DaemonSets

Understanding DaemonSets

Refer to the official Kubernetes documentation: DaemonSets

A DaemonSet is a Kubernetes controller that ensures all (or a subset of) cluster nodes run exactly one replica of a specified Pod. Unlike Deployments, DaemonSets are node-centric rather than application-centric, making them ideal for deploying cluster-wide infrastructure services such as log collectors, monitoring agents, or storage daemons.

WARNING

DaemonSet Operational Notes

Behavior Characteristics
- Pod Distribution: A DaemonSet deploys exactly one Pod replica per schedulable Node that matches its criteria:
  - Deploys exactly one Pod replica per schedulable node matching:
    - Matches nodeSelector or nodeAffinity criteria (if specified).
    - Is not in the NotReady state.
    - Does not have NoSchedule or NoExecute Taints unless corresponding Tolerations are configured in the Pod Template.
- Pod Count Formula: The number of Pods managed by a DaemonSet equals the number of qualified Nodes.
- Dual-Role Node Handling: Nodes serving both Control Plane and Worker Node roles will only run one Pod instance of the DaemonSet, regardless of their role labels, provided they are schedulable.
Key Constraints (Excluded Nodes)
- Nodes explicitly marked Unschedulable: true (e.g., via kubectl cordon).
- Nodes with a NotReady status.
- Nodes having incompatible Taints without matching Tolerations configured in the DaemonSet's Pod Template.

Creating DaemonSets

Creating a DaemonSet by using CLI

Prerequisites

Ensure you have kubectl configured and connected to your cluster.

YAML file example

# example-daemonSet.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: fluentd-elasticsearch
  namespace: kube-system
  labels:
    k8s-app: fluentd-logging
spec:
  selector: # defines how the DaemonSet identifies its managed Pods. Must match `template.metadata.label`s.
    matchLabels:
      name: fluentd-elasticsearch
  updateStrategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
  template: # defines the Pod Template for the DaemonSet. Each Pod created by this DaemonSet will conform to this template
    metadata:
      labels:
        name: fluentd-elasticsearch
    spec:
      tolerations: # these tolerations are to have the daemonset runnable on control plane nodes, remove them if your control plane nodes should not run pods
        - key: node-role.kubernetes.io/control-plane
          operator: Exists
          effect: NoSchedule
        - key: node-role.kubernetes.io/master
          operator: Exists
          effect: NoSchedule
      containers:
        - name: fluentd-elasticsearch
          image: quay.io/fluentd_elasticsearch/fluentd:v2.5.2
          resources:
            limits:
              memory: 200Mi
            requests:
              cpu: 100m
              memory: 200Mi
          volumeMounts:
            - name: varlog
              mountPath: /var/log
      # it may be desirable to set a high priority class to ensure that a DaemonSet Pod
      # preempts running Pods
      # priorityClassName: important
      terminationGracePeriodSeconds: 30
      volumes:
        - name: varlog
          hostPath:
            path: /var/log

Creating a DaemonSet via YAML

# Step 1: To create the DaemonSet defined in *example-daemonSet.yaml*, execute the following command
kubectl apply -f example-daemonSet.yaml

# Step 2: To verify the creation and status of your DaemonSet and its associated Pods:
kubectl get daemonset fluentd-elasticsearch # View DaemonSet
kubectl get pods -l name=fluentd-elasticsearch -o wide # Check Pods managed by this DaemonSet on specific nodes

Creating a DaemonSet by using web console

Prerequisites

Obtain the image address. The source of the images can be from the image repository integrated by the platform administrator through the toolchain or from third-party platforms' image repositories.

For the former, the Administrator typically assigns the image repository to your project, and you can use the images within it. If the required image repository is not found, please contact the Administrator for allocation.
If it is a third-party platform's image repository, ensure that images can be pulled directly from it in the current cluster.

Procedure - Configure Basic Info

Container Platform, navigate to Workloads > DaemonSets in the left sidebar.
Click Create DaemonSet.
Select or Input an image, and click Confirm.

INFO

Note: When using images from the image repository integrated into web console, you can filter images by Already Integrated. The Integration Project Name, for example, images (docker-registry-projectname), which includes the project name projectname in this web console and the project name containers in the image repository.

