is called DNS lookup.
Without a system like Cloudflare or Nginx, when a client tries to reach out to www.myserver.com, the corresponding server’s IP address will be returned.
By using a system like Cloudflare or Nginx that acts as a middleman between the client and the server, the DNS lookup will return the IP address of the middleman, not the actual server’s IP.
Why is that important?
The server’s IP need not be exposed to the public, adding security to the server.
Security threats are identified and handled by the Cloudflare system.
As Cloudflare also acts as a CDN system, it helps boost the web application’s performance.
So a Reverse Proxy is a proxy server that sits in front of the application servers.
What’s NGINX?
Released in October 2004, NGINX is an open-source web server that acts as a reverse proxy.
NGINX follows an event-driven architecture.
Instead of handling each web request using a single thread, NGINX follows a worker process. Each worker process takes similar threads using smaller worker units called worker connections. These worker units handle concurrent requests.
This architecture helps NGINX process thousands of requests in no time.
Whats Pingora?
Cloudflare has internally used NGINX in their proxy stack for a long time, but recently they moved to the in-house solution Pingora.
NGINX is written in C, whereas Pingora is written in memory-safe and modern Rust language.
Pingora adopts a multithreading approach instead of a multi-process approach that NGINX follows.
Why Cloudflare moved to Pingora?
Cloudflare found limitations with the NGINX worker process architecture.
One of the ways Cloudflare speeds up the connection between the proxy server to the origin server is by reusing as many established TCP connections as possible.
With NGINX, a single web request is processed by a single worker, which means requests that have landed on a particular worker can only reuse connections available to that worker. This affects the performance of the Proxy server and requires more connections and resources to be maintained by Cloudflare, which also spikes the bills.
This was one of the reasons that Pingora moved from a multiprocess model to a multithreaded model so they could share resources like connection pools.
Cloudflare claims Pingora to be faster and more efficient than NGINX by only using one-third of memory and CPU resources.
Do you need to abandon NGINX in your project?
Cloudflare has been using NGINX for a long time now.
Consider the fact that Cloudflare serves over 1 trillion requests every day, and that’s the point when they decided to address the performance challenges posed by NGINX.
You may have to check for yourself if your applications have outgrown the services NGINX provides; if not, you may have no reason to worry for now.