Kubernetes clusters hum along, pods shifting seamlessly across nodes. But OS patches land. Kernels update. Nodes need reboots. Manual intervention? Not anymore. Enter Kured, the Kubernetes Reboot Daemon. This CNCF Sandbox project runs as a DaemonSet, one pod per node, watching for reboot signals from the host OS. Spot /var/run/reboot-required? It cordons the node. Drains pods. Grabs an API server lock to serialize the process. Then reboots. Pods reschedule elsewhere. Cluster stays up. Simple. Effective. Kured.dev lays it out clean.
Take Azure Kubernetes Service. AKS pushes security patches daily to Linux nodes. Reboots don’t follow automatically. That’s where Kured steps in. Microsoft docs detail the integration: add the Helm repo, create a kured namespace, install with a Linux node selector. helm install my-release kubereboot/kured --namespace kured --set controller.nodeSelector."kubernetes\.io/os"=linux. Boom. Nodes reboot safely post-patch, one at a time by default. But AKS warns: Azure Linux 2.0 support ends November 30, 2025—frozen at 202512.06.0. Migrate to AzureLinux3 or face scaling issues by March 2026. Open-source tools like Kured fall outside SLAs, so lean on GitHub issues or CNCF Slack. Microsoft Learn updated this December 23, 2025.
Installation elsewhere? Straightforward. Grab the latest release tag via curl and jq, apply the combined YAML. Or use the Helm chart from kubereboot/charts. Latest: v1.21.0, January 22, 2026. Supports Kubernetes 1.33.x to 1.35.x. Back to 1.6.x from 2019. Systemd-based distros only since 1.1.0—it enters the host mount namespace for systemctl reboot. Kured installation docs spell out the matrix.
Tune it. Flags abound. --period=20m sets check interval—default 60 minutes. --concurrency=1 limits parallel reboots; crank to 3 for faster cycles. Cron-style --reboot-schedule="Tue,Thu 02:00-04:00" windows reboots. Prometheus? --prometheus-metrics. Slack alerts? --slack-hook-url and --slack-channel. Ignore nodes via labels: --node-label="kured/reboot-day=Friday". Taint during drain: --prefer-no-schedule-taint. Full list in configuration docs. Pass via DaemonSet args or env vars like KURED_REBOOT_SCHEDULE.
Releases roll steady, every 3-6 months. v1.21.0 fixed Go stdlib vulns, bumped to Kubernetes 1.35 support, switched to mise for dev tools. v1.20.0 added golangci-lint. Earlier patches like 1.17.1 tackled dependency CVEs. Maintainers evrardjp and dholbach drive it, with Dependabot keeping deps fresh. 2.5k GitHub stars. 43 releases. Active. GitHub releases track it all.
But does it fit every setup? Hacker News chatter yesterday questioned that. One user: “I like it. K8s should be more opinionated about this.” Another praised resilience: “postgresql switches automatically over.” Critics balked at 3,000 lines of code. “People try to shoehorn a thousand unique behaviours into a general purpose tool,” one griped. Physical servers? Reboot makes sense. Cloud? Terminate and let Karpenter or Cluster Autoscaler spin fresh instances. “What’s the usecase where you are okay cordoning a node but not okay with just terminating it?” Fair point. On-prem fleets, bare metal, or spotty autoscaling favor Kured. Hacker News thread.
And alternatives? Roll-your-own cron on nodes risks races—multiple rebooting at once. Machine Config Operator in OpenShift handles it declaratively. Cluster API with node termination handlers for clouds. But Kured’s lock mechanism prevents thundering herds. No direct rivals match its focus. Devtron.ai calls it key for self-healing: “automates node reboots… minimizing downtime.” Devtron blog, August 2024.
So deploy it. Watch nodes reboot orderly. Patches apply. Security holds. Downtime? Minimal. Clusters run forever. That’s the promise.
WebProNews is an iEntry Publication