Skip to main content

Introduction to Cloudflare Workers

Cloudflare Workers is a serverless application platform that runs directly on Cloudflare's global edge network. Unlike traditional cloud computing where your code lives in a specific region (like us-east-1), Workers deploy to over 300 cities worldwide simultaneously.

Learning Focus

By the end of this module, you will understand how the V8 Isolate architecture enables zero cold starts, how it differs from Node.js, and when to choose Workers over traditional Docker containers or AWS Lambda.

The V8 Isolate Architecture

Traditional Serverless (like AWS Lambda) relies on spinning up lightweight microVMs or containers. This process takes time, resulting in infamous "cold starts" that can add 500ms to 2s of latency to the first request.

Cloudflare Workers bypasses containers entirely. Instead, it uses V8 Isolates — the exact same sandboxing technology that Google Chrome uses to run JavaScript securely in your browser.

flowchart TD
    subgraph "Traditional Serverless (MicroVM/Container)"
        OS1[Host OS] --> VM1[MicroVM] --> Node1[Node.js Runtime] --> Code1[Your Code]
    end
    
    subgraph "Cloudflare Workers (V8 Isolates)"
        OS2[Host OS] --> V8[V8 Runtime]
        V8 --> ISO1[Isolate 1: Your Code]
        V8 --> ISO2[Isolate 2: Another App]
        V8 --> ISO3[Isolate 3: Another App]
    end

    style OS1 fill:#f3f4f6,stroke:#9ca3af
    style OS2 fill:#f3f4f6,stroke:#9ca3af
    style VM1 fill:#fed7aa,stroke:#f97316
    style Node1 fill:#bbf7d0,stroke:#22c55e
    style V8 fill:#bfdbfe,stroke:#3b82f6
    style ISO1 fill:#fef08a,stroke:#eab308

Benefits of Isolates

FeatureContainers / VM ServerlessCloudflare Workers (V8)
Startup Time (Cold Start)500ms - 2000msUnder 5ms (Often 0ms)
Memory Overhead128MB - 256MB base~3MB per isolate
Execution LocationSingle fixed region300+ edge locations globally
Context SwitchingOS-level heavy context switchesFast V8 engine context switches

Differences from Node.js

Because Workers run in a V8 Isolate and not a Node.js process, you do not have unrestricted access to the underlying operating system.

What You CANNOT Do

  1. File System Access: There is no fs module. You cannot read or write local files.
  2. Native Node.js Modules: While Cloudflare has added polyfills for modules like crypto or buffer, you cannot use modules that rely on C++ native extensions (like sharp or bcrypt).
  3. Open TCP Sockets (Freely): While standard fetch() is fully supported, raw TCP and UDP require specific Worker bindings.

What You CAN Do

  1. Standard Web APIs: Workers heavily implement browser standards. If you know fetch(), Request, Response, URL, Crypto, and Streams, you already know how to write a Worker.
  2. NPM Packages: You can use any NPM package that does not rely on Node.js-specific modules or native binaries (thousands of pure JavaScript/TypeScript packages work perfectly).

Core Capabilities

Workers are not just for modifying HTTP headers or simple redirects. They are a fully-fledged compute platform:

  • APIs and Microservices: Build complete REST or GraphQL APIs connecting to D1 Database or KV.
  • SSR / UI Frameworks: Host Nuxt, Next.js (edge mode), SvelteKit, and Remix applications directly on the edge.
  • Middleware: Intercept traffic to your existing origin server to add authentication, JWT validation, or A/B testing dynamically.
  • Streaming: Stream large audio/video files or handle long-lived WebSocket connections.

Best Use Cases

ScenarioWhy Workers is a good fit
Global APIsUsers in Tokyo and Paris both get single-digit millisecond latency because the API code executes in their respective cities.
Authentication GatewayCheck JWTs or API keys at the edge before traffic ever hits your origin server, blocking invalid requests instantly.
PersonalizationRead a user's location or cookie and dynamically re-write HTML at the edge before serving the response.

When NOT to use Workers

  • Heavy Data Processing: Rendering complex video, training ML models, or tasks taking >30 seconds of pure CPU crunching are better suited for traditional instances (EC2, DigitalOcean).
  • Legacy Lift-and-Shift: If an app requires reading local log files, saving SQLites to disk, or making internal VPC calls via specific IP addresses without Zero Trust setups.

What's Next

Now that you understand the "Why" and the "How it works" under the hood, let's learn how to actually build and deploy one.

Continue to Module 2: Wrangler CLI to set up your local development environment.