What malicious actor is causing the problem @Avi?
What malicious actor is causing the problem @Avi?
Athis is apparently deprecated? to be clear the issue is the frequency of sending of traffic. i'm looking for a ratelimit, not to block a particular actor indefiniteyl
Ait's a videogame, so people who are looking to cheat
MThanks. Yes. The new API appears to be: https://developers.cloudflare.com/ruleset-engine/rulesets-api/create/
We are using the legacy API in production at the moment. Idea is to make API call to CF to dynamicaly manage firewall rules to prevent connection from happening in the first place.
We are using the legacy API in production at the moment. Idea is to make API call to CF to dynamicaly manage firewall rules to prevent connection from happening in the first place.
Aright, i wouldn't want to prevent the connection entirely
Ajust to say, limit the number of messages being sent to X per Y amount of time
MRateLimit?
Ayes
MThere is a new built-in rate limiter here: https://developers.cloudflare.com/workers/runtime-apis/bindings/rate-limit/
We have custom RateLimit durable object here which has configurable locking settings
We have custom RateLimit durable object here which has configurable locking settings
Aooo that's cool, hadn't seen this before. although i doubt it would work for websocket messages
Myou can make a new DurableObject instance that acts a rate limiter, its very easy
Mand use custom business logic from your app
Ai don't follow. you're saying create a second DurableObject?
Msomething like:
IWhen sharding a durable object, if one instance sets an alarm, is it guaranteed that the same instance will be invoked by the alarm?
AYou can configure that timeout to be longer, i forget the exact numbers, maybe 5 or 10 min? If you have jobs that need even more than that, then DOs alone aren't the right thing you might want to look into Containers, that's currently the only way to run long jobs in CF
LYou fire and forget to offload it to another DO whose only purpose is to send fetch requests, await responses, and send them back to the originating DO. The trick is to pass in the id of the original DO so this RequestProxy DO knows who to dial up again once it gets the response. Under load, this DO never hibernates but it's only one DO not all of your others.
I'm in the process of open sourcing a lot of pieces of our stack right now. The first drop is going to be a testing module that works great with WebSockets and simulates browser behavior (cookies, origin, etc.). After that, I may port our RequestProxy DO to the open source project. I'll come back here once it's published. Any day now for the testing, rpc, and utils modules. Just in the final steps of documentation editing.
I'm in the process of open sourcing a lot of pieces of our stack right now. The first drop is going to be a testing module that works great with WebSockets and simulates browser behavior (cookies, origin, etc.). After that, I may port our RequestProxy DO to the open source project. I'll come back here once it's published. Any day now for the testing, rpc, and utils modules. Just in the final steps of documentation editing.
1Would this work:
DO A is acting as a WebSocket client, not using hibernation. DO B connects to DO A via WebSocket, DO A acts as the server and DO B as the client. Will DO B be able to hibernate, while A stays pinned to memory? In my scenario I'm already using DO A as a WS server for a different service but I want to direct data from A to B and using WS feels the best way to do it if B will hibernate
DO A is acting as a WebSocket client, not using hibernation. DO B connects to DO A via WebSocket, DO A acts as the server and DO B as the client. Will DO B be able to hibernate, while A stays pinned to memory? In my scenario I'm already using DO A as a WS server for a different service but I want to direct data from A to B and using WS feels the best way to do it if B will hibernate
BDO websocket connections as clients can't hibernate, only as servers at the moment.
1So in this instance I'd be better off having DO B act as the server yeah?
LFor DO to DO, wouldn't RPC be a better choice?
1Yeah it would be, mostly looking to reduce request costs
LI haven't done any of this myself but I believe that RPC has the concept of a "session". I don't think you pay for requests during a "session". I also believe that sessions timeout though so I'm guessing you have to sense when that happens and create a new session.
1The session you talk about would be related to stubs and RpcTarget right? I don't like having to think about whether a new stub needs to be made and stuff. Currently, DO to DO RPC requires at least 2 requests per RPC call. If I use websockets, I make one request to connect, then I can send 20 messages for the price of 1
LFair enough. I still use fetch between DOs. Someday I'll start playing with RPC, RpcTarget, etc.
Phm?
VDid workers release a new version yesterday? My service got more errors than last full week.
LCurrently, DO to DO RPC requires at least 2 requests per RPC callWhat do you mean 2 requests per RPC call? There should only be one round trip for a normal RPC call.
