Add Kubernetes configurations for Pi-hole deployment, services, and secrets

cluster/apps/pihole/pihole-pvc.yml

@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: pihole-ceph
+  namespace: default
+spec:
+  accessModes:
+    - ReadWriteOnce
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 1Gi
+  storageClassName: csi-rbd-sc

cluster/apps/pihole/pihole-svc.yml

@@ -0,0 +1,38 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: pihole-tcp-service
+  namespace: default
+spec:
+  type: LoadBalancer
+  selector:
+    app: pihole
+  ports:
+  - port: 8585
+    targetPort: 80
+    protocol: TCP
+    name: web
+  - port: 53
+    targetPort: 53
+    protocol: TCP
+    name: dns-tcp
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: pihole-udp-service
+  namespace: default
+spec:
+  type: LoadBalancer
+  selector:
+    app: pihole
+  ports:
+  - port: 53
+    targetPort: 53
+    protocol: UDP
+    name: dns-udp
+  - port: 67
+    targetPort: 67
+    protocol: UDP
+    name: dhcp

cluster/apps/pihole/pihole.yml

@@ -0,0 +1,42 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: pihole
+  namespace: default
+spec:
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: pihole
+  template:
+    metadata:
+      labels:
+        app: pihole
+    spec:
+      hostNetwork: true
+      containers:
+      - name: pihole
+        image: pihole/pihole@sha256:2a0985b8a039e6a3496c9076e238e48044d74ca12b18b061f8e4be48d35debf8
+        securityContext:
+          capabilities:
+            add:
+            - NET_ADMIN
+        env:
+        - name: TZ
+          value: "Asia/Kolkata"
+        - name: FTLCONF_dns_listeningMode
+          value: "all"
+        - name: FTLCONF_webserver_api_password
+          valueFrom:
+            secretKeyRef:
+              name: pihole-secrets
+              key: api_password
+        volumeMounts:
+        - name: pihole-data
+          mountPath: /etc/pihole
+      volumes:
+      - name: pihole-data
+        persistentVolumeClaim:
+          claimName: pihole-ceph