<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Cloudflare on Azarudeen.com</title><link>http://azarudeen.com/tags/cloudflare/</link><description>Recent content in Cloudflare on Azarudeen.com</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Tue, 01 Jul 2025 10:00:00 +0530</lastBuildDate><atom:link href="http://azarudeen.com/tags/cloudflare/index.xml" rel="self" type="application/rss+xml"/><item><title>Agents On Call: DNS Races, Feature Files, and the AI-Assisted Postmortem</title><link>http://azarudeen.com/posts/11-jul-2025-to-present-agents-on-call/</link><pubDate>Tue, 01 Jul 2025 10:00:00 +0530</pubDate><guid>http://azarudeen.com/posts/11-jul-2025-to-present-agents-on-call/</guid><description>&lt;h1 id="agents-on-call-jul-2025--jul-2026"&gt;Agents On Call (Jul 2025 – Jul 2026)&lt;/h1&gt;
&lt;p&gt;This window opened with a brutal autumn: within a month, AWS, Azure, and
Cloudflare each suffered a headline global outage, making &amp;ldquo;the internet is three
companies in a trench coat&amp;rdquo; a mainstream news take. Meanwhile the biggest
&lt;em&gt;practice&lt;/em&gt; shift since the SRE book has been underway — AI agents moving from
summarizing incidents to responding to them.&lt;/p&gt;
&lt;h2 id="the-incidents-defining-the-period-so-far"&gt;The incidents defining the period (so far)&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;AWS us-east-1, October 20, 2025&lt;/strong&gt; — A &lt;strong&gt;latent race condition in DynamoDB&amp;rsquo;s
automated DNS management&lt;/strong&gt; produced an empty DNS record for the regional
endpoint; the automation couldn&amp;rsquo;t self-repair, and failures cascaded through
the many AWS services (and thousands of customer apps) that depend on DynamoDB
in us-east-1. Roughly 14–15 hours of disruption; Snapchat alone drew ~3 million
outage reports. The most consequential us-east-1 event since December 2021 —
and an &amp;ldquo;automation deadlock&amp;rdquo; case study: the fix required humans to disable
the automation that was supposed to prevent exactly this.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Azure Front Door, October 29, 2025&lt;/strong&gt; — An inadvertent configuration change
broke Microsoft&amp;rsquo;s global edge/CDN layer for ~8 hours, taking down the Azure
portal, M365 entry points, and customer sites — days before earnings, a week
after AWS&amp;rsquo;s turn. A separate &lt;strong&gt;East US2 networking config outage lasting
roughly 50 hours&lt;/strong&gt; underlined that regional incidents can now outlast news
cycles.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Cloudflare, November 18, 2025&lt;/strong&gt; — A database permissions change caused the
Bot Management &lt;strong&gt;feature file to double in size&lt;/strong&gt;, exceeding a hard-coded
limit in the core proxy; processes crash-looped globally. X, ChatGPT, and
Canva threw 5xx errors for hours. Cloudflare&amp;rsquo;s same-week postmortem
(&lt;a href="https://blog.cloudflare.com/18-november-2025-outage/"&gt;blog.cloudflare.com&lt;/a&gt;)
echoed their 2019 regex writeup: an internally-generated &amp;ldquo;content&amp;rdquo; artifact,
globally propagated, hitting an untested limit.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Cloudflare, December 5, 2025 and February 20, 2026&lt;/strong&gt; — A ~25-minute traffic
outage, then a BGP withdrawal affecting Bring-Your-Own-IP customers — smaller
events, but notable for the now-routine speed and detail of disclosure.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;&lt;em&gt;(This is a living post, updated through July 2026.)&lt;/em&gt;&lt;/p&gt;</description></item><item><title>One Regex and a Pandemic: Global Blast Radius Meets Global Load</title><link>http://azarudeen.com/posts/06-apr-2019-to-jun-2020-one-regex-and-a-pandemic/</link><pubDate>Mon, 01 Apr 2019 10:00:00 +0530</pubDate><guid>http://azarudeen.com/posts/06-apr-2019-to-jun-2020-one-regex-and-a-pandemic/</guid><description>&lt;h1 id="one-regex-and-a-pandemic-apr-2019--jun-2020"&gt;One Regex and a Pandemic (Apr 2019 – Jun 2020)&lt;/h1&gt;
&lt;p&gt;This window bookends neatly: it opens with self-inflicted global outages at
Cloudflare and Google that sharpened the industry&amp;rsquo;s thinking about staged
rollouts, and closes with COVID-19 stress-testing every capacity plan on Earth.&lt;/p&gt;
&lt;h2 id="the-incidents-that-defined-the-period"&gt;The incidents that defined the period&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Google Cloud, June 2, 2019&lt;/strong&gt; — A maintenance automation event descheduled
network control-plane jobs across multiple regions; congestion throttled
Google Cloud, YouTube, and Gmail for ~4 hours. The postmortem detail everyone
remembers: &lt;strong&gt;the outage impaired the tools engineers needed to fix the outage.&lt;/strong&gt;&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Cloudflare, July 2, 2019&lt;/strong&gt; — A single WAF rule containing a
&lt;strong&gt;catastrophically backtracking regex&lt;/strong&gt; was pushed globally (WAF rules were
exempt from staged rollout, by design, for emergency response) and pinned every
CPU on Cloudflare&amp;rsquo;s edge. 27 minutes of global 502s, and one of the finest
postmortems ever written
(&lt;a href="https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/"&gt;blog.cloudflare.com&lt;/a&gt;) —
including a mini-lecture on regex complexity and why their kill switch was slow.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Verizon BGP route leak, June 24, 2019&lt;/strong&gt; — A small ISP&amp;rsquo;s route optimizer leaked
routes through Verizon, blackholing chunks of the internet including Cloudflare.
Cloudflare&amp;rsquo;s blunt public writeup (&amp;ldquo;a small heart attack&amp;rdquo;) pushed RPKI adoption
into the mainstream.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Stripe, July 2019&lt;/strong&gt; — Two coupled database failures; Stripe published a
detailed root-cause report, notable for a payments company.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Salesforce, May 2019&lt;/strong&gt; — A database script granted broad permissions across
orgs; the remediation (revoking permissions widely) caused more disruption than
the bug. Recovery-as-second-incident became a named pattern.&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;COVID-19 surge, March–June 2020&lt;/strong&gt; — Zoom grew ~30x; Robinhood suffered
repeated trading-day outages (thundering-herd load on launch-day architecture);
streaming services voluntarily degraded quality in Europe; unemployment systems
running on mainframes buckled. Not one incident but a planetary load test.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2 id="what-the-postmortems-reveal"&gt;What the postmortems reveal&lt;/h2&gt;
&lt;p&gt;&lt;strong&gt;1. Emergency paths are the most dangerous paths.&lt;/strong&gt; Cloudflare&amp;rsquo;s WAF pipeline
skipped staged rollout &lt;em&gt;on purpose&lt;/em&gt; — speed against attackers. The lesson wasn&amp;rsquo;t
&amp;ldquo;never ship fast&amp;rdquo; but &amp;ldquo;your fastest pipeline needs the strongest circuit
breakers.&amp;rdquo; Global-instant anything became a red flag in design reviews.&lt;/p&gt;</description></item></channel></rss>