In the interests of transparent disclosure on such a positive blog post, It might be worth calling out that all the links on the page are all linked to the Bunny Affiliate Program. [1]
Sorry, I realize I overdid it on the affiliate links so I've called out the link and removed some others. Just thought it was nice that they had an affiliate program. Nothing shady intended!
freedomben 1 days ago [-]
Thanks, just something to be mindful of in the future. It unfortunately can discredit your work if not clearly disclosed. Thanks for the post!
stronglikedan 1 days ago [-]
> It unfortunately can discredit your work
In a time where more people usually beg for forgiveness instead of asking for permission, it already has
kay_o 1 days ago [-]
A bit more than discredit, this is almost always against affiliate terms so you don't get payout and often actually illegal for not disclosing compensation.
calmingsolitude 1 days ago [-]
Thanks for the update. The usage of an affiliate link feels quite dishonest here because the hyperlink says bunny.net but then opens up bunny.net/?ref=xxxx
paulddraper 1 days ago [-]
Of course it’s nice.
But that changes things
gruez 1 days ago [-]
Yeah IANAL, but this sort of endorsement with undisclosed remuneration would probably run afoul of FTC guidelines, which is why you see disclaimers like "As an Amazon Associate I earn from qualifying purchases" everywhere. The author seems to live in the UK, but a cursory search suggests there's something similar there as well.
arcza 1 days ago [-]
Maybe the whole world is not in the U.S. What is the FTC? The Royal Air Force Flying Training Command?
ghurtado 1 days ago [-]
> Maybe the whole world is not in the U.S
Not yet. Working on it, though.
gruez 1 days ago [-]
>The author seems to live in the UK, but a cursory search suggests there's something similar there as well.
1 days ago [-]
paulddraper 1 days ago [-]
Federal Trade Commission
An acronym as common as GDPR.
arcza 1 days ago [-]
I'm just making a point the whole world doesn't revolve around America.
k33n 23 hours ago [-]
It kinda does though
philipallstar 1 days ago [-]
There will also be obnoxious farts who say "the world doesn't revolve around the EU" every time GDPR is mentioned.
croes 1 days ago [-]
I guess it’s reference to the fact that the blog writer lives in London, so the US meaning of FTC doesn’t matter when a someone in Europe promotes a US service
fp64 1 days ago [-]
Now I'm curious, how is it called in the UK? I tend to use "FTC" as the general term when I want to refer to a trade regulatory body in a country, as in "UK's FTC equivalent". I wasn't aware it is so obscure?
arcza 1 days ago [-]
Probably the UK CMA (Competition and Markets Authority) which regulates competition/antitrust, mergers, national security acquisitions and the like.
Or there is a loosely defined locally-run thing called 'Trading Standards' which is done at the council ("municipality") level.
and for the record I am just being difficult and everyone in tech/mildly well read knows what the (U.S.) FTC is. My point is more that one country's rules don't always matter for the operations of domestic commerce in another amongst their own citizens.
We famously mock our own jusrisprudence - "if Parliament passes a law that it is illegal to smoke on the streets of Paris, then it is illegal to smoke on the streets in Paris", so even when hard legislation exists (4chan/Ofcom shitshow?) it is meaningless.
The only power that matters long term in the universe is sheer force and hard power, and it has always been that way.
zem 1 days ago [-]
the fact that you can't name the UK equivalent offhand should tell you how obscure these regional agency names and acronyms are in general.
tick_tock_tick 1 days ago [-]
It's pretty fair to assume someone on a USA site, run by an American company, that is a major VC firm based in San Francisco, in an article talking about moving away from another USA company that is located all of 2 miles away from ycombinator, and speaking english should be able to put 2 and 2 together when dealing with contextual information.
If they can't they probably should move to an international focused site.
spookie 1 days ago [-]
The author of the article is not from the US, and is talking about a Slovenian alternative to Cloudflare.
Either way, we are on the internet. Pretty international stuff.
infecto 1 days ago [-]
Maybe it technically under some regulation runs afoul. The FTC would never bother themselves with this and I don’t believe it’s in the spirit of the intent.
Kye 1 days ago [-]
They might not enforce it consistently, but they do bother themselves with it enough to have guidelines.
I don't like free offerings, because what if they decide to charge someday? What if someone decides "free is not feasible, we start charging $20 per instance now".
I'd rather have a low fee now, a change from $2 to $3 is more likely and that's fine for me. But from free to not free is risky for me.
I also like smaller, independent-ish ompanies that actually care about developers. That's why I use bunny.net, transistor.fm, Plausible Analytics.
akdev1l 1 days ago [-]
>I don't like free offerings, because what if they decide to charge someday? What if someone decides "free is not feasible, we start charging $20 per instance now".
You can just move to another provider at that point. At least when it comes to CDN and DNS there’s literally no vendor lock-in.
You can grab your dns records export them to csv and import somewhere else easily and a CDN is just a file server so you can just give your files to someone else easily.
oasisbob 1 days ago [-]
> At least when it comes to CDN and DNS there’s literally no vendor lock-in.
ehhhh, really depends on which CDN features you're using, and at what volume. Using ESI? VCL? Signed URLs or auth? Any other custom functionality? Are you depending on your provider's bot management features which are "CONTACT FOR PRICE" with other providers? Does your CDN provider have a special egress deal with your cloud provider?
It's possible to picture this being easy in the same way that being multi-cloud or multi-region is easy.
akdev1l 1 days ago [-]
>Using ESI? VCL? Signed URLs or auth? Any other custom functionality? Are you depending on your provider's bot management features which are "CONTACT FOR PRICE" with other providers?
I have no idea what two of those acronyms mean. None of this is part of what a CDN offers.
Yes if you use DDoS protection, or cloudfare’s ZeroTrust or embrace $X proprietary features then what I said no longer applies.
I strictly said DNS and CDN.
youngtaff 1 days ago [-]
ESI = Edge Side Includes think Server Side Includes on a CDN technology as supported by Akamai and used by sites like Ikea to deliver a fast maintainable experience
VCL = Varnish Configuration Language i.e. how you configure your Fastly services
If you're just using a CDN as a proxy then there's no lock in but plenty of sites are using CDNs for much more than that
glhaynes 1 days ago [-]
Can anyone say why this is being downvoted? Seems like it makes sense to me, but this isn't my area of expertise.
Etheryte 1 days ago [-]
Predictability matters. The whole point of paying someone else to handle a problem for you is that you don't have to worry about it. If you go all in on a provider and then suddenly find out that you've been switched to a paid plan in the middle of your vacation, that's not a place anyone wants to be. Saying there's no lock-in is nice, but that overlooks the fact that there most definitely is friction. What if there's no mass export? No mass import? Or you need to reset 2FA? Or etc, there's a thousand things that can shoot you in the foot, especially if you have a lot of services you need to migrate.
broken-kebab 1 days ago [-]
It's impossible to generalize over free vs paid in regard to predictability. E.g. a provider I paid for simply disappeared once when I was quite busy while my old free gmail still works. Realistically CF's free tier is more predictable than many paid options on market.
Kye 1 days ago [-]
My threat model here focuses on what the provider gets out of the free tier. Cloudflare gets a broad view into activity on the internet for building the models they use for their paid offerings. Free Gmail puts people on a path in to Google's ecosystem with basically zero marginal cost.
akdev1l 1 days ago [-]
>What if there's no mass export? No mass import? Or you need to reset 2FA?
1. For DNS we have standardized AXFR requests which the DNS provider needs to support as they are part of the DNS standard. There is not an option of not having that unless you have a really shitty provider that you should change anyway.
2. Same for Mass Import because again DNS already defines these things at the protocol level.
And resetting 2FA or whatever is just the cost of using any service
Personally I have used CF for ~10 years so I have saved $240 and I simultaneously use GitHub Pages and CF Pages for CDN because again I just need to give them a bunch of static files. Adding a third CDN provider would literally be a single command at the end of my build pipeline.
For personal projects, I'd rather just pay $2/month and not think about it than get hit with a random bill and scramble to migrate before the next month's bill. Bunny is perfect for this use case where you have a handful of projects that aren't all actively maintained. It just works without hand-holding, and since you're paying for the service, there's no rugpull looming.
xur17 1 days ago [-]
Don't you still have to worry about big bills since bunny bills based on usage?
gordonhart 1 days ago [-]
The biggest bill I've gotten from Bunny was like $10 when my app (https://atlasof.space) briefly went viral and got 100k+ views in a month. Bunny CDN is so reasonably priced and the realistic visitor ceiling for my projects is low enough that it's still negligible. The free->paid cliff is typically a lot steeper than this in my experience.
