Fly Kubernetes features
Fly Kubernetes benefits from the features of the Fly.io platform.
Fly.io infrastructure
FKS is built on top of Fly.io infrastructure:
- Compute is backed by Fly Machines, our fast-launching VMs built with Firecracker.
- Volumes are handled with Fly Volumes; local, fast NVMe drives.
- Networking is built on our internal WireGuard mesh with routing performed by Fly Proxy.
Cluster scalability
Pods are scheduled across our fleet of bare-metal servers, not limited to a specific node. Workloads are automatically distributed across the fleet, enabling a cluster to scale with ease.
Security
With Fly Kubernetes, you get all the security benefits of our platform.
- Private network traffic flows over our internal WireGuard mesh, ensuring it is encrypted.
- FKS clusters are secured within a private VPN.
- Compute is built on Firecracker microVMs — lightweight and secure virtual machines. This provides improved isolation guarantees ensuring your application code is safe.
- Volumes are encrypted at rest for additional protection of the data on the volume.
- Secrets are automatically stored in an encrypted vault.
Simple and secure client authentication
Connect to your cluster using kubectl. Clients are authenticated with our API tokens. They expire after an hour and are rotated automatically after expiration.
Not supported
There are a few features we don’t support yet but are part of the roadmap:
- Sidecars and init processes
- EmptyDir volumes
- Horizontal pod autoscaling
- Network policies
- CronJob
Features we don’t support:
- Node affinity
- Inter-pod (anti) affinity
- DaemonSets
Pricing
See the pricing page for information on FKS pricing.