Cloudflare Open‑sources Pingora: A Rust‑Based Asynchronous HTTP Proxy Framework

In 2022 Cloudflare announced that it had replaced Nginx with an internally developed Rust‑based proxy called Pingora, aiming to create a faster, more efficient and more versatile platform for its current and future products.

Pingora has now been open‑sourced under the Apache License and its source code is hosted on GitHub at https://github.com/cloudflare/pingora .

Pingora is a Rust asynchronous multithreaded framework for building HTTP proxy services; it has been used inside Cloudflare for years and is reported to handle more than 40 million internet requests per second, having processed nearly a quadrillion requests across Cloudflare’s global network.

Key features of Pingora include: async Rust implementation, HTTP/1 and HTTP/2 end‑to‑end proxying, TLS support via OpenSSL or BoringSSL, gRPC and WebSocket proxying, graceful reloads, customizable load‑balancing and fail‑over strategies, and integration with various observability tools.

Cloudflare’s team wrote that they open‑source Pingora to help build a better, safer internet beyond their own infrastructure, hoping to provide tools, ideas and inspiration for others to build internet infrastructure with memory‑safe frameworks .

Pingora offers libraries and APIs to construct services on top of HTTP/1, HTTP/2, TLS or TCP/UDP; it also plans HTTP/3 support, and provides filters and callbacks that let users fully customize request handling, transformation and forwarding.

At runtime, Pingora supports zero‑downtime graceful restarts, allowing self‑upgrades without dropping inbound requests, and integrates easily with Syslog, Prometheus, Sentry, OpenTelemetry and other essential observability tools.

It is important to note that Pingora is still pre‑1.0, its API is not yet stable, and Cloudflare currently has no plans to support non‑Unix operating systems.

Cloudflare engineers, enthusiastic about Rust, rewrote Nginx modules in Rust last year, highlighting Rust’s safety advantages for implementing complex, previously “impossible” features such as a Wireshark‑style firewall rule language, running millions of user‑provided JavaScript snippets, and instant HTML rewriting.

However, OpenResty author Zhang Yichun, who previously worked on Cloudflare’s architecture, criticized the move, suggesting that the new engineers “couldn’t handle” Nginx and that rewriting the gateway in Rust was a step backward.

Related links: https://blog.cloudflare.com/pingora-open-source https://www.zhihu.com/question/554595029/answer/2683793513