The Fly Blog

News, tips, and tricks from the team at Fly

20 min

Docker without Docker

Even though most of our users deliver software to us as Docker containers, we don’t use Docker to run them. Docker is great, but we’re high-density multitenant, and despite strides, Docker’s isolation isn’t strong enough for that. So, instead, we...

Read more  

Read more
16 min

The 5-hour CDN

The term "CDN" ("content delivery network") conjures Google-scale companies managing huge racks of hardware, wrangling hundreds of gigabits per second. But CDNs are just web applications. That's not how we tend to think of them, but that's all the...

Read more  

Read more
14 min

SSH and User-mode IP WireGuard

But Fly is kind of an odd duck. We run hardware in data centers around the world, connected to the Internet via Anycast and to each other with a WireGuard mesh. We take Docker-type containers from users and transmogrify them into Firecracker micro...

Read more  

Read more
7 min

Elixir is amazing – coincidentally, we're hiring Elixir dev advocates

Fly is a hosting platform for applications. Our users give us containers; we transmute them into fleets of Firecracker micro-VMs and run them on a WireGuard-backed Anycast network that runs application code close to users, anywhere in the world. D...

Read more  

Read more
13 min

Persistent Storage and Fast Remote Builds

If you’ve been keeping up with us at Fly, you may be picking up on a bit of a narrative with us. Fly launched, in the long-long-ago, with a somewhat narrow use case. We took containers from our customers and transmogrified them into fleets of Fire...

Read more  

Read more
12 min

The Tokio Upgrade from 0.2 to 1.x

At Fly.io, we run a Rust-based load-balancer which handles almost all of our traffic. It stands on the shoulders of Tokio and Hyper. When the Tokio team announced 0.3 and then 1.0, we figured we'd have to upgrade sooner than later to access relate...

Read more  

Read more
19 min

You should know about Server-Side Request Forgery

This is a post about the most dangerous vulnerability most web applications face, one step that we took at Fly to mitigate it, and how you can do the same. Server-side request forgery (SSRF) is application security jargon for “attackers can get ...

Read more  

Read more
17 min

The January 2021 Fly ChangeLog

If you missed 2020, lucky you, to get you all caught up, here's our Previously On Fly segment. Caught up? Good. And now here is the Fly ChangeLog, covering the end of December 2020 to January 2021. 6PN Networking and IPv6 WireGuard VPNsLet your a...

Read more  

Read more
2 min

Fly In 2020 - A year in features (and articles)

TL:DR; Launch, Turboku, Custom Domains, Scaling, One-Click Apps, Persistent Storage, Private Networking and Wireguard VPNs. Fly's had an unprecedented year, along with everyone else. For us, it was bringing our Application Platform to the world, a...

Read more  

Read more
1 min

How to build a global message service with NATS

There are actually two examples that make up this example. One example is a Websocket-based chat that relays its messages through that NATS cluster. The other part is that NATS cluster, configured as a global messaging cluster that you can install...

Read more  

Read more
24 min

Building clusters with serf, my new favorite thing

Assume for a second we’d like to see what happens when a web page loads in a browser in Singapore. Easy enough; Fly.io will take a container image you throw at it, transform it into a Firecracker VM, and run it in Singapore. Getting Up And Runnin...

Read more  

Read more
2 min

Get fly with your Fly command line

The command... It started off as flyctl but we kept being asked when would the command become fly. "Why not both?" we said and now, on most platforms, you can use flyctl or fly interchangeably. Boom! Three keystrokes saved! The current app... ...

Read more  

Read more