Cloudflare’s FL2: A Rust-Powered Leap Forward in Edge computing
Cloudflare’s commitment too speed, reliability, and security at internet scale has driven a significant architectural overhaul with the launch of FL2, its next-generation edge platform. Replacing the previous FL1 system, built on Nginx and LuaJIT, FL2 is a ground-up rewrite in Rust, leveraging Cloudflare’s internal Oxy proxy framework.This wasn’t simply a code translation; it was a strategic decision to fundamentally improve performance, security, and developer velocity.
The move to Rust wasn’t taken lightly. Recognizing the burden of maintaining dual codebases during a lengthy migration, Cloudflare adopted a phased approach. they created a compatibility layer within FL1,allowing teams to progressively implement new functionality in Rust and seamlessly replace existing Lua logic. This minimized disruption and allowed over 100 engineers to contribute to FL2 without halting feature development.Rigorous testing and a robust fallback mechanism to FL1 ensured a smooth transition as customer traffic was gradually shifted to the new platform starting in early 2025.
The benefits of this architectural shift are substantial. FL2’s single codebase, written in a performance-focused language, eliminates the overhead of constant data conversion between languages that plagued FL1. Where FL1 juggled C (Nginx), LuaJIT, and even some Rust modules, FL2 streamlines operations, resulting in a dramatic reduction in resource consumption – using less than half the CPU and memory of its predecessor.This efficiency translates directly into tangible improvements for Cloudflare’s customers, with websites responding, on average, 10ms faster – a 25% performance boost.
Beyond speed, FL2 represents a significant step forward in security. Rust’s inherent memory safety and strong type system proactively prevent entire classes of bugs that were common in the LuaJIT-based FL1. Coupled with FL2’s strict modular architecture and enforced contracts between components, this creates a more robust and reliable system, increasing confidence in every code change. While acknowledging that no system is infallible, Cloudflare anticipates a significant reduction in crashes, allowing their teams to focus on investigating the rare instances of hardware-related issues.
Cloudflare is currently completing the migration from FL1, with plans to fully decommission the older system in early 2026. With the foundation now firmly in place – a modular, Rust-based, and thoroughly tested platform – the company is poised to accelerate innovation and deliver even more value to its customers. The future of Cloudflare’s edge network is built on a solid foundation, ready for continued optimization and expansion.
