We recently developed a new public CDN/WAF engine in Rust,
replacing our old private Lua CDN/WAF, and we are looking for people to have a try!
A bit of backstory, we were using Fastly Enterprise,
but we were not happy with the performance and the pricing.
Nor did we find it easy to integrate with our existing infrastructure,
specifically Enhance control panel as a whole.
So we decided to build our own CDN/WAF engine in Rust,
with a focus on performance and ease of integration with Enhance control panel.
In terms of what we have built out in version 1, we have:
CDN Engine:
1. A highly performant caching engine built in Rust.
1.1 10x faster than our Lua caching engine.
1.2 10x more rules allowed per domain.
1.3 Full page caching with in-memory cache.
1.4 Compiled rules to memory for instant lookup.
2. Incredibly customisable caching rules with domain-specific rules.
2.1 Bypass/cache with 10 operators and 12 fields.
2.2 UI configurable priority system.
WAF Engine:
1. A highly performant WAF engine built in Rust.
1.1 8x faster than our Lua WAF engine.
1.2 10x more rules allowed per domain.
1.3 Compiled rules to memory for instant lookup.
2. Incredibly customisable WAF rules with domain-specific rules.
2.1 Block/Allow/Edge Rate Limit with 25 fields and 10 operators.
2.2 Managed IP lists with bot_ips, proxy_ips, hosting_ips.
2.3 OWASP CRS with response body scanning and paranoia level.
2.4 UI configurable priority system.
Analytics Engine:
1. A highly performant analytics engine built in Rust.
1.1 100x faster than our Lua analytics engine.
1.2 Per-domain feeds and pre-aggregated metrics.
1.8 Geo enrichment with 0 TTFB impact.
General:
1. Free unlimited Let's Encrypt SSL certificates.
1. 500+ PoPs globally with edge nodes in every major city.
2. DdoS protection with advanced analytics.
Some performance metrics over our last 10 days of data:
- Average response time: 19ms (Lua: up to 40ms)
- 95th percentile response time: 30ms (Lua: up to 60ms)
- Error rate: 0.01% (Lua: up to 0.1%)
- Cache hit rate: 99.9% (Lua: up to 99.5%)
- OWASP CRS Scanning: 9x faster than Lua.
Benchmarks so far:
1. Can handle 10k concurrent connections easily
1.1 With 100ms latency, 10k concurrent connections is 70% CPU usage.
What can you expect to see, experience and get annoyed with?
1. Continues changes to the platform as we continue to iterate and improve.
2. Some changes to the API as we continue to iterate and improve.
3. Some changes to the dashboard as we continue to iterate and improve.
4. Some changes to the documentation as we continue to iterate and improve.
5. Downtime from changes as we continue to iterate and improve.
6. UI bugs, system bugs 0_o.
Some things coming soon:
1. Image optimisation and font optimisation with font and image proxy.
2. Brotli and ZTSD compression to origin and to edge.
3. and more: https://sparkcdn.featurebase.app/dashboard/roadmap
If you want to have your say on what we add, change or improve:
https://sparkcdn.featurebase.app/
This is not production ready, but we are looking for people to join early and give us some feedback!
People from Enhance later on will be able to get a discount on the pricing 🙂
If you are interested, please join our Discord server: https://discord.gg/F7eYXrjg
Thanks!
Images:
(We're not affiliated with Enhance.com)
Thanks to Adam, and Aliysa for their time!