In the Basic Info section, configure declarative parameters for DaemonSet workloads:

Parameters Description

Parameters	Description
More > Update Strategy	Configures the `rollingUpdate` strategy for zero-downtime updates of DaemonSet Pods. Max unavailable (`maxUnavailable`): The maximum number of Pods that can be temporarily unavailable during an update. Accepts absolute values (e.g., 1) or percentages (e.g., 10%). Example: If there are 10 nodes and maxUnavailable is 10%, then floor(10 * 0.1) = 1 Pod can be unavailable. Notes: Default Values: If not explicitly set, `maxSurge` defaults to 0 and `maxUnavailable` defaults to 1 (or 10% if `maxUnavailable` is specified as a percentage). Non-running Pods: Pods in states like `Pending` or `CrashLoopBackOff` are considered unavailable. Simultaneous Constraints: `maxSurge` and `maxUnavailable` cannot both be 0 or 0%. If percentage values resolve to 0 for both parameters, Kubernetes forces `maxUnavailable=1` to ensure update progress.

More > Update Strategy

Configures the rollingUpdate strategy for zero-downtime updates of DaemonSet Pods.
Max unavailable (maxUnavailable): The maximum number of Pods that can be temporarily unavailable during an update. Accepts absolute values (e.g., 1) or percentages (e.g., 10%).
Example: If there are 10 nodes and maxUnavailable is 10%, then floor(10 * 0.1) = 1 Pod can be unavailable.

Notes:

Default Values: If not explicitly set, maxSurge defaults to 0 and maxUnavailable defaults to 1 (or 10% if maxUnavailable is specified as a percentage).
Non-running Pods: Pods in states like Pending or CrashLoopBackOff are considered unavailable.
Simultaneous Constraints: maxSurge and maxUnavailable cannot both be 0 or 0%. If percentage values resolve to 0 for both parameters, Kubernetes forces maxUnavailable=1 to ensure update progress.

Procedure - Configure Pod

Pod section, please refer to Deployment - Configure Pod

Procedure - Configure Containers

Containers section, please refer to Deployment - Configure Containers

Procedure - Create

Click Create.

After clicking Create, the DaemonSet will:

✅ Automatically deploy Pod replicas to all eligible Nodes meeting:
- nodeSelector criteria (if defined).
- tolerations configuration (allowing scheduling on tainted nodes).
- Node is in Ready state and Schedulable: true.
❌ Excluded Nodes:
- Nodes with a NoSchedule taint (unless explicitly tolerated).
- Manually cordoned Nodes (kubectl cordon).
- Nodes in NotReady or Unschedulable states.

Managing DaemonSets

Managing a DaemonSet by using CLI

Viewing a DaemonSet

To get a summary of all DaemonSets in a namespace.
```
kubectl get daemonsets -n <namespace>
```
To get detailed information about a specific DaemonSet, including its events and Pod status
```
kubectl describe daemonset <daemonset-name>
```

Updating a DaemonSet

When you modify the Pod Template of a DaemonSet (e.g., changing the container image or adding a volume mount), Kubernetes automatically performs a rolling update by default (if updateStrategy.type is RollingUpdate, which is the default).

First, edit the YAML file (e.g., example-daemonset.yaml) with the desired changes, then apply it:
```
kubectl apply -f example-daemonset.yaml
```

You can monitor the progress of the rolling update:

kubectl rollout status daemonset/<daemonset-name>

Deleting a DaemonSet

To delete a DaemonSet and all the Pods it manages:

kubectl delete daemonset <daemonset-name>

Managing a DaemonSet by using web console

Viewing a DaemonSet

Container Platform, and navigate to Workloads > DaemonSets.
Locate the DaemonSet you wish to view.
Click the DaemonSet name to see the Details, Topology, Logs, Events, Monitoring, etc.

Updating a DaemonSet

Container Platform, and navigate to Workloads > DaemonSets.
Locate the DaemonSet you wish to update.
In the Actions drop-down menu, select Update to view the Edit DaemonSet page, you can update Replicas, image, updateStrategy, etc.

Deleting a DaemonSet

Container Platform, and navigate to Workloads > DaemonSets.
Locate the DaemonSet you wish to delete.
In the Actions drop-down menu, Click the Delete button in the operations column and confirm.

