If I only want to use K8s master to manage daemonsets running in worker nodes (no load balancing, no HTTP request processing, each worker node runs the same pods), is the kube-proxy installation necessary? I only want to use kubernetes to make sure that each worker node is running one copy of the container specified in the daemonset manifest.
I am hoping to save disk space and not install images onto worker nodes unnecessarily.
kube-proxy ended up being unnecessary in my particular use case.
kube-proxy is necessary to load balance Kubernetes services, and my use case did not rely on any Kubernetes services.
kube-proxy installation can be avoided by running kubeadm init --skip-phases=addon/kube-proxy
As mentioned on medium
One of the most critical (if not the most) is kubernetes networking. There are many layers for kubernetes networking — pod networking, service IP, external IP cluster IP etc. Somewhere along this, kube-proxy plays an important role.
What is eBPF ? A fully deep and technical understanding is beyond the scope of this experiment and even beyond the scope of my own skillset but in simplistic terms eBPF (extended Berkeley Packet Filter) is a virtual machine which runs in the kernel of a linux machine. It is capable of running natively just-in-time compiled “bpf programs” which have access to certain kernel functions. In other words a user can inject these programs to run in the kernel on demand in runtime . These programs follow a specific instruction set offered by bpf and have certain rules which they need to follow and it will run only programs which are safe to run . This is unlike linux modules which also run in the kernel but can potential cause issues to the kernel if not properly written . I will defer the details of these to the plethora of articles on BPF. But this virtual machine can be attached to any kernel subsystem like a network device and the BPF program is executed in response to events on those subsystems.One of the oldest and most popular linux tools — tcpdump utilizes BPF. I am tempted to say that new technologies like smart nics etc utilize BPF but its just a wild guess on my part. Replacing kube-proxy with CNI drivers utilizing eBPF
The cilium project utilizes eBPF for its network policy enforcement and also offers a kube-proxy replacement . Project Calico also has a tech preview using eBPF but for this experiment we will just use Cilium.
So AFAIK it´s neccesary for kubernetes to work, if you don´t want to use kube-proxy maybe you could try an alernative like cilium, take a look at above medium tutorial about it. Worth mentioning it´s not lighter than kube-proxy, it´s 147 MB.