Container Networking Done Better
Midokura Enterprise MidoNet brings enterprise class networking to any Container-as-a-Service (CaaS) of choice for deploying applications. Containers share the same operating system kernel, run on the same machine, include the application and all of its dependencies. Containers start instantly, are lightweight & provide application portability.
Tenant Isolation
Unlike kernel-based technologies that offer limited tenant isolation, SDN-enabled container networking from Enterprise MidoNet gives you robust tenant-level isolation that keep communications between services separate in their respective environments like Dev/Test, Staging and Production.
Robust Security
More advanced than standard security groups, MidoNet rule chains let you whitelist and apply fine-grain security policies at the virtual bridge, router, container and down to the port level for traffic filtering.
Network Visibility
Get intelligent correlation between the overlay and underlay for proactive application management. It can analyze flows with protocol-based filters and give insights into traffic patterns over the long term without loss of granularity.
Dynamic Scalability
Perform logical simulation of the network path for high volume traffic in today’s clouds. It can handle graceful execution for ephemeral containers and long running services.
Microservices Drive Containerization
Container orchestration tools make it easier to deploy multi-container workloads on a cluster of machines. Automating all aspects of application lifecycle management like initial placement, scheduling, update, health monitoring, scaling, and failover with a few simple clicks. With MidoNet as the SDN, you can make your network as agile as your application requires.

Scaling and Securing Containers in Production
OpenStack Project Kuryr brings production-ready SDN networking from MidoNet to the container world.
Container Networking in an OpenStack World
Ancestry’s OpenStack & Docker Journey in an OpenStack World
Docker Networking in an OpenStack World
Networking in Container Orchestration
Every pod in Kubernetes has a unique IP address. Every IP is routable, the IP address is the same for internal and external traffic making service discovery very simple.Simple is not ideal. Native Kubernetes networking allocates subnets by node. Tenant resource utilization can be unpredictable. Underutilization can lead to suboptimal resource distribution.
Unlike other container networking implementations, Midokura Enterprise MidoNet (MEM) allocates subnets by namespaces, and lets you spawn as many pods per node as you need with no limit and lets you assign IPs to pods on different nodes to the same subnet.