Cloudflare Flagship

Original Article ↗ Hacker News Discussion ↗

Product positioning & comparisons

  • Flagship is seen as Cloudflare’s answer to services like LaunchDarkly, Vercel Flags, Statsig, and Firebase Remote Config.
  • Some note that Cloudflare is aligning with OpenFeature, which makes it easier to switch providers and integrate with existing SDKs.
  • Several commenters welcome a mature alternative to LaunchDarkly, especially from a provider they already use for other infra.

Debate: roll your own vs managed feature flags

  • Many argue feature flags are “just booleans in a database” or a JSON file, and question paying a third party.
  • Others counter that production use quickly needs segmentation, percentage rollouts, per‑customer/per‑user targeting, audit logs, RBAC, analytics integration, and fast/streaming updates.
  • Some report building homegrown systems that grew complex; others say simple setups (DB + minimal tooling) were sufficient for their scale.

Cloudflare platform strengths & weaknesses

  • Multiple users praise Cloudflare’s UX, free tier, and integration across Workers, storage, queues, and now email.
  • Others complain that newer products feel rushed or “alpha/beta,” with rough edges and reliability concerns.
  • There’s frustration that promised “enterprise-only features for all” (e.g., some Zero Trust and performance features) have not broadly arrived yet.

Security, permissions & billing

  • Lack of fine‑grained permissions and proper prod/staging separation is a blocking issue for some; having to use separate accounts breaks SSO patterns.
  • The JS client requiring a broad, non–app-scoped token worries people; Cloudflare staff indicate app-scoped tokens are in progress, prompting criticism for launching without them.
  • Some fear surprise bills and want hard spending limits; others say Cloudflare’s pricing and free rate limiting make catastrophic invoices unlikely, while Cloudflare leadership has said billing controls are being improved.

Architecture & best practices for flags

  • Discussion covers client vs server evaluation, local rule engines, periodic sync of rulesets, and zero‑network‑hop evaluation for performance and reliability.
  • Several emphasize governance: flags should usually be short‑lived, cleaned up promptly, and clearly distinguished from long‑term configuration or entitlements to avoid complexity and incident risk.

Broader concerns

  • Some worry about Cloudflare’s growing power over the web (DDoS protection, bot filtering, Turnstile captchas) and potential centralization harms.
  • Others remain enthusiastic, seeing Cloudflare as converging into a “one‑stop” infrastructure platform despite the trade‑offs.