Multi-Tenant Telemetry at the Edge: A Cloudflare Workers Architecture
How we built a globally distributed, multi-tenant telemetry ingestion pipeline using Cloudflare Workers, Durable Objects, and OTLP-compatible endpoints.
How we built a globally distributed, multi-tenant telemetry ingestion pipeline using Cloudflare Workers, Durable Objects, and OTLP-compatible endpoints.
The Challenge
Building a telemetry platform that serves multiple tenants with:
- **Global low-latency ingestion** - logs from edge locations worldwide
- **Tenant isolation** - no data leakage between tenants
- **Scalability** - handle burst traffic without cold starts
- **Cost efficiency** - pay only for what you use
Architecture Overview
Our edge ingestion layer runs on Cloudflare Workers with:
- **Workers for HTTP/OTLP ingestion** - receives logs via HTTP or OTLP protocol
- **Durable Objects for tenant state** - tracks per-tenant rate limits and configuration
- **Queues for processing** - decouples ingestion from processing
- **R2 for log buffering** - temporary storage before downstream processing
Key Design Decisions
OTLP Compatibility
We implemented OTLP HTTP/JSON support directly in Workers, so existing instrumentation libraries work without modification. This was critical for adoption.
Tenant Isolation via Durable Objects
Each tenant gets a Durable Object that: - Enforces rate limits - Validates API keys - Maintains tenant-specific configuration
Edge-Native Processing
Heavy processing (parsing, enrichment) happens in the next layer. Edge Workers focus on: - Fast acknowledgment - Tenant routing - Basic validation
Results
- **P99 ingestion latency**: <50ms globally
- **Tenant isolation**: 100% - no cross-tenant data access
- **Cost**: 10x cheaper than centralized ingestion for our workload