Pingora: Cloudflare’s High‑Performance Rust‑Based HTTP Proxy
This article explains how Cloudflare replaced NGINX with Pingora, a Rust‑written HTTP proxy that processes over a trillion daily requests, offering superior performance, efficiency, and security through a multithreaded design, custom HTTP library, and programmable request lifecycle.
Cloudflare announced that it has replaced NGINX with a new Rust‑based HTTP proxy called Pingora, which processes over a trillion requests per day.
NGINX’s worker‑process model caused load imbalance, limited connection reuse, and made adding advanced features difficult, prompting Cloudflare to evaluate three options and ultimately build its own proxy.
Pingora was designed with Rust for memory safety and performance, a custom HTTP library for flexibility, a multithreaded Tokio runtime for efficient connection sharing, and a programmable request‑lifecycle interface.
In production, Pingora reduces median TTFB by 5 ms, 95th‑percentile by 80 ms, cuts new connections to one‑third, improves connection‑reuse to 99.92 %, and saves roughly 70 % CPU and 67 % memory compared with the previous service.
The multithreaded architecture also lowers TLS handshake overhead and eliminates many NGINX limitations, while Rust’s safety guarantees have resulted in zero crashes from the service code despite processing billions of requests.
Overall, Pingora provides a faster, more efficient, and more secure internal proxy platform for Cloudflare’s current and future products.
Architect
Professional architect sharing high‑quality architecture insights. Topics include high‑availability, high‑performance, high‑stability architectures, big data, machine learning, Java, system and distributed architecture, AI, and practical large‑scale architecture case studies. Open to ideas‑driven architects who enjoy sharing and learning.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.