Vigil watches new Kubernetes nodes, waits for all expected DaemonSet pods to become Ready, and then removes the startup taint — ensuring workloads are only scheduled when the node has accurate resource accounting.
Prevents Scheduler Races
Eliminates the race condition where workload pods are scheduled before DaemonSet pods consume their resources, preventing OutOfcpu and OutOfmemory rejections.
Auto-Discovery
Automatically discovers which DaemonSets should run on each node using upstream Kubernetes scheduling predicates. Zero per-DaemonSet configuration required.
Kubernetes Native
Runs as a standard controller-runtime controller with Helm installation. Uses Karpenter’s startupTaints feature — no custom CRDs required.
Quick Start
helm repo add vigil https://oss.nextdoor.com/vigil
helm repo update
helm install vigil vigil/vigil-controller \
--namespace vigil-system \
--create-namespace