The Fan overlay network for container addresses, from Canonical

This article is more than 9 year s old.


Today, Canonical introduces the Fan overlay network system in Ubuntu in test images for Amazon Web Services and Google Compute Engine, delivering the fastest and most scalable address expansion mechanism in the container world. The Fan enables cloud users to grow the number of Docker and LXD containers they can address in a single cloud environment.

“Containers provide dramatically improved performance and density over traditional hypervisors like ESX and KVM,” said Mark Shuttleworth.

Containers come in two complementary forms — full machine containers from  LXD and application-centric containers such as Docker or Rocket. Both feature incredible density – Canonical has demonstrated thousands of full Ubuntu machines hosted on a single server using LXD.

The Fan overlay network for containers expands address space 250x on each container host.

Ideally, each individual containers is directly addressable by every other container within a virtual private cloud.  A real challenge for large scale container users is that the density of container deployments causes them to run out of addresses very quickly. The Fan is a new approach to solving this, giving any cloud user 250x the number of addresses they would normally have access to in a cloud environment.

The Fan is not a software-defined network, and relies on neither distributed databases nor consensus protocols.  Rather, routes are calculated deterministically and traffic carries no additional overhead beyond routine IP tunneling.  Canonical engineers have already demonstrated The Fan operating at 5Gpbs between two Docker containers on separate hosts.

Documentation is available in the Fan Networking wiki page.  A detailed walk through is found in this blog post and screen cast.  An end user manual is available on any Fan-enabled system by typing, ‘man fanctl‘.

ubuntu logo

What’s the risk of unsolved vulnerabilities in Docker images?

Recent surveys found that many popular containers had known vulnerabilities. Container images provenance is critical for a secure software supply chain in production. Benefit from Canonical’s security expertise with the LTS Docker images portfolio, a curated set of application images, free of vulnerabilities, with a 24/7 commitment.

Integrate with hardened LTS images ›

Newsletter signup

Get the latest Ubuntu news and updates in your inbox.

By submitting this form, I confirm that I have read and agree to Canonical's Privacy Policy.

Related posts

Implementing an Android™ based cloud game streaming service with Anbox Cloud

Since the outset, Anbox Cloud was developed with a variety of use cases for running Android at scale. Cloud gaming, more specifically for casual games as...

Docker container security: demystifying FIPS-enabled containers with Ubuntu Pro

In today’s rapidly changing digital environment, the significance of robust Docker container security measures cannot be overstated. Even the containerised...

Containerization vs. Virtualization : understand the differences

Containerization vs. Virtualization : understand the differences and benefits of each approach, as well as connections to cloud computing.