> In order to keep your service online, you are required to keep a positive account credit balance. If your account balance drops low, our system will automatically send multiple warning emails. If despite that, you still fail to recharge your account, the system will automatically suspend your account and all your pull zones. Any data in your storage zones will also be deleted after a few days without a backup. Therefore, always make sure to keep your account in good standing.
You proactively replenish your balance, so in the worst case, you can just let the account go.
osigurdson 1 days ago [-]
I didn't downvote it, but I don't think migrating away from Cloudflare workers, R2, D1, etc., isn't going to be that easy. Basically, the build these things from the ground up to work optimally for their infra - even the mental model that you have to use is different. If you only narrowly use one part of it, maybe.
akdev1l 1 days ago [-]
>Cloudflare workers, R2, D1, etc., isn't going to be that easy.
And how is that related to me? My comment said (and the parent I replied to) mentioned DNS and CDN.
Now we add compute services, data storage, whatever D1 is and the other comment mentioned auth/authz
Are people not aware what CDN and DNS are?
nixosbestos 1 days ago [-]
I used to handwave cloud portability. Turns out when you're shipping things and need extra services and you have deadlines, you build against the platform. I think the GP comment was probably expressing wariness of the free cloudflare tier that entices you to build against their APIs and their product shape in a way that inevitably locks you in. Sure, you could migrate, but that's expensive.
glhaynes 1 days ago [-]
Yeah, good point. For a little hobbyist site of no importance, I'm not too worried about vendor lock-in, but that calculus changes as it gets more important.
nixosbestos 1 days ago [-]
That's the catch though. By time you're scaling, there's tension between roadway and revenue and headcount and it's the worst worst possible time to need to reachitect.
osigurdson 1 days ago [-]
Logically, the only thing CloudFlare would do is lower or eliminate the free usage tier. For instance, if X million operations are currently free, they make X/2 operations free. I don't think they would do that, but if they did, it couldn't possibly be existential to any viable company.
Practically, any metered supplier can put you out of business. It usually doesn't happen because destruction is mutually assured.
+1 for using smaller, more independent companies in any case!
1 days ago [-]
cube00 1 days ago [-]
Except for those cases where CF sales have threatened to kick businesses off the platform unless they join an five or six figure enterprise plan because they've passed some unpublished threshold.
0xy 18 hours ago [-]
Pushing 10TB of data on the free plan is the moral equivalent of taking 100 packets of free ketchup from a restaurant. Both will rightly get you kicked out.
stingraycharles 1 days ago [-]
> I don't like free offerings, because what if they decide to charge someday? What if someone decides "free is not feasible, we start charging $20 per instance now".
> I'd rather have a low fee now, a change from $2 to $3 is more likely and that's fine for me. But from free to not free is risky for me.
With free offerings, you’re always helping the supplier in some way. Then you become the product. Which makes it difficult to understand the value exchange; it’s much easier to do so when you’re just paying a fair sum of money.
broken-kebab 1 days ago [-]
>What if someone decides "free is not feasible, we start charging $20 per instance now".
This logic doesn't hold much water, however. Abrupt changes in pricing or other conditions happen with paid tiers as well
kugelblitz 1 days ago [-]
Yes, but combine that with a small-ish provider, this will also hurt them (e.g. see Google Maps price hike). Either way, if I use a service 20x a month and it costs $15, I can handle a hike to $20, that's fine, somewhat predictable. They also relied on those customers, they can't just get rid of all $15 customers.
But if a free offering suddenly says "We are getting rid of free, only starting $899 a month baseline, because we noticed our free users aren't converting and we only want to support enterprise from now on". Well, then I have to move everything.
Still a big price hike can come, but +20% monthly is easier to stomach than if I can't be sure what will happen to the free offering.
bensyverson 1 days ago [-]
Well said. I use bunny.net for many of the same reasons, and to support diversity of solutions in the internet ecosystem.
SV_BubbleTime 1 days ago [-]
If the rest of the market moved to $20, why would economics of another vendor moving from $2 to $3 at the same time be plausible?
rmoriz 1 days ago [-]
While this will probably happen over time, free* offerings are an anomaly you can‘t build a business on. But even 1€/months minimum is probably too low to cover costs.
66yatman 1 days ago [-]
If you have the money it’s good
TiredOfLife 1 days ago [-]
A change from $2 to $3 is as likely as change from $2 to "call us for quote"
tamimio 23 hours ago [-]
> free is not feasible, we start charging $20 per instance now
Same thing can be applied to low fees services. Look at bitwarden as a recent example, they doubled their prices overnight and hid the announcement in some useless blog post that no one reads, users found out later they are expected to pay doubles in any plan.. why? Because “that low price isn’t feasible we start charging $23 plus tax for premium now”
And the same things you will do to migrate to another when free -> paid you will do when paid_low -> paid_high if the pricing isn’t up to your expectations.
There’s no protection against this, it’s up to the business model change, investors, greed (aka scale up!), you name it, so regardless whether you are paying now or not, always have other options ready for when you need to abandon the ship.
Manchitsanan 1 days ago [-]
I'm currently running a SaaS on Cloudflare Workers + Pages. The developer experience is genuinely good, deploying serverless functions and static sites from the same repo has been seamless.
But I hit a real issue recently: CDN edge caching served stale HTML after a deploy, and the service worker cached the bad response. Took a CDN purge from the dashboard to fix. The debugging experience when things go wrong at the edge is painful, you're always guessing which cache layer is the problem.
That being said, the free tier is hard to beat for getting started. Workers, Pages, KV, R2 — you can run a full production app at near-zero cost until you hit scale. Not sure if Bunny offers that.
ossa-ma 1 days ago [-]
Cloudflare's biggest benefit is the wrangler cli which when paired with claude code means that you can completely handoff setup/debugging/analysis.
Some of you may be skeptical about this but it allows for much easier management when working on multiple SaaS/hobby projects/personal tools.
kordlessagain 1 days ago [-]
I deploy to Google just fine with Claude and have ZERO use for Cloudflare's toxic code.
michaelbuckbee 1 days ago [-]
Bunny has a lot of that (they have a sqlite compatible API, edge functions, but the call it something different, etc.)
That being said, I had enough issues with Bunny and CF debugging across regions that I made this free tool to do both remote HTTP and TCP traceroutes to keep my sanity: https://dnsisbeautiful.com/global-http-availability
Bunny doesn’t have a free tier, but their greatest asset is that it has prepaid billing: there’s zero risk of running up a surprise six figure bill just because of being attacked, making a mistake with a deploy, or other sudden sources of resource usage. I’d rather my site go down than to be on the hook for hundreds of thousands, which many projects have no hope of generating from sudden spikes in traffic of any source.
There’s a cost limit to how much high availability is worth on any project but vendors like CloudFlare don’t respect that.
hak8or 1 days ago [-]
And this is why I am immediately shifting to bunny from cloudflare at this point.
A week ago I (a hobbyist running a small side project for a dollar or two a month in normal usage, so my account is marked as "individual") got hit with a ~$17,000 bill from Google cloud because some combination of key got leaked or my homelab got compromised, and the attacker consumed tens of thousands in gemini usage in only a few hours.
Google denied a rate adjustment, and haven't reached back out to me for a good few days now. My credit card denied the charge because it was over my credit limit by a good few thousand dollars and they suspected fraud, but now I am terrified of being taken to collections and ruining my prospects of renting an apartment due to my credit score/history being ruined, or them just taking me to court.
I am never going to use "use now pay later" services, especially with cloud portals where it's so hard to put in a actual cap, and the cloud provider not having any sane rate limits. I am fine paying if it was negligence or a mistake on my part as a very expensive lesson in security, but 17k is brutal.
The fact they don't have an easy way to hard cap usage (especially for an individual account) and have ineffective rate limits (how on earth is an account that pays a few dollars a month able to run up tens of thousands in just a few hours), makes me never want to use their (or any use now pay later with no easy caps or rate limits) service ever again. Or even a phone number to call.
shimman 1 days ago [-]
If you're in the USA contact your state AG + Senator and present your case. Mention that Google is abusing small owners due to their ineptitude in security practices, construct the argument that makes it appear Google is squeezing small users like a mob boss/cartel.
