https://oss.nextdoor.com/vigil/docs/concepts/Recent content in Concepts on Vigil ControllerHugoenhttps://oss.nextdoor.com/vigil/docs/concepts/architecture/Mon, 01 Jan 0001 00:00:00 +0000https://oss.nextdoor.com/vigil/docs/concepts/architecture/<h2 id="overview">Overview</h2> <p>Vigil is a single-binary Kubernetes controller built with controller-runtime. It runs one instance per cluster with leader election for high availability.</p> <h2 id="components">Components</h2> <table> <thead> <tr> <th>Component</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td>Node Informer</td> <td>Watches nodes for startup taint changes</td> </tr> <tr> <td>Pod Informer</td> <td>Watches pods for DaemonSet readiness transitions</td> </tr> <tr> <td>DaemonSet Cache</td> <td>Caches DaemonSet list for scheduling rule evaluation</td> </tr> <tr> <td>Node Reconciler</td> <td>Core logic: discover expected DaemonSets, check readiness, remove taint</td> </tr> </tbody> </table> <h2 id="data-flow">Data Flow</h2> <ol> <li>A new node appears with the configured startup taint</li> <li>The Node Informer triggers a reconciliation</li> <li>The reconciler evaluates all DaemonSets against the node&rsquo;s labels, affinity, and taints</li> <li>For each expected DaemonSet, the reconciler checks if a Ready pod exists on the node</li> <li>If all expected DaemonSet pods are Ready, the taint is removed</li> <li>If not, the node is requeued for re-evaluation</li> </ol> <h2 id="safe-taint-removal">Safe Taint Removal</h2> <p>Vigil uses fresh API server reads (not informer cache) when removing taints, with optimistic concurrency via <code>resourceVersion</code>. This avoids the stale-cache bug that affected Istio&rsquo;s untaint controller.</p>https://oss.nextdoor.com/vigil/docs/concepts/daemonset-discovery/Mon, 01 Jan 0001 00:00:00 +0000https://oss.nextdoor.com/vigil/docs/concepts/daemonset-discovery/<h2 id="overview">Overview</h2> <p>Vigil auto-discovers which DaemonSets should run on each tainted node by replicating the kube-scheduler&rsquo;s DaemonSet scheduling logic using the upstream <code>k8s.io/component-helpers</code> package.</p> <h2 id="algorithm">Algorithm</h2> <p>For each DaemonSet in the cluster:</p> <ol> <li>Build a synthetic Pod from the DaemonSet&rsquo;s pod template</li> <li>Evaluate <code>nodeSelector</code> and <code>nodeAffinity</code> against the node</li> <li>Compute the node&rsquo;s &ldquo;steady-state&rdquo; taints by stripping all configured startup taint keys</li> <li>Check that the DaemonSet tolerates all remaining (steady-state) taints</li> <li>If all checks pass, the DaemonSet is expected on this node</li> </ol> <h2 id="why-strip-startup-taints">Why Strip Startup Taints</h2> <p>A brand-new node has multiple startup taints (Vigil&rsquo;s, Istio CNI&rsquo;s, EBS CSI&rsquo;s, EFS CSI&rsquo;s). These are all temporary. We want to answer &ldquo;will this DaemonSet run in steady state?&rdquo; not &ldquo;can this DaemonSet tolerate the node right now?&rdquo;</p>