View full docs as PDF

DaemonSets

Understanding DaemonSets

Refer to the official Kubernetes documentation: DaemonSets

WARNING

DaemonSet Operational Notes

Behavior Characteristics
- Pod Distribution: A DaemonSet deploys exactly one Pod replica per schedulable Node that matches its criteria:
  - Deploys exactly one Pod replica per schedulable node matching:
    - Matches nodeSelector or nodeAffinity criteria (if specified).
    - Is not in the NotReady state.
    - Does not have NoSchedule or NoExecute Taints unless corresponding Tolerations are configured in the Pod Template.
- Pod Count Formula: The number of Pods managed by a DaemonSet equals the number of qualified Nodes.
- Dual-Role Node Handling: Nodes serving both Control Plane and Worker Node roles will only run one Pod instance of the DaemonSet, regardless of their role labels, provided they are schedulable.
Key Constraints (Excluded Nodes)
- Nodes explicitly marked Unschedulable: true (e.g., via kubectl cordon).
- Nodes with a NotReady status.
- Nodes having incompatible Taints without matching Tolerations configured in the DaemonSet's Pod Template.

Creating DaemonSets

Creating a DaemonSet by using CLI

Prerequisites

Ensure you have kubectl configured and connected to your cluster.

YAML file example

# example-daemonSet.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: fluentd-elasticsearch
  namespace: kube-system
  labels:
    k8s-app: fluentd-logging
spec:
  selector: # defines how the DaemonSet identifies its managed Pods. Must match `template.metadata.label`s.
    matchLabels:
      name: fluentd-elasticsearch
  updateStrategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 1
  template: # defines the Pod Template for the DaemonSet. Each Pod created by this DaemonSet will conform to this template
    metadata:
      labels:
        name: fluentd-elasticsearch
    spec:
      tolerations: # these tolerations are to have the daemonset runnable on control plane nodes, remove them if your control plane nodes should not run pods
        - key: node-role.kubernetes.io/control-plane
          operator: Exists
          effect: NoSchedule
        - key: node-role.kubernetes.io/master
          operator: Exists
          effect: NoSchedule
      containers:
        - name: fluentd-elasticsearch
          image: quay.io/fluentd_elasticsearch/fluentd:v2.5.2
          resources:
            limits:
              memory: 200Mi
            requests:
              cpu: 100m
              memory: 200Mi
          volumeMounts:
            - name: varlog
              mountPath: /var/log
      # it may be desirable to set a high priority class to ensure that a DaemonSet Pod
      # preempts running Pods
      # priorityClassName: important
      terminationGracePeriodSeconds: 30
      volumes:
        - name: varlog
          hostPath:
            path: /var/log

Creating a DaemonSet via YAML

# Step 1: To create the DaemonSet defined in *example-daemonSet.yaml*, execute the following command
kubectl apply -f example-daemonSet.yaml

# Step 2: To verify the creation and status of your DaemonSet and its associated Pods:
kubectl get daemonset fluentd-elasticsearch # View DaemonSet
kubectl get pods -l name=fluentd-elasticsearch -o wide # Check Pods managed by this DaemonSet on specific nodes

Creating a DaemonSet by using web console

Prerequisites

Obtain the image address. The source of the images can be from the image repository integrated by the platform administrator through the toolchain or from third-party platforms' image repositories.

For the former, the Administrator typically assigns the image repository to your project, and you can use the images within it. If the required image repository is not found, please contact the Administrator for allocation.
If it is a third-party platform's image repository, ensure that images can be pulled directly from it in the current cluster.

Procedure - Configure Basic Info

Container Platform, navigate to Workloads > DaemonSets in the left sidebar.
Click Create DaemonSet.
Select or Input an image, and click Confirm.

