Skip to content

Instantly share code, notes, and snippets.

@tuananh

tuananh/configmap.yaml

Last active November 17, 2023 13:00
Show Gist options
  • Star 15 You must be signed in to star a gist
  • Fork 5 You must be signed in to fork a gist
  • Save tuananh/ec0311983660db5399d56048c7b1721f to your computer and use it in GitHub Desktop.
Save tuananh/ec0311983660db5399d56048c7b1721f to your computer and use it in GitHub Desktop.
Download ZIP
Pi-hole on Kubernetes
Raw
configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: pihole-config
data:
WEBPASSWORD: pihole
TZ: 'Asia/Ho_Chi_Minh'
DNS1: 1.1.1.1
DNS2: 1.0.0.1
Raw
deploy.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: pihole
name: pihole
namespace: default
spec:
selector:
matchLabels:
app: pihole
template:
metadata:
labels:
app: pihole
spec:
containers:
- image: pihole/pihole:v5.0
imagePullPolicy: IfNotPresent
name: pihole
env:
- name: WEBPASSWORD
valueFrom:
secretKeyRef:
name: pihole-secret
key: WEBPASSWORD
- name: TZ
valueFrom:
configMapKeyRef:
name: pihole-config
key: TZ
- name: DNS1
valueFrom:
configMapKeyRef:
name: pihole-config
key: DNS1
- name: DNS2
valueFrom:
configMapKeyRef:
name: pihole-config
key: DNS2
volumeMounts:
- name: pihole-pvc
mountPath: '/etc/pihole'
- name: dnsmasq-pvc
mountPath: '/etc/dnsmasq.d'
restartPolicy: Always
volumes:
- name: pihole-pvc
persistentVolumeClaim:
claimName: pihole-pvc
- name: dnsmasq-pvc
persistentVolumeClaim:
claimName: dnsmasq-pvc
Raw
pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: pihole-pvc
annotations:
volume.beta.kubernetes.io/storage-class: 'nfs-client'
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: dnsmasq-pvc
annotations:
volume.beta.kubernetes.io/storage-class: 'nfs-client'
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 100Mi
Raw
secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: pihole-secret
type: Opaque
data:
# echo -n 'pihole' | base64
WEBPASSWORD: cGlob2xl
Raw
svc.yaml
apiVersion: v1
kind: Service
metadata:
name: pihole-tcp
annotations:
metallb.universe.tf/address-pool: default
metallb.universe.tf/allow-shared-ip: pihole-svc
spec:
externalTrafficPolicy: Local
loadBalancerIP: 10.0.20.3
ports:
# pihole use Ports to expose (53, 80, 67, 443), the bare minimum ports required for Pi-holes HTTP and DNS services
- port: 80
targetPort: 80
name: port80
protocol: TCP
- port: 443
targetPort: 443
name: port443
protocol: TCP
- port: 53
targetPort: 53
protocol: TCP
name: port53
selector:
app: pihole
type: LoadBalancer
---
apiVersion: v1
kind: Service
metadata:
name: pihole-udp
annotations:
metallb.universe.tf/address-pool: default
metallb.universe.tf/allow-shared-ip: pihole-svc
spec:
externalTrafficPolicy: Local
loadBalancerIP: 10.0.20.3
ports:
- port: 53
targetPort: 53
protocol: UDP
name: port53-udp
- port: 67
targetPort: 67
protocol: UDP
name: port67-udp
selector:
app: pihole
type: LoadBalancer
@iuli72an
Copy link

iuli72an commented Jan 4, 2022

Excelent example data provided for this pihole deployment. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment