In the ever-evolving world of container orchestration, Kubernetes stands out for its flexibility and power. Among its many resource objects, DaemonSet plays a crucial role in managing background tasks and system-level operations that need to run on every node in the cluster. In this blog post, we’ll explore what a DaemonSet is, when to use it, and how to deploy one effectively.
DaemonSet
A DaemonSet ensures that a copy of a specific Pod runs on all (or some) nodes in the Kubernetes cluster. When new nodes are added to the cluster, the DaemonSet automatically schedules the pod on them. Conversely, when nodes are removed, their DaemonSet pods are garbage-collected.
Typical Use Cases
- Running log collection agents (e.g., Fluentd, Filebeat)
- Monitoring agents like Prometheus Node Exporter
- Network infrastructure tools (e.g., CNI plugins, Kube-proxy)
- Storage daemons that need to run on every node (e.g., GlusterFS, Ceph)
How Does It Work?
Unlike a Deployment or a ReplicaSet, which schedules pods based on availability and desired replica count, a DaemonSet is tied to node-level behavior. Kubernetes controllers monitor nodes and ensure the defined DaemonSet Pod is running on each one.
Writing a DaemonSet YAML
Here’s a minimal example of a DaemonSet that runs a simple log collector container on all nodes:
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: log-collector
labels:
app: log-collector
spec:
selector:
matchLabels:
app: log-collector
template:
metadata:
labels:
app: log-collector
spec:
containers:
- name: log-collector
image: busybox
command: ["sh", "-c", "while true; do echo Hello from the DaemonSet; sleep 10; done"]
Save this as daemonset.yaml and apply it with:
kubectl apply -f daemonset.yaml
You can check the DaemonSet with:
kubectl get daemonsets
And see where the pods are running:
kubectl get pods -o wide
Advanced Configurations
- Node Selectors / Affinity: Run DaemonSets only on specific nodes.
- Tolerations: Allow DaemonSets to run on tainted nodes.
- Rolling Updates: Since Kubernetes 1.6, DaemonSets support rolling updates via .spec.updateStrategy.type = RollingUpdate.
updateStrategy:
type: RollingUpdate
DaemonSet vs Deployment
| Feature | DaemonSet | Deployment |
|---|---|---|
| Scheduling | One pod per node | Multiple pods per cluster |
| Use Case | Node-specific tasks (logs, monitoring) | App lifecycle management |
| Update Strategy | Rolling or OnDelete | Rolling updates by default |
Best Practices
- Use resource requests/limits to avoid overwhelming nodes.
- Combine with RBAC for security if the pods require access to host-level resources.
- Use namespace separation for infrastructure-level DaemonSets.
Conclusion
DaemonSets are an essential tool in the Kubernetes toolbox, especially when you need to maintain a node-wide presence of system or monitoring tools. Understanding how and when to use them can simplify the management of distributed system components across your cluster.
Whether you’re deploying a log shipper or configuring a node-specific agent, DaemonSet provides the control and reliability Kubernetes is known for.