Pi-Hole on self-hosted Kubernetes and DHCP

gjeanmart · November 12, 2019, 11:36am

Hi,
(Full disclosure, I'm not a network export so sorry if I missed something obvious).

I have a Kubernetes infrastructure (k3s) running at home to easily manage my self-hosted services (nextcloud, radarr/sonarr and much more).

The cluster is composed of three hosts:

192.168.0.22 kube-master - raspberrypi 4 B+ (4GB)
192.168.0.23 kube-worker1 - nanopi-m4 (4GB)
192.168.0.24 kube-worker2 - raspberrypi 3 B+ (1GB)

I also have a metallb Load balancer running which allows any k8s services to pick an IP within the range [192.168.0.240, 192.168.0.50].

Network wise, I own a Virgin Hub router running on 192.168.0.1 which doesn't offer the possibility to configure a specific DNS, so my only option here is to disable the DHCP server and enable Pi-Hole DHCP.

I decided to give a try and install Pi-hole on this infrastructure and see if I could get it to work. I installed Pi-hole using the following Helm chart pihole-kubernetes and everything went OK. I now have a running pod (container) assigned to kube-worker1 and the LoadBalancer picked up the IP address 192.168.0.242 to exposed the following ports:

privacy  pihole-udp  LoadBalancer   10.43.201.135   192.168.0.242   53:31149/UDP,67:30644/UDP                 86m
privacy  pihole-tcp  LoadBalancer   10.43.249.102   192.168.0.242   80:32021/TCP,443:31041/TCP,53:30018/TCP   86m

After a quick test, I am able to access the admin web interface on http://192.168.0.242/admin and all the port can be reach from my machine:

$ nc -z -v -u 192.168.0.242 53
Connection to 192.168.0.242 53 port [udp/domain] succeeded!
$ nc -z -v -u 192.168.0.242 67
Connection to 192.168.0.242 67 port [udp/bootps] succeeded!
$ nc -z -v 192.168.0.242 80
Connection to 192.168.0.242 80 port [tcp/http] succeeded!
$ nc -z -v 192.168.0.242 53
Connection to 192.168.0.242 53 port [tcp/domain] succeeded

Then I disabled my router DHCP server and enabled Pi-hole like this:

. But the problem is that no device can now obtain an IP address from my router.

I have personally no idea how to debug this with my poor network skills.I have generated the debug log tool which should give more insight: https://tricorder.pi-hole.net/it9oh5facl

Thanks in advance.

Greg

DerFetzer · November 12, 2019, 2:50pm

DHCP within Docker does not work out of the box. You can find more information in the docs.
There are also some solutions that you would need to adapt to your Kubernetes setup. Easiest would be host networking I guess.

gjeanmart · November 21, 2019, 10:06am

Thanks @DerFetzer for your answer. Running the pod/container on the host network and a few tweaks solved my issue.

More details here: DHCP enabled · Issue #18 · MoJo2600/pihole-kubernetes · GitHub