一、DaemonSet 是什么?
DaemonSet = 守护进程集 核心作用:保证集群里 每一个节点 都运行 一个 Pod
- 不需要写
replicas(节点数 = Pod 数) - 新增节点 → 自动创建 Pod
- 删除节点 → 自动删除 Pod
- 每个节点 永远只跑一个
二、典型应用场景
- 节点监控 :
node-exporter(Prometheus 采集监控) - 日志收集 :
fluentd、filebeat - 网络 / 存储插件 :
calico、ceph - 其他 agent:各种监控代理、安全客户端
三、完整标准 YAML
node1,node2上运行
vim k8s-ds.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: ds
namespace: default
labels:
app: ds
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.20.2
resources:
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 200Mi
volumeMounts:
- name: localtime
mountPath: /etc/localtime
terminationGracePeriodSeconds: 30
volumes:
- name: localtime
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
kubectl apply -f k8s-ds.yaml
master(容忍),node1,node2上运行
vim k8s-ds-tole.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: ds
namespace: default
labels:
app: ds
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
tolerations:
- key: node-role.kubernetes.io/control-plane #节点的污点是这个 → 必须匹配!
operator: Exists # 存在即可,不用写value
effect: NoSchedule # 容忍"不调度"污点
containers:
- name: nginx
image: nginx:1.20.2
resources:
limits:
memory: 200Mi
requests:
cpu: 100m
memory: 200Mi
volumeMounts:
- name: localtime
mountPath: /etc/localtime
terminationGracePeriodSeconds: 30
volumes:
- name: localtime
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
kubectl apply -f k8s-ds-tole.yaml