What is a DaemonSet in Kubernetes and when would you use it?
A DaemonSet ensures that a copy of a pod runs on all (or specific) nodes in a Kubernetes cluster. When nodes are added to the cluster, the DaemonSet automatically schedules a pod on them.
How DaemonSets Work
Unlike Deployments which control a specific number of replicas, DaemonSets ensure one pod per matching node. When a node is removed, the pod is garbage collected.
Common Use Cases
- Log collection agents: Fluentd, Filebeat – collect logs from every node
- Monitoring agents: Prometheus Node Exporter, Datadog Agent – collect node metrics
- Network plugins: CNI plugins like Calico, Flannel run as DaemonSets
- Storage drivers: Ceph, GlusterFS storage daemons
- Security agents: Falco, Sysdig for runtime security monitoring
Example DaemonSet
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: node-exporter
namespace: monitoring
spec:
selector:
matchLabels:
app: node-exporter
template:
metadata:
labels:
app: node-exporter
spec:
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
containers:
- name: node-exporter
image: prom/node-exporter:latest
ports:
- containerPort: 9100DaemonSet vs Deployment
| Feature | DaemonSet | Deployment |
|---|---|---|
| Replicas | 1 per node | Fixed count |
| Scaling | Auto with nodes | Manual/HPA |
| Use case | Node-level services | Stateless apps |
Node Selection
Use nodeSelector or nodeAffinity to restrict a DaemonSet to specific nodes (e.g., only GPU nodes, only Linux nodes).