DaemonSet is an object (daemon) that runs a Pod on each node of the cluster and guarantees that there is only one Pod. This is very suitable for some system-level applications, such as log collection, resource monitoring, etc., such applications require Each node runs and does not require too many instances. A good example is kube-proxy of Kubernetes.
DaemonSet is related to the node. If the node is abnormal, it will not be recreated on other nodes.
Figure 1 DaemonSet
The following is an example of a DaemonSet.
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nginx-daemonset
labels:
app: nginx-daemonset
spec:
selector:
matchLabels:
app: nginx-daemonset
template:
metadata:
labels:
app: nginx-daemonset
spec:
nodeSelector: # 节点选择,当节点拥有daemon=need时才在节点上创建Pod
daemon: need
containers:
- name: nginx-daemonset
image: nginx:alpine
resources:
limits:
cpu: 250m
memory: 512Mi
requests:
cpu: 250m
memory: 512Mi
imagePullSecrets:
- name: default-secret
It can be seen here that there is no replicas parameter in Deployment or StatefulSet, because each node is fixed one.
There is a nodeSelector in the Pod template, which specifies that Pods are created only on nodes with "daemon=need". As shown in the figure below, DaemonSet only creates Pods on nodes with specified labels. If you need to create a Pod on each node, you can delete the label.
Figure 2 DaemonSet creates Pod on the node with the specified label
Create DaemonSet:
$ kubectl create -f daemonset.yaml
daemonset.apps/nginx-daemonset created
The query found that nginx-daemonset has no Pod created.
$ kubectl get ds
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
nginx-daemonset 0 0 0 0 0 daemon=need 16s
$ kubectl get pods
No resources found in default namespace.
This is because there is no daemon=need label on the node. Use the following command to query the label of the node.
$ kubectl get node --show-labels
NAME STATUS ROLES AGE VERSION LABELS
192.168.0.212 Ready <none> 83m v1.15.6-r1-20.3.0.2.B001-15.30.2 beta.kubernetes.io/arch=amd64 ...
192.168.0.94 Ready <none> 83m v1.15.6-r1-20.3.0.2.B001-15.30.2 beta.kubernetes.io/arch=amd64 ...
192.168.0.97 Ready <none> 83m v1.15.6-r1-20.3.0.2.B001-15.30.2 beta.kubernetes.io/arch=amd64 ...
Tag the node 192.168.0.212, and then check again, and found that a Pod has been created, and the Pod is on the node 192.168.0.212.
$ kubectl label node 192.168.0.212 daemon=need
node/192.168.0.212 labeled
$ kubectl get ds
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
nginx-daemonset 1 1 0 1 0 daemon=need 116s
$ kubectl get pod -owide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-daemonset-g9b7j 1/1 Running 0 18s 172.16.3.0 192.168.0.212
Then label the node 192.168.0.94 and find that another Pod has been created:
$ kubectl label node 192.168.0.94 daemon=need
node/192.168.0.94 labeled
$ kubectl get ds
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
nginx-daemonset 2 2 1 2 1 daemon=need 2m29s
$ kubectl get pod -owide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-daemonset-6jjxz 0/1 ContainerCreating 0 8s <none> 192.168.0.94
nginx-daemonset-g9b7j 1/1 Running 0 42s 172.16.3.0 192.168.0.212
If you modify the label of the 192.168.0.94 node, you can find that DaemonSet will delete the Pod on this node.
$ kubectl label node 192.168.0.94 daemon=no --overwrite
node/192.168.0.94 labeled
$ kubectl get ds
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
nginx-daemonset 1 1 1 1 1 daemon=need 4m5s
$ kubectl get pod -owide
NAME READY STATUS RESTARTS AGE IP NODE
nginx-daemonset-g9b7j 1/1 Running 0 2m23s 172.16.3.0 192.168.0.212