Also before doing this save anything important that Google owns (gmail, youtube videos, anything in storage). The leaders at Google are vengeful enough to completely lock you out for challenging them.
diarrhea 1 days ago [-]
Just this month Google shipped what I understand as hard limits in AI Studio/Gemini/whatever it's called this week. I had existing billing alerts (best you could do before IIUC), but set these new hard limits up immediately. Feels good!
danielskogly 1 days ago [-]
This is why we purge cache from CI after a deploy[0], and other places when our users publish a story, etc.
That said, the edge-caching being how it is, it's possible to run into some race-conditions where the cache has been purged but not propagated to the edge network, and if visited too soon, the stale version might end up back into the cache.
DB seems like the main shortcoming in the stack for them. I don't want to deal with the limitations of D1. Seems like a serverless postgres setup a la Neon/Supabase would be a slam dunk.
WilcoKruijer 1 days ago [-]
They have Durable Objects which should be enough for most use cases (it’s SQLite with no limitations). Have you tried that?
starwatch 1 days ago [-]
I've used DO's quite a bit. I'm a big fan... however I find the database latency pretty hard to deal with. In the past 6 months I've seen upwards of 30s for little side projects running tiny (100's of kb) databases. Sometimes it's lightning fast... sometimes it's a disaster.
As a consequence I've had to build quite defensively - adopting a PWA approach - heavy caching and background sync. My hope is that latency improves over time because the platform is nice to work with.
1 days ago [-]
jtbaker 1 days ago [-]
Yeah, but then I'm heavily coupled to their proprietary infrastructure. Maybe a good thing for them, but a nonstarter for thinking about building a real business on, for me and many others I'd presume.
jFriedensreich 1 days ago [-]
Cloudflare is not a CDN anymore but the workers edge platform, if you can move to bunny.net, you were not really using cloudflare. I don't understand how none of the alternatives really embrace WinterTC
If i see something horrific like:
import * as BunnySDK from "@bunny.net/edgescript-sdk"
BunnySDK.net.http.serve(async (request: Request) =>
Thats a proprietary lock-in worse than what it tries to replace!
whh 1 days ago [-]
FWIW, Cloudflare's edge platform is pretty proprietary too.
jFriedensreich 1 days ago [-]
The platform yes, but the runtime and the APIs are apache 2.0 licensed and uses web standards wherever possible. Thats way more open than most alternatives i am aware of.
Unless the project is controlled by democratic committee where cloudflare doesn't have a majority of seats it's not open source in any meaningful sense of the word, maybe we should stop acting like corporate sourced software is anything but an attempt to get free labor from the commons.
kentonv 1 days ago [-]
I can assure you that nobody at Cloudflare ever thought that open sourcing workerd would be a way to get "free labor from the commons". On the contrary, we are wary of external contributions. The Workers Runtime is a complicated codebase, and we invest a lot of time into getting new team members up to speed on how to write code correctly. We cannot make such an investment in external contributors who are only there to land one PR. Usually, a one-time contributor trying to do something complicated will waste more of the team's time than they save.
But in practice, we almost never receive major contributions from outside the team. Which is fine. We're happy just to have our team working in the open.
The reasons we open sourced it are:
1. Support a realistic local dev environment (without binary blobs).
2. Provide an off-ramp for customers concerned about lock-in. Yes, really. We have big customers that demand this, and we have had big customers that actually did move off Cloudflare by switching to workerd on their own servers. It makes business sense for us to support this because otherwise we couldn't win those big customers in the first place.
jFriedensreich 7 hours ago [-]
Have you seen the codebase? Please don’t blanket reply like that just because it is a corp. Workerd is one of my favorite piece of engineering and its not comparable at all to openwashing projects that have extreme internal garbage not possible to free from the companies infrastructure. Kenton and others fought hard to make the abstractions among the cleanest and well designed in the industry and while it is not a multi contributor apache foundation style project it is a codebase that you could hard fork if cf decided to close it or go a direction you cannot accept.
Dylan16807 1 days ago [-]
> maybe we should stop acting like corporate sourced software is anything but an attempt to get free labor from the commons
The point of this discussion is that you can self-host, and you have a good chance of migrating the code away entirely. That's a big benefit that isn't "an attempt to get free labor". For that use, not only does it not matter if it's meaningfully open source, it doesn't matter if it's open source at all.
mark_and_sweep 1 days ago [-]
AFAIC, WinterTC doesn't specify how to start an HTTP server. Their minimum common API requires, among other things, that the Request and Response interfaces from the fetch specification are present. Unfortunately, it does not specify any sort of serve function.
jFriedensreich 1 days ago [-]
Because an edge runtime should not directly start servers in the first place. You provide handlers that fulfil requests from the system. Edge runtimes that pretend to start the servers in the edge worker context are flawed and ugly from the very start. APIs like that leak implementation details and increase vendor lock-in for no added benefit.
mark_and_sweep 1 days ago [-]
> > I don't understand how none of the alternatives really embrace WinterTC
> You provide handlers that fulfil requests from the system.
As I said previously, though I wish they were, such handlers are not part of WinterTC.
And then again, how those handlers are registered is also not part of WinterTC, which I also wish it were.
> APIs like that leak implementation details
How?
Almost all runtimes, like Bunny Edge Scripting, Cloudflare Workers, Deno, Bun, etc. use the same basic signature for the handler:
(request: Request) => Promise<Response>
Only how you register said handler is, unfortunately, different for each runtime.
ben8bit 1 days ago [-]
We use them for a couple of things - very happy. I think probably the best reason (other than service robustness): support. CloudFlare is great until it's not, and you aren't paying $$$ for enterprise support. This is probably one of the most underrated reasons to switch to any lesser known (but still rock solid) infra services. UpCloud too - great support!
senfiaj 1 days ago [-]
> It’s a single point of failure for the internet. Every Cloudflare outage ends up in the news.
I hear this argument all the time, but I think it's more complicated.
Firstly, if people used more diverse / smaller services the distribution of outages would change.
While there will likely to be more frequent "smaller" asynchronous outages, many platforms can still break even when only one of their dependencies break. So, you might likely to face even more frequent outages, although not synchronous.
Secondly, we are not sure if these smaller services are on par with the reliability of Cloudflare and other big players.
Thirdly, not all Cloudflare infrastructure is fully centralized. There is definitely some degree of distribution and independence in/between different Cloudflare services. Some Cloudflare outages can still be non global (limited by region or customers that use certain feature set, etc).
themafia 1 days ago [-]
Using a single provider is a single point of failure. It may be that this provider has lots of internal failure modes, but you're still one credit card problem or fake legal request or one mistake away from experiencing the primary failure.
If you actually care for the resiliency necessary to survive a provider outage you should have more than one provider.
Which means you should be running your own origin and using the simplest CDN features you possibly can to make your use case work.
senfiaj 22 hours ago [-]
Again, there is no simple answer. It depends on situations and resources. Some systems might rely on multiple services. If those services are independent, in such system this might cause more frequent failures which might still result in serious outages even when only one service fails. For those kind of systems a single service provider might be more preferable, because a single provider might coordinate things more efficiently while with multiple providers you might wait longer until each one fixes its problem. For example, system A depends on system B. If both A and B depend on Cloudflare and Cloudflare has 1 hour outage, both A and B will have 1 hour outage. But if A and B depend on different providers, the situation might be similar for B but worse for A. This is because for A each hour of outage in any of the providers means 1 hour of outage. In such cases each additional provider might be an additional weak link.
> If you actually care for the resiliency necessary to survive a provider outage you should have more than one provider.
Well, that probably means duplication. This might be too expensive in certain situations. Also some occasional outages might be not a big concern for some, such as most bloggers.
I'm not downplaying the downsides of centralization. Certain things should be decentralized if it's reasonable. But it's not always that way.
jamiemallers 1 days ago [-]
[dead]
turblety 1 days ago [-]
I switched a year ago and have been absolutely loving them. Not just because we can support a EU based CDN, but their Magic Containers are amazing. I can have global instantly scalable API's that cost me barely $1 a month until used.
iainmerrick 1 days ago [-]
Yes, Magic Containers is excellent. I don't know if it scales up to huge loads well -- that might be expensive -- but it scales down really well. For a very lightly loaded hobby project it's almost free.
A few people here are complaining about the lack of a free tier, but Magic Containers can cover a lot of the same ground as Cloudflare's Durable Objects, which IIRC cost a minimum of $5/month.
PUSH_AX 1 days ago [-]
This has to be an ad right? Affiliate link in the blog, non sensical reasoning for switching (single point of failure to... another single point of failure) etc
joladev 1 days ago [-]
It's not, but I can see how it came across like that. I just wrote up my experience moving over, and I thought it was nice they had an affiliate link. I've cleaned it up and called out the affiliate link. Nothing shady intended.
DoctorOW 1 days ago [-]
> (single point of failure to... another single point of failure)
I feel like you missed what the author meant with that phrase. The author wasn't talking about for their website, but the internet as a whole.
> I can’t help but feel that the idea of centralizing the internet into a single US corporation feels off.
The point of picking Bunny.net is that it's alternative to this single entity that's got so much of the internet running through it, and is less susceptible to the BS in the US.
smt88 1 days ago [-]
Yeah. I flagged this thread for spam.
runjake 1 days ago [-]
Very small caveat: A lot of the education space bans *.b-cdn.net due to malware, proxy tools, and other shenanigans.
kawsper 1 days ago [-]
That's interesting, we moved to Cloudflare R2 for our CDN solution, and we got reports from some european government institutions that our assets weren't loading, likely for similar reasons as you mention, so we rolled back whilst looking for options.
The solution was to move to Bunny, and that worked for everyone.
sieabahlpark 21 hours ago [-]
[dead]
mhitza 1 days ago [-]
Unfortunately it doesn't offer free hosting for hobbyists. Even for superficial traffic you'll have pay 1 euro a month (plus VAT).
Not many DNS management providers (that I'm aware of, please correct me) support CNAME flattening. That is having your A record point to a CNAME.
Every time I purge the pull zone cache, I do it twice, cause once from my CI isn't enough. My CI does individual page cache invalidation during deployment, but there needs to be some kind of delay (with no feedback) when assets are distributed across.
BarryMilo 1 days ago [-]
Other commenters laughing at you for the price... It's not about the price it's about the barrier. Even if I love a service, I won't get very many people to try it if they need to enter a credit card.
tensor 1 days ago [-]
If entering a credit card is too much you probably aren't a potential customer. Part of keeping a service low cost is keeping services efficient. Having a large pool of people using it for free who will never become customers will force the cost higher for those who do pay.
Good riddance to the "free" model. It's never actually free. You either pay with your data, or have to consume ads, or you're forcing other customers to pay for your free usage.
hobofan 1 days ago [-]
It's also a barrier for education.
Almost all technological choices I made as a teen were driven by "what hosting can I get for free, as my parents sure as hell won't put down their payment information for that". Back then that usually meant PHP and a max. 50MB MySQL.
bombcar 1 days ago [-]
If you've ever offered an online service, charging "the dollar" reduces a ton of spam/abuse you have to deal with.
gertop 1 days ago [-]
I have been the service provider who had to paywall just to stop the spammers and you're right. But it's also true that kids will be collateral damage (or anyone without a credit card).
In my case, and it was the 90s, I took the time to setup a way to pay by calling a premium (1-900) for $1.49 number so the barrier to entry even for kids was still reasonable.
Maybe in modern day the equivalent is adding Google pay and Apple pay then you cover some kids at least (gift cards and such).
Quite the hassle for the provider, and it will turn away any person who cares about privacy. There's no way to win anymore.
tensor 1 days ago [-]
If a parent can buy their kid a computer, they can pay 1 euro a month for a CDN in the rare case they need it. This is a bad argument.
zorked 1 days ago [-]
I had trouble explaining to my parents what a BBS was. I wouldn't want to explain what a CDN is.
bombcar 1 days ago [-]
I think the point is that many HNer’s had parents who couldn’t or wouldn’t do “computer things”
hobofan 1 days ago [-]
Pay 1 Euro a month... or 1000s if their kid fucks up.
fourside 1 days ago [-]
I get that credit cards are a barrier of entry but I’m more willing to give providers a break now that AI agents make it much easier to abuse free tiers. It’s also harder for smaller companies to offer free tiers. If we want a more diverse set of service providers we as customers need to be willing to accept some trade-offs.
joehart42 1 days ago [-]
oh no a euro a month for a service. How will we financially recover?
miyuru 1 days ago [-]
not everyone lives in the USA or earns USA based salaries.
also I said this in a another thread, they charges 1$ even for single testing http request.
Feel free to use local services then, not every company has to support the entire world. Some are fine with a small slice. Expecting otherwise isn't sustainable for the sub trillion dollar non-monopolists companies, not without massive public support from the government at least.
joehart42 1 days ago [-]
I'm not in the USA or earn USA salary but I can pay 1 euro a month for a thing.
PKop 1 days ago [-]
Why would you be a useful target market for a business running these services then? Seriously, if you can't pay anything at all, of what value is catering product offerings to you? It is thus irrelevant that you aren't happy with not being offered a free service.
garganzol 1 days ago [-]
The absence of free offering is not a bug in this case, it's a feature.
rvz 1 days ago [-]
> Unfortunately it doesn't offer free hosting for hobbyists. Even for superficial traffic you'll have pay 1 euro a month (plus VAT).
?
So 1 euro a month is too expensive for you? Wow.
Just pay the 1 Euro or go to GitHub where that is free but goes down almost every week.
pdimitar 1 days ago [-]
Man, come on now, it's 1.20 EUR a month.
mhitza 1 days ago [-]
Of course it's nothing, but it's also not a set it an forget kind of thing, which in many ways for hobbyists is why cloudflare/github pages are nice.
shimman 1 days ago [-]
Yes, it's nice to have a trillion+ dollar monopoly able to subsidize loss leaders to put your competitors out of business.
k9294 1 days ago [-]
We at ottex.ai use bunny.net to deploy globally an openrouter like speach-to-text API (5 continents, 26 locations, idle cost 3$).
Highly recommend their Edge Containers product, super simple and has nice primitives to deploy globally for a low latency workloads.
We connect all containers to one redis pubsub server to push important events like user billing overages, top-ups etc. Super simple, very fast, one config to manage all locations.
arto 15 hours ago [-]
That's inspirational. Do you perhaps have an architectural writeup somewhere?
k9294 11 hours ago [-]
Nope, but I will think about this, thank you for the idea. Maybe it's time to start a technical blog for ottex
jonas21 1 days ago [-]
Are cold starts an issue?
k9294 1 days ago [-]
There is no cold starts at all. It’s running non-stop.
Bunny bills per resource utilization (not provisioned) and since we run backend on Go it consumes like 0.01 CPU and 15mb RAM per idle container and costs pennies.
whh 1 days ago [-]
I've been on Bunny for a while now, personally. It's pretty good, and I managed to dodge the last major Cloudflare outage which was nice.
But, a few things could be more straightforward. Cloudflare makes the whole static site and DNS zone piece feel far more seamless. With Bunny you will still need to stitch records between different parts of their dashboard.
amar0c 23 hours ago [-]
But 1TB of bandwidth with Bunny costs $10 while you can do tens maybe even hundreds of them for free on Cloudflare. EU,Privacy etc. to side, nothing can beat Cloudflare when it comes performance/features vs. price
bedatadriven 14 hours ago [-]
We switched from Wistia to their video streaming offer and literally decimated our video hosting costs. Exactly what we needed with none of the upselling B.S.
johntash 13 hours ago [-]
I'm also a happy customer of bunny.net. I mostly use it for dns, but do use the CDN for a few sites too.
For DNS, it's cool because you can have it return scripted results which makes dns-based load balancing a bit "better".
I do have a question, is it even possible to have a CDN set up where they don't MITM and strip your TLS and re-encrypt or are we just picking which jurisdiction gets to inspect your traffic?
edit: I'm thinking of the use case where the CDN as a proxy for APIs and uncachable content as well, where it used as a reverse proxy for transit/ddos protection.
yjftsjthsd-h 1 days ago [-]
Much of the point of a CDN is that they can cache responses, and likely also make other changes. I don't see how that could be done without seeing what's inside the request.
SV_BubbleTime 1 days ago [-]
Comparing hashes of responses without knowing what is inside wouldn’t work?
OlivOnTech 1 days ago [-]
No it would not work. TLS protects against replay attacks by design, the same response (or query) in clear text will not look the same in encrypted traffic
1 days ago [-]
woofcat 1 days ago [-]
No, as the request headers would be different for things like time.
SV_BubbleTime 1 days ago [-]
Ya maybe. Blocks that are hashed perhaps?
kstrauser 1 days ago [-]
Probably not. That’d look a lot like a bunch of load balancers around the world hitting your own backend. There’s generally not a way to cache web data without decrypting it inside the cache.
1 days ago [-]
sophacles 1 days ago [-]
Why would you want a content delivery network for uncachable content? Literally the point of CDN is to cache content and deliver it.
Granted cloudflare also does DDOS protection, and that makes sense for an API. For that you could do some DDOS protection without stripping TLS, but it can only protect against volumetric attacks like syn/ack floods and not against attacks that are establishing full TCP connections and overwhelming the app server. (rate limiting incoming connections can go a long way, but depending on details, it might still be enough to overwhelm the serving resources, your use case is up to you to understand).
nazcan 1 days ago [-]
It seems like having a feedback loop to the DDOS protector could help a lot - i.e. saying how busy you are.
At some level, it's like they become your edge router.
tick_tock_tick 1 days ago [-]
I mean you can even use Cloudflare in a non-MITM manner. You lose a lot of the "value" of a CDN but they support it. Cloudflare Spectrum would be the product.
andai 1 days ago [-]
I thought it was gonna be a captcha that uses this
Their web site left me with a bad taste. I want to like them but… No front page pricing. Popups obscuring screen, with no options I agree with. Standard safari shows blank page for products. Cute images that overwhelm content. How many sign up for free prompts are enough?
watermelon0 14 hours ago [-]
Huh? I'm not seeing any popups except the cookie banner at the bottom of the screen.
Pricing link is the second one in the top menu, and it shows all prices in a straightforward way.
FryHigh 1 days ago [-]
I had to move to Bunny.net after Cloudflare disabled my homepage following a malicious report, despite me being a paying customer for several years. I also never received a response to my appeal.
I’ve now been with Bunny.net for over a year and have been very happy with the service.
Lihh27 1 days ago [-]
heh one bad report gets action. years as a paying customer get you silence. ugly asymmetry.
_HMCB_ 1 days ago [-]
I use Bunny for serving up videos. Best service by far. Inexpensive and fast streaming.
ewy1 1 days ago [-]
your enthusiasm for the service might be justified but having every mention of its name be a hyperlink with referral code feels offputting like i'm about to enter a multi-level marketing scheme
evolve2k 1 days ago [-]
I’ve mainly been using cloudflare for the very excellent (and free) premium DNS offering.
Easy upload of bind test files
Flattened CNAME to support naked domains
Robust free role based permissions to add other ppl
Anyone have suggestions for moving a stack of domains, many being little community and hobby projects away from cloudflare for a small overall price. Agency pricing like migadu offers for email on custom domains is what I have in mind.
I've found every other offering to be lacking. Some examples: Cloudflare is alright but has settings footguns if you're not used to Their Way of Doing It™ (e.g., before using DNSControl, I had to manually flip switches to turn off proxying every time I updated my zones). deSEC is free and okay, but sometimes quite slow to propagate and its UI+API are unwieldy. DNS Made Easy is often pushed on social media, but it's ridiculously pricey for what you get if you don't need a SLA. DNSimple seemed nice but IIRC I couldn't get a different API token per zone (?).
I'm currently relying mainly on LuaDNS. For me, it functions as a "dumb" DNS host (i.e., not using their Lua configuration-as-code system). Their API is oddly designed, but it's been passable since a recent-ish update, which has allowed me to safely port my zone files to DNSControl.
> DNSimple seemed nice but IIRC I couldn't get a different API token per zone (?).
We overhauled our account tokens a few years back: https://blog.dnsimple.com/2023/11/scoped-access-tokens/ . With account tokens you can specify fine-grained scoped access control, including specifying only one or more zones that a token has read or read/write access to.
nijave 17 hours ago [-]
I think you're right about dnsimple tokens unless they've changed recently. I ended up writing a proxy that held the powerful token and then issued its own tokens to get around that... A bit convoluted
Annoying for dynamic DNS and DNS ACME challenges where you want a server to manage its own records and nothing else
aeden 9 hours ago [-]
I've put a comment on the parent thread, but unless I've misunderstood what the poster said, we addressed the limitation back in 2023 with scoped access tokens.
evolve2k 1 days ago [-]
I should add a friend has recommended DNsimple.com and I’ve previously found their service to be excellent.
50 cents per domain per month
10 cents per million queries
That’s prob cheap enough to support lots of little hobby sites and bigger traffic sites likely have some budget.
mawalu 1 days ago [-]
I used them in the past (many years ago) and was very surprised when my DNS was affected by a cloudflare outage. Turns out (back then) they relied on the cf network for DoS protection against their resolvers[1]. I was surprised to learn that and honestly thought that if I already take a dependency on cloudflare I might as well have them host my zones directly for free.
At one point we were using Cloudflare's DNS Firewall product for our entire edge network. We have since moved half of our edge network to our own infrastructure and are currently in the process of expanding our edge network further, so at this point an outage at Cloudflare should be at least partially mitigated for our customers due to our separate edge network, and eventually it should be completely independent.
aeden 1 days ago [-]
Thanks for recommending us, I (and the rest of the team) appreciate it.
corford 1 days ago [-]
Second DNSimple. Cheap to start and lots of nice features/support if you grow e.g. terraform provider, an acme.sh plugin, Okta support etc.
chrisweekly 1 days ago [-]
I make a point of using a dedicated service provider for each distinct service. YMMV but I'm happy with DNSMadeEasy (DNS), IWantMyName (registrar) and Fastmail (email).
lpcvoid 1 days ago [-]
Try desec.io, I use them and am very happy. Free DNSSEC, which some other DNS hosters want to charge you for (IONOS, looking at you).
nicbvs 1 days ago [-]
You can use Bunny for DNS-only, it works well
pier25 1 days ago [-]
I'm in the process of doing this for a Spanish client because of the La Liga situation.
Only using edge storage, DNS, and CDN so far but very happy with Bunny.
jrochkind1 1 days ago [-]
I had not heard of the "La Liga situation", but googled and what I learned was that La Liga is a Spanish football (soccer) team, and their players did a protest action about not wanting a match to be staged in Florida, and the team owners tried to say it was an illegal strike, but a court recently disagreed and said it was protected protest....
I still have no idea what any of this has to do with any clients moving from Cloudflare to Bunny.net, what am I missing?
La Liga is the national soccer organisation, which organizes the championship. They force the ISPs to block Cloudflare during games to block illegal streaming websites. But then it blocks a lot of websites that have nothing to do with it, and there are games fairly often.
jrochkind1 18 hours ago [-]
Aha, that's a different La Liga situation! Wow, that's wild!
pier25 23 hours ago [-]
As an anti piracy measure, La Liga (Spain's biggest football association) was able to push the government so that all ISPs have to block Cloudflare's IPs during matches.
It's ridiculous.
tambre 1 days ago [-]
Seemingly lacks IPv6 though? Cloudflare requires you to pay them and make an explicit effort to disable IPv6. Sad to see it not enabled by default on Bunny.
Depending on where I query from, OP's blog does have it as well:
# host jola.dev
jola.dev has address 37.19.207.38
jola.dev has IPv6 address 2400:52e0:1a04::1310:1
tambre 1 days ago [-]
Seems @zorked is correct about some POPs simply lacking IPv6. I simply happened to hit one of those. Quite disappointing but I guess Bunny is on the cheap side and doesn't actually own or manage their network like big CDNs do.
zorked 1 days ago [-]
They do support IPv6 but not in every POP, unless something changed.
I have IPv6-only backends and I had to select serving from the main POPs rather than the entire network (which is fine by me as they are also cheaper).
stickfigure 1 days ago [-]
This isn't an either/or, you can use features from both and you have to compare carefully. I used to do a lot of image manipulation and had pluggable implementations for imgix, cloudflare images, and bunny. Bunny is by far the cheapest and that ended up being the mature solution (plus some custom processing). But for other caching, R2, workers, etc CF is great.
KingOfCoders 1 days ago [-]
Have been with them for quite some time, have some Hugo websites with them, do DNS through them, get their minimum $1 invoice each month. Love them.
sassymuffinz 1 days ago [-]
I use bunny as an image serving and video streaming across multiple projects and it is excellent, never had an issue with it.
