CKA Road Trip: What Is a DaemonSet¶
What It Is¶
A DaemonSet ensures exactly one copy of a pod runs on every node in the cluster. New node joins → pod automatically created on it. Node removed → pod goes with it.
Real Uses¶
- Log collectors (Fluentd, Filebeat)
- Monitoring agents (Prometheus node-exporter)
- Network plugins (Cilium, Flannel)
- kube-proxy itself is a DaemonSet
Anything that needs to run on every node, once per node.
vs Deployment¶
Deployment says: run N copies, put them wherever the scheduler decides.
DaemonSet says: run exactly one copy on every node, no exceptions.
vs Static Pod¶
| DaemonSet | Static Pod | |
|---|---|---|
| Managed by | controller manager | kubelet (file on disk) |
| Defined in | etcd via API server | /etc/kubernetes/manifests/ |
| kubectl works | yes | read-only mirror only |
| Survives control plane outage | no | yes |
| Use case | node-level agents | control plane bootstrap |
DaemonSet is a proper Kubernetes resource — updatable, rollbackable, kubectl works on it normally. Tradeoff: if the control plane goes down, the DaemonSet controller can't manage it.
Static pod has zero dependency on the control plane. The kubelet manages it from a file on disk directly.
The Decision Rule¶
Do you need this to survive a control plane outage?
- No → DaemonSet
- Yes → Static pod
In practice, almost nothing needs to survive a control plane outage except the control plane components themselves — which is exactly why they're static pods.