1Sorry I was including the call to the Worker as well
BI'm seeing some weird behavior 
happening in my Durable Objects "Live" logs. I'm seeing requests for an unrelated worker, that is a worker in a different project? It's a project that gets a lot of traffic compared to others, so I'm note sure if it is showing the traffic for all my workers or not. But there is a problem!
happening in my Durable Objects "Live" logs. I'm seeing requests for an unrelated worker, that is a worker in a different project? It's a project that gets a lot of traffic compared to others, so I'm note sure if it is showing the traffic for all my workers or not. But there is a problem!
AHas anyone else seen issues with ios 26 websockets and connecting to durable objects? I encountered this issue with one of my users. I think it might be an Apple issue, but I have only seen it once so far. They were using private relay
Apple forum thread: https://discussions.apple.com/thread/256142477?sortBy=rank
Apple forum thread: https://discussions.apple.com/thread/256142477?sortBy=rank
LI'm a little confused about how PITR works. The API says
Assuming it returns a promise, how can I guarantee the bookmark I get is accurate?
getCurrentBookmark() and getBookmarkForTime() return a Promise<string>, but the example right below it shows it being used without a promise:Assuming it returns a promise, how can I guarantee the bookmark I get is accurate?
GI can't help but read it as pain in the rear
LLooking up the workerd codebase, I found this:
But it is hard to tell what "concurrent writes that haven't happened yet" means. Is it saying after the callback returns, the bookmark will be accurate?
But it is hard to tell what "concurrent writes that haven't happened yet" means. Is it saying after the callback returns, the bookmark will be accurate?
HI wonder if each Durable Object will come with its own R2 binding too in the future
LConfigures the Durable Object so that the next time it restarts, it should restore its storage to exactly match what the storage contained at the given bookmark. After calling this, the application should typically invoke ctx.abort() to restart the Durable Object, thus completing the point-in-time recovery.
As the docs say,
onNextSessionRestoreBookmark works on the next restart, so you need to kill the DO for the restore to happen.As mentioned multiple times, I suggest you always
awaitIf I want to do a "fire and forget" on a DO method, is there any functional difference between:
ctx.waitUntil(doSomething())
and- setting an alarm in, say 100ms, return, then let the DO
doSomething()as a result of the alarm
?
LThanks. Just to be clear, you are saying by awaiting the bookmark in the example below, and then restoring the database to that bookmark, the transaction that happened after is guaranteed to be absent from the restored version?
LIf you await, then the comment is wrong, since nothing will happen until the promise to get the bookmark resolves.
Any write happening after you got your bookmark is not included in the version pointed by that bookmark.
Any write happening after you got your bookmark is not included in the version pointed by that bookmark.
EWhen binding to a DO in another worker while using enviroments using { "environment": "staging", "script_name": "api", ... } does not work
error: Cannot create binding for class in script 'api' that does not exist. [code: 10061]
The following binding does work: { "script_name": "api-staging", ... }
Which is expected - but why can't I use the environment property alternatively? What else is its use?
error: Cannot create binding for class in script 'api' that does not exist. [code: 10061]
The following binding does work: { "script_name": "api-staging", ... }
Which is expected - but why can't I use the environment property alternatively? What else is its use?
AThe docs say that DurableObject KV storage is Synchronous: https://developers.cloudflare.com/durable-objects/api/sqlite-storage-api/#synchronous-kv-api
However, the generated typescript types show that
Is this a bug or am I missing something?
However, the generated typescript types show that
ctx.storage.get() returns a Promise.Is this a bug or am I missing something?
IThat's for the SQLite KV API, are you looking at the types for the original KV storage in DOs perhaps?
1ctx.storage.kv.get() is the sync API (in SQLite DOs)1ctx.storage.get() is the old async API
AAh thank you, missed that
.kv
Sdid this happen? 
LYour worker names are different for each environment right? If you remove the
Environments are not a semantic thing all things understand, I personally see it mostly as a wrangler thing to group your configuration, but then the resources are identified by their own IDs/names.
environmentscript_name with the correct worker name does it work? The error says there isn't any worker with the name apiapi-staging.Environments are not a semantic thing all things understand, I personally see it mostly as a wrangler thing to group your configuration, but then the resources are identified by their own IDs/names.
ESince wrangler automatically suffixes the env name to the worker name it does make sense. What doesn't make sense to me is that the DO binding configuration has an environment property:
https://developers.cloudflare.com/workers/wrangler/configuration/#durable-objects
What does it do?
https://developers.cloudflare.com/workers/wrangler/configuration/#durable-objects
What does it do?
Cloudflare Docs
Use a configuration file to customize the development and deployment setup for your Worker project and other Developer Platform products.
LNot sure, but my guess would be it's from the deprecated "service environments" thing that was tried out a few years ago.
CIs this GA? My Durable Objects dashboard looks like it still uses the previous design