They recently upgraded the player for streaming media, we use in one instance for tutorial videos, that apparently adds some missing accessibility features. All we needed to do was adjust the embed URL structure we were using and all set.
sylens 1 days ago [-]
I would probably switch off Cloudflare if I didn't also make use of their Cloudflare Tunnels service for sharing some stuff in a way that doesn't require me to punch a hole in my home network. I realize Pangolin and such also exist, but it's nice to get it for free
tao_oat 1 days ago [-]
I tried to move my sites to Bunny Edge Scripting and found the experience mostly poor, unfortunately. A lot of failures without error logs, and purging the pull zone cache only seemed to work sometimes. A shame because I like their offering otherwise.
__natty__ 1 days ago [-]
I love bunny.net. For my use case it provides lower latency than Cloudflare.
smartbit 1 days ago [-]
IMHO main benefit of bunny.net is that as an Slovenian company they adhere to the GDPR, no GAG orders, and offer an Data Processing Agreement (DPA) when Personally Identifiable Information (PII) is involved.
While uncommon, bunny.net also provides a way to block users from the EU from accessing your content altogether by using our traffic manager tools if you do not wish to serve users from the European Union. Which I assume can be reversed, only serving to users from the EU.
Bigpet 1 days ago [-]
Well it seems like whatever's on that page is blocked by the corporate proxy malware scanner I'm currently behind.
vvpan 1 days ago [-]
I do not understand what it is about Cloudflare. Especially for a blog post - won't pretty much anything do?
kordlessagain 1 days ago [-]
Anything that says goodbye to Cloudflare man-in-the-middlinging is joy to my big ears.
fallat 1 days ago [-]
I'd much rather read "Dropping everything for self-sufficiency"
msavara 1 days ago [-]
Yes. Bunny is excellent, never had an issue with it.
BunnyCDN intentionally mis-writes any Mastodon request signing, as to make it incompatible with Mastodon.
And, they confirmed it's intentional.
mixmastamyk 18 hours ago [-]
Are they using C# on their servers? Not Windows I hope?
uxcolumbo 1 days ago [-]
Why is it intentional?
mystraline 1 days ago [-]
That was what the link indicated.
The user sent in a help ticket, and Bunny confirmed this response rewrite was intentional and would not fix it.
I wanted to get this out, not to conjecture as to why.
8593376393 9 hours ago [-]
[dead]
maxdo 1 days ago [-]
make Europe great again, and no, this is so different from any other nationalist moves :)
swiftcoder 1 days ago [-]
Surely by definition, being pro-EU is automatically anti-nationalism (at least for everyone inside the EU)?
cbg0 1 days ago [-]
The extremists want you to believe that, but the EU is an economic alliance, not a federal republic. Being pro-EU is usually anti-isolationist, but it isn't always anti-nationalist.
tick_tock_tick 1 days ago [-]
> EU is an economic alliance
lol that ship sailed a long time ago it's certainly not a full federal republic but it's a lot closer to one then a mere "economic alliance".
swiftcoder 1 days ago [-]
> the EU is an economic alliance, not a federal republic
The line between those two things in the case of the EU is awful blurry.
The Espace Léopold issues laws that are binding on member nations, wields significant power over trade, fiscal policy, and mandates open borders between member nations. These are hardly the features of a purely economic treaty organisation.
lpcvoid 1 days ago [-]
I am pro-EU and anti-nationalist. This works because the EU is a collection of states.
noir_lord 1 days ago [-]
I'm pro-EU and my country is no longer in the EU (annoyingly).
It's not perfect but it's better than the alternatives and we really need a power bloc (even if currently only economic) that isn't the US and China.
Alternatives to US big tech are always welcome.
1 days ago [-]
mannanj 1 days ago [-]
R2 is pretty darn hard to beat. No egress, and only like $.57 per million read operations. If you're running a video streaming use case (and not using terabytes and caching or abusing your bandwidth) I found no one else compares.
Does anyone have thoughts or disagree on this in terms of pricing and cost effectiveness?
jrochkind1 1 days ago [-]
When you serve video from R2, you do it directly from R2 to client, not with an additional Cloudflare CDN in front, and that works fine? I have been trying to understand video and R2.
Giorgi 1 days ago [-]
Sounds like an ad which it probably is.
reactordev 1 days ago [-]
The only thing stopping everyone is the convenience. Someone already does this? Cool, here’s my credit card. For the Non-US folks, you’re just as capable. Good to see a company like Bunny realize it. It’s just a bunch of computers and some networking, what could go wrong? /s (but seriously, you can do this…)
kyrofa 23 hours ago [-]
> TL;DR my motivation and experience for moving my blog from Cloudflare to bunny.net
In my experience the TLDR generally gives the motivation/experience in brief. This feels more like a subtitle.
syngrog66 23 hours ago [-]
I understand desire to get off US infra. But Bunny.net is Slovenian, and Slovenia borders Hungary, a de facto Russian vassal state. Other nations would be safer. If you want to de-risk you should really de-risk.
upmind 1 days ago [-]
Am I the only one who thinks their reason for why theyre leaving Cloudflare didn't sound particularly sound... This blog post reads like something a Bunny.net employee would write
the__alchemist 1 days ago [-]
Bun alert!
akoculu 1 days ago [-]
We had severe issues with Bunny and recently migrated off it.
Some of our users were unable to reach our CDN altogether. They couldn't load any assets at all. Bunny's customer service was far too slow to respond and mostly gave unhelpful answers. They couldn't even identify the issue.
In less than 45 minutes, I moved our CDN entirely from Bunny to Cloudflare Workers. Now our CDN just actually works, I don't have to debug our CDN for the Bunny customer service team.
Also, this is obviously a marketing post.
programmarchy 1 days ago [-]
Also had a severe issue with Bunny, serving videos. They had a cache poisoning issue where they served a few frames from pornographic videos right in the middle of our educational videos. They did not have the multi-tenancy thing fully figured out, and it became a nightmare scenario. After that, we moved to a provider that explicitly did not allow porn.
prtaylor 1 days ago [-]
[dead]
winddude 1 days ago [-]
considering the bunny.net site crashes, and fails to load with timeouts, good luck with that. Unfortunately having a monopoly in a CDN is kind of a benefit.
moralestapia 1 days ago [-]
Nice ad.
>One of my biggest concerns though is around how easily I could become heavily dependent on this one single company that then can decide to cut me off [...]
How does switching to Bunny make a difference?
It would be super nice to have a setup that uses multiple CDNs w/ automatic failover.
Bender 1 days ago [-]
It would be super nice to have a setup that uses multiple CDNs w/ automatic failover.
Doable, but that removes all the free tiers of all the CDN's. AFAIK they all require an enterprise account to keep using ones own DNS and their own GSLB DNS failover. There are probably a few exceptions and one could maybe make something of that but I don't know which ones are the exceptions.
bakugo 1 days ago [-]
What other CDNs even have decent free tiers besides Cloudflare?
Bender 1 days ago [-]
I don't know. I started to go down that path but all the CDN's that suggested some aspect of try before buying were in places outside of the US and had non US payment processors so I moved on to other projects. I doubt that there are many. I suspect Cloudflare only do it as a result of dual-use and that dual-use may be backed by tax dollars as there is no way a publicly traded company would give away massive network resources at a loss but that is my own conspiracy theory. i.e. an extension to Googles birds of a feather project. Capture most web traffic, most DNS traffic and learn who talks to who and why to form a risk map.
j45 1 days ago [-]
[dead]
ValveFan6969 1 days ago [-]
[dead]
sieabahlpark 1 days ago [-]
[dead]
Rendered at 20:32:39 GMT+0000 (Coordinated Universal Time) with Vercel.
[1] https://bunny.net/affiliate/
In a time where more people usually beg for forgiveness instead of asking for permission, it already has
But that changes things
Not yet. Working on it, though.
An acronym as common as GDPR.
Or there is a loosely defined locally-run thing called 'Trading Standards' which is done at the council ("municipality") level.
and for the record I am just being difficult and everyone in tech/mildly well read knows what the (U.S.) FTC is. My point is more that one country's rules don't always matter for the operations of domestic commerce in another amongst their own citizens.
We famously mock our own jusrisprudence - "if Parliament passes a law that it is illegal to smoke on the streets of Paris, then it is illegal to smoke on the streets in Paris", so even when hard legislation exists (4chan/Ofcom shitshow?) it is meaningless.
The only power that matters long term in the universe is sheer force and hard power, and it has always been that way.
If they can't they probably should move to an international focused site.
Either way, we are on the internet. Pretty international stuff.
https://www.ftc.gov/business-guidance/resources/disclosures-...
