What is a DaemonSet in Kubernetes?

A DaemonSet ensures that all (or a subset of) nodes run a copy of a Pod. As nodes are added to the cluster, pods are added automatically. As nodes are removed, pods are garbage collected. Use cases: log collection (Fluentd, Filebeat — collect logs from every node's containers); metrics collection (node-exporter — scrape host-level metrics from every node); storage daemons (Ceph, GlusterFS); networking agents (Calico, Flannel, Cilium — run on every node); security agents (Falco, antivirus); monitoring agents (Datadog agent). DaemonSet spec: apiVersion: apps/v1 kind: DaemonSet metadata: name: fluentd-elasticsearch spec: selector: matchLabels: name: fluentd-elasticsearch template: metadata: labels: name: fluentd-elasticsearch spec: tolerations: - key: node-role.kubernetes.io/control-plane operator: Exists effect: NoSchedule containers: - name: fluentd image: fluentd:latest resources: limits: memory: 200Mi requests: cpu: 100m memory: 200Mi volumeMounts: - name: varlog mountPath: /var/log volumes: - name: varlog hostPath: path: /var/log. Node subset: use nodeSelector or nodeAffinity to run only on specific nodes. Update strategy: RollingUpdate (default, with maxUnavailable) or OnDelete. Toleration for control plane: add toleration for control-plane taint to run on master nodes too (useful for system daemons). Kubernetes system components (kube-proxy, CNI plugins) themselves use DaemonSets.