Author’s avatar
Thomas Ptacek
Author
Thomas Ptacek
By Thomas Ptacek
5 min Read

Fly.io Is Hiring Rust Developers

Fly.io runs apps close to users. We transmogrify Docker containers into Firecracker micro-VMs that run on our hardware around the world, and connect all of them to a global Anycast network that picks up requests from around the world and routes th...

Read more 

Read more
By Thomas Ptacek
5 min Read

Fly.io Is Hiring Technical Writers

We write a lot at Fly.io. It’s our most important tool for reaching potential customers. We write mostly in 3 different places: In our documentation, which is all public and online, and which (of course) targets people already working with our ...

Read more 

Read more
By Thomas Ptacek
26 min Read

API Tokens: A Tedious Survey

This is not really a post about Fly.io, though I'll talk about us a little up front to set the scene. The last several weeks of my life have been about API security. I'm working on a new permissions system for Fly.io, and did a bunch of resea...

Read more 

Read more
By Thomas Ptacek
10 min Read

Hooking Up Fly Metrics

We’ve written a bit, for a general audience, about how Fly collects and manages metrics. If you’re just sort of generally interested in metrics and observability, go read that first. Meanwhile, if you’re a Fly user, or considering becoming such a...

Read more 

Read more
By Thomas Ptacek
12 min Read

Fly's Prometheus Metrics

We should talk a bit about metrics and measurement and stuff, because they’re how we all know what’s going on. There’s two reasons we’ve written this post. The first is just that we think this stuff is interesting, and that the world can always us...

Read more 

Read more
By Thomas Ptacek
13 min Read

Docker without Docker

Even though most of our users deliver software to us as Docker containers, we don’t use Docker to run them. Docker is great, but we’re high-density multitenant, and despite strides, Docker’s isolation isn’t strong enough for that. So, instead, we...

Read more 

Read more
By Thomas Ptacek
11 min Read

SSH and User-mode IP WireGuard

But Fly is kind of an odd duck. We run hardware in data centers around the world, connected to the Internet via Anycast and to each other with a WireGuard mesh. We take Docker-type containers from users and transmogrify them into Firecracker micro...

Read more 

Read more
By Thomas Ptacek & Dj Walker-Morgan
10 min Read

You should know about Server-Side Request Forgery

This is a post about the most dangerous vulnerability most web applications face, one step that we took at Fly to mitigate it, and how you can do the same. Server-side request forgery (SSRF) is application security jargon for “attackers can get ...

Read more 

Read more
By Thomas Ptacek
16 min Read

Building clusters with serf, my new favorite thing

Assume for a second we’d like to see what happens when a web page loads in a browser in Singapore. Easy enough; Fly.io will take a container image you throw at it, transform it into a Firecracker VM, and run it in Singapore. Getting Up And Runnin...

Read more 

Read more
By Thomas Ptacek
11 min Read

IPv6 WireGuard Peering

They say that when you’re starting a product company, it’s a better plan to chase down something a bunch of people will really love a lot than it is to try to build something that everyone will just like a little bit. So when Fly.io launched, it h...

Read more 

Read more
By Thomas Ptacek
6 min Read

Incoming! 6PN Private Networks

More often than not, modern applications are really ensembles of cooperating services, running independently and transacting with each other over the network. At Fly.io, we’d like it to be not just possible to express these kinds of applications, ...

Read more 

Read more
By Thomas Ptacek
17 min Read

BPF, XDP, Packet Filters and UDP

Imagine for a moment that you run a content distribution network for Docker containers. You take arbitrary applications, unmodified, and get them to run on servers close to their users around the world, knitting those servers together with WireGua...

Read more 

Read more