Updates and improvements

* Updated to latest pihole release 4.3.1-4_amd64
* Added liveness and readiness checks
* You are now able to configure adlists, whitelists and blacklists in the configuration and have pihole load them during startup. (See `example\` folder)

README.md

@@ -2,15 +2,15 @@
 
 The [Pi-hole®](https://pi-hole.net/) is a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software.
 
-This repository provides you with everything necessary to deploy pihole on your kubernetes cluster. I'm running an on premise kubernetes cluster and i'm using MetaLB 0.7.3 for loadbalancing and rook/ceph for storage.
+This repository provides you with everything necessary to deploy pihole on your kubernetes cluster. I'm running an on premise kubernetes cluster and i'm using [MetalLB](https://metallb.universe.tf) 0.7.2 for loadbalancing and [glusterfs](https://github.com/gluster/gluster-kubernetes) for storage.
 
 ## Repository structure
 * The folder `pihole` contains a helm chart to install pi-hole on kubernetes. Please see the [README](pihole/README.md) for more details
 * The folder `classic` contains kubernetes files to install pi-hole on kubernetes
 
 ## TL;DR;
 
-Clone the repository and create a values.yaml with your configuration. Mine for usage with metallb looks like this:
+Download the latest release and unzip the archive. Create a values.yaml with your configuration. Basic configuration with metallb looks like this (Find an full example in the folder `example`):
 
 ```console
 dnsmasq:
@@ -39,4 +39,22 @@ $ cd pihole-kubernetes
 $ helm upgrade -i pihole ./pihole -f values.yaml
 ```
 
-You should now have a running pihole instance. You should be able to open the web UI under the url http://192.168.178.252/admin and use the default password 'admin'.
+You should now have a running pihole instance. You should be able to open the web UI under the url [http://192.168.178.252/admin](http://192.168.178.252/admin) and use the default password 'admin'.
+
+## Changelog
+
+### 0.1
+
+* Updated to latest pihole release 4.3.1-4_amd64 
+* Added liveness and readiness checks
+* You are now able to configure adlists, whitelists and blacklists in the configuration and have pihole load them during startup. (See `example\` folder)
+
+## Remarks
+
+### MetalLB 0.7.3
+
+MetalLB 0.7.3 has a bug, where the service is not announced anymore, when the pod changes (e.g. update of a deployment). My workaround is to restart the `metallb-speaker-*` pods.
+
+### MetalLB 0.8.1
+
+I did not test pihole-kubernetes with version 0.8.1. Please let me know if it works.

example/README.md

@@ -0,0 +1,6 @@
+# Example configuration
+
+This example utilizes the option to add whitelists and blacklists on startup of the pihole container. With this setup you do not need to configure pihole afterwarts. The container is ready right from the start.
+
+* The blacklists are taken from [firebog](https://firebog.net/)
+* The whitelists are taken from [anudeepND’s curated whitelist](https://github.com/anudeepND/whitelist/blob/master/domains/whitelist.txt)

pihole/templates/configmap.yaml

@@ -9,6 +9,12 @@ metadata:
     heritage: {{ .Release.Service }}
 data:
   02-custom.conf: |
+    addn-hosts=/etc/addn-hosts
   {{- range .Values.dnsmasq.customDnsEntries }}
     {{ . }}
   {{- end }}
+  addn-hosts: |
+  {{- range .Values.dnsmasq.additionalHostsEntries }}
+    {{ . }}
+  {{- end }}
+

pihole/templates/deployment.yaml

@@ -55,22 +55,27 @@ spec:
           - containerPort: 67
             name: client-udp
             protocol: UDP
-            #          livenessProbe:
-            #            httpGet:
-            #              path: /
-            #              port: http
-            #              initialDelaySeconds: 120
-            #          readinessProbe:
-            #            httpGet:
-            #              path: /
-            #              port: http
-            #              initialDelaySeconds: 120
+            livenessProbe:
+              httpGet:
+                path: /admin.index.php
+                port: http
+              initialDelaySeconds: 60
+              periodSeconds: 5
+            readinessProbe:
+              httpGet:
+                path: /admin.index.php
+                port: http
+              initialDelaySeconds: 25
+              periodSeconds: 5
           volumeMounts:
           - mountPath: /etc/pihole
             name: config
           - mountPath: /etc/dnsmasq.d/02-custom.conf
             name: custom-dnsmasq
             subPath: 02-custom.conf
+          - mountPath: /etc/addn-hosts
+            name: custom-dnsmasq
+            subPath: addn-hosts
           {{ if .Values.adlists }}
           - mountPath: /etc/pihole/adlists.list
             name: adlists

pihole/values.yaml

@@ -6,7 +6,7 @@ replicaCount: 1
 
 image:
   repository: "pihole/pihole"
-  tag: 4.2.2-1_amd64
+  tag: 4.3.1-4_amd64 
   pullPolicy: IfNotPresent
 
 serviceTCP:
@@ -75,15 +75,21 @@ dnsmasq:
   # - address=/foo.bar/192.168.178.10
   # - address=/bar.foo/192.168.178.11
 
-#adlists:       
+  additionalHostsEntries: {}
+  # Dnsmasq reads the /etc/hosts file to resolve ips. You can add additional entries if you like
+  # - 192.168.0.3     host4
+  # - 192.168.0.4     host5
+
+
+adlists: {}
   # If you want to provide blocklists, add them here.
   # - https://hosts-file.net/grm.txt
   # - https://reddestdream.github.io/Projects/MinimalHosts/etc/MinimalHostsBlocker/minimalhosts
 
-#whitelist:
+whitelist: {}
   # If you want to provide whitelisted domains, add them here.
   # - clients4.google.com
 
-#blacklist:
+blacklist: {}
   # If you want to have special domains blacklisted, add them here
   #- *.blackist.com