I don't like free offerings, because what if they decide to charge someday? What if someone decides "free is not feasible, we start charging $20 per instance now".
I'd rather have a low fee now, a change from $2 to $3 is more likely and that's fine for me. But from free to not free is risky for me.
I also like smaller, independent-ish ompanies that actually care about developers. That's why I use bunny.net, transistor.fm, Plausible Analytics.
You can just move to another provider at that point. At least when it comes to CDN and DNS there’s literally no vendor lock-in.
You can grab your dns records export them to csv and import somewhere else easily and a CDN is just a file server so you can just give your files to someone else easily.
ehhhh, really depends on which CDN features you're using, and at what volume. Using ESI? VCL? Signed URLs or auth? Any other custom functionality? Are you depending on your provider's bot management features which are "CONTACT FOR PRICE" with other providers? Does your CDN provider have a special egress deal with your cloud provider?
It's possible to picture this being easy in the same way that being multi-cloud or multi-region is easy.
I have no idea what two of those acronyms mean. None of this is part of what a CDN offers.
Yes if you use DDoS protection, or cloudfare’s ZeroTrust or embrace $X proprietary features then what I said no longer applies.
I strictly said DNS and CDN.
VCL = Varnish Configuration Language i.e. how you configure your Fastly services
If you're just using a CDN as a proxy then there's no lock in but plenty of sites are using CDNs for much more than that
1. For DNS we have standardized AXFR requests which the DNS provider needs to support as they are part of the DNS standard. There is not an option of not having that unless you have a really shitty provider that you should change anyway.
2. Same for Mass Import because again DNS already defines these things at the protocol level.
And resetting 2FA or whatever is just the cost of using any service
Personally I have used CF for ~10 years so I have saved $240 and I simultaneously use GitHub Pages and CF Pages for CDN because again I just need to give them a bunch of static files. Adding a third CDN provider would literally be a single command at the end of my build pipeline.
> Minimum Account Balance
> In order to keep your service online, you are required to keep a positive account credit balance. If your account balance drops low, our system will automatically send multiple warning emails. If despite that, you still fail to recharge your account, the system will automatically suspend your account and all your pull zones. Any data in your storage zones will also be deleted after a few days without a backup. Therefore, always make sure to keep your account in good standing.
You proactively replenish your balance, so in the worst case, you can just let the account go.
And how is that related to me? My comment said (and the parent I replied to) mentioned DNS and CDN.
Now we add compute services, data storage, whatever D1 is and the other comment mentioned auth/authz
Are people not aware what CDN and DNS are?
Practically, any metered supplier can put you out of business. It usually doesn't happen because destruction is mutually assured.
+1 for using smaller, more independent companies in any case!
With free offerings, you’re always helping the supplier in some way. Then you become the product. Which makes it difficult to understand the value exchange; it’s much easier to do so when you’re just paying a fair sum of money.
This logic doesn't hold much water, however. Abrupt changes in pricing or other conditions happen with paid tiers as well
But if a free offering suddenly says "We are getting rid of free, only starting $899 a month baseline, because we noticed our free users aren't converting and we only want to support enterprise from now on". Well, then I have to move everything.
Still a big price hike can come, but +20% monthly is easier to stomach than if I can't be sure what will happen to the free offering.
Same thing can be applied to low fees services. Look at bitwarden as a recent example, they doubled their prices overnight and hid the announcement in some useless blog post that no one reads, users found out later they are expected to pay doubles in any plan.. why? Because “that low price isn’t feasible we start charging $23 plus tax for premium now”
And the same things you will do to migrate to another when free -> paid you will do when paid_low -> paid_high if the pricing isn’t up to your expectations.
There’s no protection against this, it’s up to the business model change, investors, greed (aka scale up!), you name it, so regardless whether you are paying now or not, always have other options ready for when you need to abandon the ship.
But I hit a real issue recently: CDN edge caching served stale HTML after a deploy, and the service worker cached the bad response. Took a CDN purge from the dashboard to fix. The debugging experience when things go wrong at the edge is painful, you're always guessing which cache layer is the problem.
That being said, the free tier is hard to beat for getting started. Workers, Pages, KV, R2 — you can run a full production app at near-zero cost until you hit scale. Not sure if Bunny offers that.
Some of you may be skeptical about this but it allows for much easier management when working on multiple SaaS/hobby projects/personal tools.
That being said, I had enough issues with Bunny and CF debugging across regions that I made this free tool to do both remote HTTP and TCP traceroutes to keep my sanity: https://dnsisbeautiful.com/global-http-availability
There’s a cost limit to how much high availability is worth on any project but vendors like CloudFlare don’t respect that.
A week ago I (a hobbyist running a small side project for a dollar or two a month in normal usage, so my account is marked as "individual") got hit with a ~$17,000 bill from Google cloud because some combination of key got leaked or my homelab got compromised, and the attacker consumed tens of thousands in gemini usage in only a few hours.
Google denied a rate adjustment, and haven't reached back out to me for a good few days now. My credit card denied the charge because it was over my credit limit by a good few thousand dollars and they suspected fraud, but now I am terrified of being taken to collections and ruining my prospects of renting an apartment due to my credit score/history being ruined, or them just taking me to court.
I am never going to use "use now pay later" services, especially with cloud portals where it's so hard to put in a actual cap, and the cloud provider not having any sane rate limits. I am fine paying if it was negligence or a mistake on my part as a very expensive lesson in security, but 17k is brutal.
The fact they don't have an easy way to hard cap usage (especially for an individual account) and have ineffective rate limits (how on earth is an account that pays a few dollars a month able to run up tens of thousands in just a few hours), makes me never want to use their (or any use now pay later with no easy caps or rate limits) service ever again. Or even a phone number to call.
Also before doing this save anything important that Google owns (gmail, youtube videos, anything in storage). The leaders at Google are vengeful enough to completely lock you out for challenging them.
That said, the edge-caching being how it is, it's possible to run into some race-conditions where the cache has been purged but not propagated to the edge network, and if visited too soon, the stale version might end up back into the cache.
[0]:
As a consequence I've had to build quite defensively - adopting a PWA approach - heavy caching and background sync. My hope is that latency improves over time because the platform is nice to work with.
If i see something horrific like:
import * as BunnySDK from "@bunny.net/edgescript-sdk" BunnySDK.net.http.serve(async (request: Request) =>
Thats a proprietary lock-in worse than what it tries to replace!
[1] https://developers.cloudflare.com/workers/runtime-apis/handl...
I assume by Service Worker API, you mean FetchEvent? [1] As in:
self.addEventListener("fetch", (event) => {});
That is a web standard indeed, but not one that was designed for use as a general-purpose HTTP handler, but rather for use in a Service Worker proxy.
[1] https://developer.mozilla.org/en-US/docs/Web/API/FetchEvent
But in practice, we almost never receive major contributions from outside the team. Which is fine. We're happy just to have our team working in the open.
The reasons we open sourced it are:
1. Support a realistic local dev environment (without binary blobs).
2. Provide an off-ramp for customers concerned about lock-in. Yes, really. We have big customers that demand this, and we have had big customers that actually did move off Cloudflare by switching to workerd on their own servers. It makes business sense for us to support this because otherwise we couldn't win those big customers in the first place.
The point of this discussion is that you can self-host, and you have a good chance of migrating the code away entirely. That's a big benefit that isn't "an attempt to get free labor". For that use, not only does it not matter if it's meaningfully open source, it doesn't matter if it's open source at all.
> You provide handlers that fulfil requests from the system.
As I said previously, though I wish they were, such handlers are not part of WinterTC.
And then again, how those handlers are registered is also not part of WinterTC, which I also wish it were.
> APIs like that leak implementation details
How?
Almost all runtimes, like Bunny Edge Scripting, Cloudflare Workers, Deno, Bun, etc. use the same basic signature for the handler:
(request: Request) => Promise<Response>
Only how you register said handler is, unfortunately, different for each runtime.
I hear this argument all the time, but I think it's more complicated.
Firstly, if people used more diverse / smaller services the distribution of outages would change. While there will likely to be more frequent "smaller" asynchronous outages, many platforms can still break even when only one of their dependencies break. So, you might likely to face even more frequent outages, although not synchronous.
Secondly, we are not sure if these smaller services are on par with the reliability of Cloudflare and other big players.
