I'm currently setting up a security tool that will run as a DaemonSet in Kubernetes. One of my teammates is concerned that if the DaemonSet exceeds its memory limit, it might not get evicted because it has higher priority compared to other pods. Is there any truth to this? We could scale up our nodes, but I'd really like to understand how this works in the context of Kubernetes pod management.
3 Answers
Honestly, when I hear claims like that, I usually ask for documentation to back it up. If they can't provide any, I consider it misinformation unless proven otherwise. You can find all the info you need in the Kubernetes documentation, it's pretty straightforward! People sometimes misunderstand these concepts, so a good challenge can clear up a lot of confusion.
Absolutely! It's always good to dig deeper and verify these claims.
From what I've seen, DaemonSets can definitely get OOM killed just like any other pod. They don't have any special protections in place, so if they hit their limit, they'll be evicted too. The thing is, if you don't set the right priority, they might not even restart if they get killed, since other pods could be hogging all the memory.
Yeah, DaemonSet pods can get killed when necessary. They're not that different from regular pods, so they can face the same resource constraints. If you want to keep them alive under pressure, you might want to assign them a higher priority, but it’s not done automatically.
Totally! I think it often comes down to their personal experience. I'm involved in security too, and while I get the gist, I still feel like there's a lot about k8s scheduling and OOM kills that I need to learn.