flannel

Flannel is a networking tool designed for Kubernetes, the system many companies use to run and manage large numbers of containers across multiple servers. The core problem it solves is giving each container its own unique IP address on the network, so containers can talk to each other directly without the complexity of mapping ports on a shared server address.

The way flannel works is by running a small background program called flanneld on each server (called a node) in the cluster. Each node gets assigned its own private block of IP addresses. When a container on one node wants to send data to a container on another node, flannel handles the translation and forwarding. It uses a technique called VXLAN by default, which wraps the traffic in an outer layer so it can travel across the physical network between servers. The network configuration is stored either in the Kubernetes API itself or in a separate key-value store called etcd.

Flannel only handles the traffic-between-servers part of networking. It does not control policies about which containers are allowed to talk to which; that is left to other tools. The README notes that projects like Calico can be layered on top if network policy enforcement is needed.

Deploying flannel on a Kubernetes cluster can be done with a single command using kubectl, or through Helm (a Kubernetes package manager). It is also commonly included automatically in lightweight Kubernetes distributions like K3s, so many users get it without any manual setup. It can also be used outside of Kubernetes alongside Docker, in which case it requires etcd as the configuration store.

Flannel is written in Go and licensed under the Apache 2.0 license. The project has a public Slack community, holds monthly maintainer meetings, and publishes a roadmap on GitHub.