Thirdly, not all Cloudflare infrastructure is fully centralized. There is definitely some degree of distribution and independence in/between different Cloudflare services. Some Cloudflare outages can still be non global (limited by region or customers that use certain feature set, etc).
If you actually care for the resiliency necessary to survive a provider outage you should have more than one provider.
Which means you should be running your own origin and using the simplest CDN features you possibly can to make your use case work.
> If you actually care for the resiliency necessary to survive a provider outage you should have more than one provider.
Well, that probably means duplication. This might be too expensive in certain situations. Also some occasional outages might be not a big concern for some, such as most bloggers.
I'm not downplaying the downsides of centralization. Certain things should be decentralized if it's reasonable. But it's not always that way.
A few people here are complaining about the lack of a free tier, but Magic Containers can cover a lot of the same ground as Cloudflare's Durable Objects, which IIRC cost a minimum of $5/month.
I feel like you missed what the author meant with that phrase. The author wasn't talking about for their website, but the internet as a whole.
> I can’t help but feel that the idea of centralizing the internet into a single US corporation feels off.
The point of picking Bunny.net is that it's alternative to this single entity that's got so much of the internet running through it, and is less susceptible to the BS in the US.
The solution was to move to Bunny, and that worked for everyone.
Not many DNS management providers (that I'm aware of, please correct me) support CNAME flattening. That is having your A record point to a CNAME.
Every time I purge the pull zone cache, I do it twice, cause once from my CI isn't enough. My CI does individual page cache invalidation during deployment, but there needs to be some kind of delay (with no feedback) when assets are distributed across.
Good riddance to the "free" model. It's never actually free. You either pay with your data, or have to consume ads, or you're forcing other customers to pay for your free usage.
Almost all technological choices I made as a teen were driven by "what hosting can I get for free, as my parents sure as hell won't put down their payment information for that". Back then that usually meant PHP and a max. 50MB MySQL.
In my case, and it was the 90s, I took the time to setup a way to pay by calling a premium (1-900) for $1.49 number so the barrier to entry even for kids was still reasonable.
Maybe in modern day the equivalent is adding Google pay and Apple pay then you cover some kids at least (gift cards and such).
Quite the hassle for the provider, and it will turn away any person who cares about privacy. There's no way to win anymore.
also I said this in a another thread, they charges 1$ even for single testing http request.
https://news.ycombinator.com/item?id=46873521
?
So 1 euro a month is too expensive for you? Wow.
Just pay the 1 Euro or go to GitHub where that is free but goes down almost every week.
Highly recommend their Edge Containers product, super simple and has nice primitives to deploy globally for a low latency workloads.
We connect all containers to one redis pubsub server to push important events like user billing overages, top-ups etc. Super simple, very fast, one config to manage all locations.
Bunny bills per resource utilization (not provisioned) and since we run backend on Go it consumes like 0.01 CPU and 15mb RAM per idle container and costs pennies.
But, a few things could be more straightforward. Cloudflare makes the whole static site and DNS zone piece feel far more seamless. With Bunny you will still need to stitch records between different parts of their dashboard.
For DNS, it's cool because you can have it return scripted results which makes dns-based load balancing a bit "better".
https://docs.bunny.net/dns/scriptable/introduction
edit: I'm thinking of the use case where the CDN as a proxy for APIs and uncachable content as well, where it used as a reverse proxy for transit/ddos protection.
Granted cloudflare also does DDOS protection, and that makes sense for an API. For that you could do some DDOS protection without stripping TLS, but it can only protect against volumetric attacks like syn/ack floods and not against attacks that are establishing full TCP connections and overwhelming the app server. (rate limiting incoming connections can go a long way, but depending on details, it might still be enough to overwhelm the serving resources, your use case is up to you to understand).
At some level, it's like they become your edge router.
https://www.goodboydigital.com/pixijs/bunnymark/
I'd assume most bots don't have a GPU attached :)
Pricing link is the second one in the top menu, and it shows all prices in a straightforward way.
I’ve now been with Bunny.net for over a year and have been very happy with the service.
Easy upload of bind test files Flattened CNAME to support naked domains Robust free role based permissions to add other ppl
Anyone have suggestions for moving a stack of domains, many being little community and hobby projects away from cloudflare for a small overall price. Agency pricing like migadu offers for email on custom domains is what I have in mind.
https://www.migadu.com/pricing/
https://www.cloudns.net/premium/
https://www.luadns.com/pricing.html
I've found every other offering to be lacking. Some examples: Cloudflare is alright but has settings footguns if you're not used to Their Way of Doing It™ (e.g., before using DNSControl, I had to manually flip switches to turn off proxying every time I updated my zones). deSEC is free and okay, but sometimes quite slow to propagate and its UI+API are unwieldy. DNS Made Easy is often pushed on social media, but it's ridiculously pricey for what you get if you don't need a SLA. DNSimple seemed nice but IIRC I couldn't get a different API token per zone (?).
I'm currently relying mainly on LuaDNS. For me, it functions as a "dumb" DNS host (i.e., not using their Lua configuration-as-code system). Their API is oddly designed, but it's been passable since a recent-ish update, which has allowed me to safely port my zone files to DNSControl.
https://dnscontrol.org
We overhauled our account tokens a few years back: https://blog.dnsimple.com/2023/11/scoped-access-tokens/ . With account tokens you can specify fine-grained scoped access control, including specifying only one or more zones that a token has read or read/write access to.
Annoying for dynamic DNS and DNS ACME challenges where you want a server to manage its own records and nothing else
https://dnsimple.com/
50 cents per domain per month 10 cents per million queries
That’s prob cheap enough to support lots of little hobby sites and bigger traffic sites likely have some budget.
[1] Not completely sure but I think this was the incident https://blog.dnsimple.com/2020/07/incident-dns-resolution/
Only using edge storage, DNS, and CDN so far but very happy with Bunny.
I still have no idea what any of this has to do with any clients moving from Cloudflare to Bunny.net, what am I missing?
It's ridiculous.
The CDN certainly has it: https://bunny.net/blog/ipv6-returns-to-bunnycdn/
Depending on where I query from, OP's blog does have it as well:
I have IPv6-only backends and I had to select serving from the main POPs rather than the entire network (which is fine by me as they are also cheaper).
They recently upgraded the player for streaming media, we use in one instance for tutorial videos, that apparently adds some missing accessibility features. All we needed to do was adjust the embed URL structure we were using and all set.
See https://bunny.net/gdpr/. Also noticed this:
While uncommon, bunny.net also provides a way to block users from the EU from accessing your content altogether by using our traffic manager tools if you do not wish to serve users from the European Union. Which I assume can be reversed, only serving to users from the EU.
https://social.mikutter.hachune.net/@mok/116208294430782702
BunnyCDN intentionally mis-writes any Mastodon request signing, as to make it incompatible with Mastodon.
And, they confirmed it's intentional.
The user sent in a help ticket, and Bunny confirmed this response rewrite was intentional and would not fix it.
I wanted to get this out, not to conjecture as to why.
lol that ship sailed a long time ago it's certainly not a full federal republic but it's a lot closer to one then a mere "economic alliance".
The line between those two things in the case of the EU is awful blurry.
The Espace Léopold issues laws that are binding on member nations, wields significant power over trade, fiscal policy, and mandates open borders between member nations. These are hardly the features of a purely economic treaty organisation.
It's not perfect but it's better than the alternatives and we really need a power bloc (even if currently only economic) that isn't the US and China.
Alternatives to US big tech are always welcome.
Does anyone have thoughts or disagree on this in terms of pricing and cost effectiveness?
In my experience the TLDR generally gives the motivation/experience in brief. This feels more like a subtitle.
Some of our users were unable to reach our CDN altogether. They couldn't load any assets at all. Bunny's customer service was far too slow to respond and mostly gave unhelpful answers. They couldn't even identify the issue.
In less than 45 minutes, I moved our CDN entirely from Bunny to Cloudflare Workers. Now our CDN just actually works, I don't have to debug our CDN for the Bunny customer service team.
Also, this is obviously a marketing post.
>One of my biggest concerns though is around how easily I could become heavily dependent on this one single company that then can decide to cut me off [...]
How does switching to Bunny make a difference?
It would be super nice to have a setup that uses multiple CDNs w/ automatic failover.
Doable, but that removes all the free tiers of all the CDN's. AFAIK they all require an enterprise account to keep using ones own DNS and their own GSLB DNS failover. There are probably a few exceptions and one could maybe make something of that but I don't know which ones are the exceptions.