DevOps

K8s: Advanced Patterns

Netflix manages thousands of microservices in Kubernetes. Without StatefulSets, Cassandra would not know its tokens. Without DaemonSets, log collectors would miss nodes. Without Operators, PostgreSQL failover would require a manual runbook at 3am. Advanced Kubernetes patterns are not complexity - they are the automation of operational expertise.

**Zalando** uses CloudNativePG to manage hundreds of Postgres clusters in Kubernetes - automatic failover takes 30 seconds instead of 5-10 minutes of manual intervention.
**Datadog** deploys its agent as a DaemonSet on every customer node - the only way to guarantee full coverage without missed hosts.
**Airbnb** manages dependencies for 1000+ microservices via Helm charts with a centralized values.yaml in a monorepo - every deploy is reproducible and rollbackable.

StatefulSets

StatefulSet is a Kubernetes controller for pods that need stable identity: a fixed name (pod-0, pod-1), a stable network address, and a persistent volume that survives pod restarts. Every database cluster in Kubernetes runs as a StatefulSet.

Deployment pods are interchangeable - any pod can be replaced by any other. StatefulSet pods are unique - postgres-0 is the primary and postgres-1 is a replica; they cannot be swapped.

StatefulSet guarantees that when pod postgres-1 is recreated...

DaemonSets

DaemonSet ensures exactly one pod runs on each node in the cluster - or on nodes matching a label selector. Use it for node-level agents: log collectors, metric exporters, network plugins, security scanners.

When a new node joins the cluster, the DaemonSet controller automatically schedules a pod on it. No manual intervention required - coverage is always complete.

A cluster has 10 nodes. How many pods does a Fluentd DaemonSet create?

Operators

A Kubernetes Operator extends the cluster API with new resource types (CRDs) and a controller that automates Day-2 operations: failover, backup, schema migrations, scaling. It codifies operational expertise into code.

Operators are the Kubernetes-native way to run stateful applications. Instead of runbooks ('if primary fails, do steps 1-7'), the Operator runs those steps automatically.

How does a Kubernetes Operator differ from a standard Helm chart?

Helm

Helm is the package manager for Kubernetes. A Chart is a versioned, templated collection of Kubernetes manifests. It enables repeatable, reviewable deployments with history, rollback, and parameterization.

Helm's `--atomic` flag rolls back automatically on failed upgrade. Combine with CI/CD to get safe, auditable deployments with one-command rollback.

A Helm chart is just a directory of YAML files; it can be applied with kubectl apply -f

Helm charts use Go templates and require Helm to render. kubectl apply -f does not understand templates, values files, or release tracking.

Helm adds lifecycle management on top of YAML: named releases, versioned history, rollback, and parameterization. kubectl apply is stateless - it has no concept of a release.

What does the command `helm upgrade --install` do exactly?

Key Ideas

**StatefulSet** gives a pod stable identity (name, network, disk) - required for databases and distributed systems where each node is unique.
**DaemonSet** runs agents on every node automatically - for logs, metrics, CNI, and other tasks requiring access to local node resources.
**Operator** automates Day-2 operations: failover, backup, scaling - encodes expertise into a controller. **Helm** manages deploy lifecycle with versioning and rollback.

Вопросы для размышления

To run Redis Cluster in Kubernetes - Deployment or StatefulSet? Why?
Why is node-exporter for Prometheus installed as a DaemonSet rather than a Deployment with replicas equal to the node count?
Which Day-2 operations for Kafka in Kubernetes would make sense to automate via an Operator?