Prerequisites: kubernetes
Most workloads do not care which node they land on. You ask for some number of replicas and the scheduler places them wherever there is room. A DaemonSet is the exception. It runs exactly one copy of a pod on every node, and it adds a copy automatically when a new node joins. That is the right shape for anything that has to touch the node it sits on: a networking dataplane, a log collector, a metrics agent.
See the DaemonSets devata runs in the system namespace:
kubectl -n kube-system get dsYou will see cilium and cilium-envoy, one pod each per node, because cilium has to program networking on every machine. On a normal cluster kube-proxy also runs as a DaemonSet for the same reason: the thing that makes Service routing work has to be present on every node, not just one. When a later note says a component runs “per node,” this is the object that makes that true.
Reference: DaemonSet.