Pihole on SCALE

[n1c0la84]

Hi, kubernetes newbie here.

What I'd like to do is to run pihole dns server under docker on TrueNAS SCALE.

I have managed to launch the docker image configured with external networking and ports as follow:
container port 80 -> node port 9080 for web interface
container port 53 -> node port 9053 and all other ports for dns

I am able to reach the pihole web interface on another ip inside my lan on port 80 but dns doesn't work.

I have two questions:
1) why am I able to reach pihole web interface on port 80 if node port is 9080?
2) how can dns work if node port need to be > 9000?

Then I tried to install an helm chart for here: https://artifacthub.io/packages/helm/mojo2600/pihole but i get:
Error: Kubernetes cluster unreachable: the server has asked for the client to provide credentials
when I give the install command and I have no clue what to do.

Can someone please help? Thanks! :)

 

[ornias]

DNS is UDP, be sure to forward 53 UDP and not 53 TCP ;-)

 

[ornias]

those other two questions:
1) I don't get the question. I think you have some trouble understanding the difference between port and nodeport.

2) TECHNICALLY DNS doesn't have to be on port 53. Though most OS's (windows/mac) and routers (ubiquiti, pfsense) expect it to be on port 53. Kubernetes supports more solutions for exposing ports than "just" nodePort, nodePort is just the only thing that the iX "docker-addition button" currently allows. For example: one could add udp ingress to route 53 external to 9053.

 

[stavros-k]

1) I don't get the question. I think you have some trouble understanding the difference between port and nodeport.

I think saw somewhere in the forums, that on Docker, there was actually a bug,
that you could actually access the container from the nodeport you set AND from the container port.
It was like it's doing -p 9080:80 AND -p 80:80.
But i can't find the post right now

 

[ornias]

that you could actually access the container from the nodeport you set AND from the container port.

Uhmm... I doubt it, because docker != k8s.
Or it would've broke all our Apps already.

 

[stavros-k]

Uhmm... I doubt it, because docker != k8s.
Or it would've broke all our Apps already.

Yes i know. i don't mean it actually uses the "-p host:cont". but it was something in the dynamic chart generation when using "Launch Docker Image"
I didn't actually verify this, but i remember someone mention this again. Anyway...

@n1c0la84 What version of scale you have?

On 21.04 latest nightly it's "fixed", if it was ever a problem.

 

[ornias]

Yes i know. i don't mean it actually uses the "-p host:cont". but it was something in the dynamic chart generation when using "Launch Docker Image"
I didn't actually verify this, but i remember someone mention this again. Anyway...

Ahh but thats not related to k8s or docker at all.
It helps not refering specific parts if they aren't related.

For example, instead of:
"I think saw somewhere in the forums, that on Docker, there was actually a bug,"

your could've writhen:
"I think saw somewhere in the forums, that when using the blue add-docker-button, there was actually a bug,"

 

[stavros-k]

Ahh but thats not related to k8s or docker at all.
It helps not refering specific parts if they aren't related.

For example, instead of:
"I think saw somewhere in the forums, that on Docker, there was actually a bug,"

your could've writhen:
"I think saw somewhere in the forums, that when using the blue add-docker-button, there was actually a bug,"

You are right, that would have saved some posts :)