INFO

In the Basic Info section, configure declarative parameters for DaemonSet workloads:

Parameters Description

Parameters	Description
More > Update Strategy	Configures the `rollingUpdate` strategy for zero-downtime updates of DaemonSet Pods. Max unavailable (`maxUnavailable`): The maximum number of Pods that can be temporarily unavailable during an update. Accepts absolute values (e.g., 1) or percentages (e.g., 10%). Example: If there are 10 nodes and maxUnavailable is 10%, then floor(10 * 0.1) = 1 Pod can be unavailable. Notes: Default Values: If not explicitly set, `maxSurge` defaults to 0 and `maxUnavailable` defaults to 1 (or 10% if `maxUnavailable` is specified as a percentage). Non-running Pods: Pods in states like `Pending` or `CrashLoopBackOff` are considered unavailable. Simultaneous Constraints: `maxSurge` and `maxUnavailable` cannot both be 0 or 0%. If percentage values resolve to 0 for both parameters, Kubernetes forces `maxUnavailable=1` to ensure update progress.

More > Update Strategy

Default Values: If not explicitly set, maxSurge defaults to 0 and maxUnavailable defaults to 1 (or 10% if maxUnavailable is specified as a percentage).
Non-running Pods: Pods in states like Pending or CrashLoopBackOff are considered unavailable.
Simultaneous Constraints: maxSurge and maxUnavailable cannot both be 0 or 0%. If percentage values resolve to 0 for both parameters, Kubernetes forces maxUnavailable=1 to ensure update progress.

Procedure - Configure Pod

Pod section, please refer to Deployment - Configure Pod

Procedure - Configure Containers

Containers section, please refer to Deployment - Configure Containers

Procedure - Create

Click Create.

After clicking Create, the DaemonSet will:

✅ Automatically deploy Pod replicas to all eligible Nodes meeting:
- nodeSelector criteria (if defined).
- tolerations configuration (allowing scheduling on tainted nodes).
- Node is in Ready state and Schedulable: true.
❌ Excluded Nodes:
- Nodes with a NoSchedule taint (unless explicitly tolerated).
- Manually cordoned Nodes (kubectl cordon).
- Nodes in NotReady or Unschedulable states.

Managing DaemonSets

Managing a DaemonSet by using CLI

Viewing a DaemonSet

To get a summary of all DaemonSets in a namespace.
```
kubectl get daemonsets -n <namespace>
```
To get detailed information about a specific DaemonSet, including its events and Pod status
```
kubectl describe daemonset <daemonset-name>
```

Updating a DaemonSet

First, edit the YAML file (e.g., example-daemonset.yaml) with the desired changes, then apply it:
```
kubectl apply -f example-daemonset.yaml
```

You can monitor the progress of the rolling update:

kubectl rollout status daemonset/<daemonset-name>

Deleting a DaemonSet

To delete a DaemonSet and all the Pods it manages:

kubectl delete daemonset <daemonset-name>

Managing a DaemonSet by using web console

Viewing a DaemonSet

Container Platform, and navigate to Workloads > DaemonSets.
Locate the DaemonSet you wish to view.
Click the DaemonSet name to see the Details, Topology, Logs, Events, Monitoring, etc.

Updating a DaemonSet

Container Platform, and navigate to Workloads > DaemonSets.
Locate the DaemonSet you wish to update.
In the Actions drop-down menu, select Update to view the Edit DaemonSet page, you can update Replicas, image, updateStrategy, etc.

Deleting a DaemonSet

Container Platform, and navigate to Workloads > DaemonSets.
Locate the DaemonSet you wish to delete.
In the Actions drop-down menu, Click the Delete button in the operations column and confirm.

Node Management

Managed Clusters

Import Clusters

Public Cloud Cluster Initialization

Network Initialization

Storage Initialization

How to

How to

Backup Management

Recovery Management

Architecture

Concepts

Guides

How To

Trouble Shooting

Concepts

Guides

How To

Troubleshooting

Install

Concepts

Guides

How To

Disaster Recovery

Concepts

Guides

How To

Guides

Compliance

Install

API Refiner

User

Guides

Group

Guides

Role

Guides

IDP

Guides

Troubleshooting

User Policy

Guides

Overview

Images

Guides

How To

Virtual Machine

Guides

How To

Troubleshooting

Network

Guides

How To

Storage

Guides

Backup and Recovery

Guides

Concepts

Concepts

Guides

Namespaces

Pre-Application-Creation Preparation

Creating Applications

Post-Application-Creation Configuration

Operation and Maintenance

Application Observability

Workloads

Pod

Container

How To

Install

How To

Install

Guides

How To

Concepts

Guides

Argo CD Concept

Alauda Container Platform GitOps Concepts

Creating GitOps Application