From ecf14d6aad9f9f79b58566c8e6b248895e2b5c34 Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Fri, 28 Nov 2025 05:59:51 +0530 Subject: [PATCH] add pihole with keepalived for backup --- clusters/default/tools/pihole/pihole-cm.yml | 18 +++++ clusters/default/tools/pihole/pihole-pvc.yml | 14 ++++ clusters/default/tools/pihole/pihole.yml | 81 ++++++++++++++++++++ 3 files changed, 113 insertions(+) create mode 100644 clusters/default/tools/pihole/pihole-cm.yml create mode 100644 clusters/default/tools/pihole/pihole-pvc.yml create mode 100644 clusters/default/tools/pihole/pihole.yml diff --git a/clusters/default/tools/pihole/pihole-cm.yml b/clusters/default/tools/pihole/pihole-cm.yml new file mode 100644 index 0000000..e862224 --- /dev/null +++ b/clusters/default/tools/pihole/pihole-cm.yml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: keepalived-config + namespace: tools +data: + keepalived.conf: | + vrrp_instance PIHOLE_VIP { + state BACKUP + interface eth0 + virtual_router_id 212 + priority 100 + advert_int 1 + + virtual_ipaddress { + 192.168.1.212/24 + } + } diff --git a/clusters/default/tools/pihole/pihole-pvc.yml b/clusters/default/tools/pihole/pihole-pvc.yml new file mode 100644 index 0000000..eb0dc16 --- /dev/null +++ b/clusters/default/tools/pihole/pihole-pvc.yml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pihole-longhorn + namespace: tools +spec: + accessModes: + - ReadWriteMany + volumeMode: Filesystem + resources: + requests: + storage: 1Gi + storageClassName: longhorn diff --git a/clusters/default/tools/pihole/pihole.yml b/clusters/default/tools/pihole/pihole.yml new file mode 100644 index 0000000..ab2e5c3 --- /dev/null +++ b/clusters/default/tools/pihole/pihole.yml @@ -0,0 +1,81 @@ +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: pihole-backup + namespace: tools +spec: + selector: + matchLabels: + app: pihole + template: + metadata: + labels: + app: pihole + spec: + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + + initContainers: + - name: init-keepalived + image: osixia/keepalived:2.0.20 + command: + - sh + - -c + - | + cp -r /container/service/keepalived/assets/* /etc/keepalived/ + cp /config/keepalived.conf /etc/keepalived/keepalived.conf + volumeMounts: + - name: keepalived-config + mountPath: /config + - name: keepalived-runtime + mountPath: /etc/keepalived + + containers: + - name: pihole + image: pihole/pihole:latest + securityContext: + capabilities: + add: ["NET_ADMIN"] + env: + - name: TZ + value: "Asia/Kolkata" + - name: FTLCONF_webserver_api_password + valueFrom: + secretKeyRef: + name: pihole-webpassword + key: password + ports: + - containerPort: 53 + protocol: UDP + - containerPort: 53 + protocol: TCP + - containerPort: 67 + protocol: UDP + - containerPort: 80 + protocol: TCP + volumeMounts: + - name: pihole-data + mountPath: /etc/pihole + + - name: keepalived + image: osixia/keepalived:2.0.20 + securityContext: + capabilities: + add: ["NET_ADMIN", "NET_BROADCAST", "NET_RAW"] + + volumeMounts: + - name: keepalived-runtime + mountPath: /container/service/keepalived/assets + + volumes: + - name: keepalived-config + configMap: + name: keepalived-config + + - name: keepalived-runtime + emptyDir: {} + + - name: pihole-data + persistentVolumeClaim: + claimName: pihole-longhorn