search

MoJo2600 / pihole-kubernetes

PiHole on kubernetes
493 stars 171 forks source link

pihole-FTL: no process found on hostNetwork #271

Open Rahulsharma0810 opened 8 months ago

Rahulsharma0810 commented 8 months ago

Yet Another "pihole-FTL: no process found"

I tried pihole/ftl-build:v2.3-alpine Image, but it's just entering to crashbackLoop, without even starting the container. 

replicaCount: 1
nodeSelector:
  kubernetes.io/hostname: kube-node-1-01

image:
  # -- the repostory to pull the image from
  repository: "pihole/pihole"
  # -- the docker tag, if left empty it will get it from the chart's appVersion
  tag: ""
  # -- the pull policy
  pullPolicy: Always

dnsHostPort:
  # -- set this to true to enable dnsHostPort
  enabled: true
  # -- default port for this pod
  port: 53

# -- Configuration for the DNS service on port 53
serviceDns:
  # -- deploys a mixed (TCP + UDP) Service instead of separate ones
  mixedService: true

  # -- `spec.type` for the DNS Service
  type: LoadBalancer

serviceDhcp:
  # -- Generate a Service resource for DHCP traffic
  enabled: true

  # -- `spec.type` for the DHCP Service
  type: LoadBalancer

persistentVolumeClaim:
  # -- set to true to use pvc
  enabled: true

# -- should the container use host network
hostNetwork: "true"

# -- should container run in privileged mode
privileged: "true"
extraEnvVars: { DNSMASQ_USER: "root" }
capabilities:
  add:
    - NET_ADMIN
    - CAP_NET_RAW
    - CAP_NET_ADMIN
    - CAP_SYS_NICE
    - CAP_CHOWN

Degrading versions doesn't help. Any guidance is highly appreciated.

Rahulsharma0810 commented 8 months ago

I found enabling 

hostNetwork: true

Results pihole-FTL: no process found

I am trying to make DHCP work by following https://github.com/MoJo2600/pihole-kubernetes/issues/18#issuecomment-556998725

Madic- commented 7 months ago

You get the error because there is already some process listening on udp port 57, so pihole can't use it. But I got it working with dhcp enabled. Though it requires the help of a dhcphelper (or dhcp relay).

Basically I'm running pihole as a normal pod, not with host networking enabled. But the dhcphelper is configured with host networking enabled and forwards the dhcp requests as unicast frames to pihole.

The important values for this chart:

      serviceDhcp:
        loadBalancerIP: 192.168.1.232
        type: LoadBalancer
      customSettings:
        - dhcp-option=6,192.168.1.232,192.168.1.1 # DNS dhcp option
      capabilities:
        add:
          - NET_ADMIN

This exposes the dhcp service on 192.168.1.232. The following dhcphelper kubernetes deployment forwards the dhcp broadcasts to the exposed 192.168.1.232:

---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/name: dhcphelper
  name: dhcphelper
  namespace: dns
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: dhcphelper
  replicas: 1
  revisionHistoryLimit: 3
  template:
    metadata:
      labels:
        app.kubernetes.io/name: dhcphelper
    spec:
      containers:
        - name: dhcphelper
          image: homeall/dhcphelper:latest
          env:
            - name: IP
              value: "192.168.1.232"
            - name: TZ
              value: "Europe/Berlin"
          securityContext:
            capabilities:
              add:
                - NET_ADMIN
          resources:
            limits:
              cpu: 100m
              memory: 32Mi
            requests:
              cpu: 100m
              memory: 32Mi
      hostNetwork: true
  strategy:
    type: Recreate
MoJo2600 commented 6 months ago

Thanks @Madic- for this variant. There are a lot of kubernetes beginner questions on how to setup the ports and some misunderstanding why something is not working. It would be great to have the different setup options documented somewhere to make life easier for beginners.

MoJo2600 commented 6 months ago

@Rahulsharma0810 you could also use some form of loadbalancer (e.g. MetalLB) to expose the port to the network. Then it does not interfere with the cluster nodes.

Madic- commented 6 months ago

I had that (not MetalLB but Kube-VIP), but it was not working because DHCP is working at OSI Layer 2 and not 3. DHCP Requests are Arp Broadcasts and not IP Traffic. The dhcphelper captures the Broadcasts and "converts" it into IP by forwarding it to a specific IP/Port.

MoJo2600 commented 6 months ago

Ah yes you are right... DHCP

Rahulsharma0810 commented 6 months ago

Right Madic, I tried it already with MetalLB. I stopped using the Pihole because of that.

irjohn commented 2 months ago

You get the error because there is already some process listening on udp port 57, so pihole can't use it. But I got it working with dhcp enabled. Though it requires the help of a dhcphelper (or dhcp relay).

Basically I'm running pihole as a normal pod, not with host networking enabled. But the dhcphelper is configured with host networking enabled and forwards the dhcp requests as unicast frames to pihole.

The important values for this chart:

      serviceDhcp:
        loadBalancerIP: 192.168.1.232
        type: LoadBalancer
      customSettings:
        - dhcp-option=6,192.168.1.232,192.168.1.1 # DNS dhcp option
      capabilities:
        add:
          - NET_ADMIN

This exposes the dhcp service on 192.168.1.232. The following dhcphelper kubernetes deployment forwards the dhcp broadcasts to the exposed 192.168.1.232:

---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/name: dhcphelper
  name: dhcphelper
  namespace: dns
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: dhcphelper
  replicas: 1
  revisionHistoryLimit: 3
  template:
    metadata:
      labels:
        app.kubernetes.io/name: dhcphelper
    spec:
      containers:
        - name: dhcphelper
          image: homeall/dhcphelper:latest
          env:
            - name: IP
              value: "192.168.1.232"
            - name: TZ
              value: "Europe/Berlin"
          securityContext:
            capabilities:
              add:
                - NET_ADMIN
          resources:
            limits:
              cpu: 100m
              memory: 32Mi
            requests:
              cpu: 100m
              memory: 32Mi
      hostNetwork: true
  strategy:
    type: Recreate

Can you share your dhcphelper image? I would like to try that as well, Im using MetalLB and im running into port 57 already being used when I set hostNetwork to true when trying to create a DHCP server on pihole

Madic- commented 2 months ago

What do you need? The image can be found as part of the kubernetes manifest: image: homeall/dhcphelper

A search engine leads me to the following github repo: https://github.com/homeall/dhcphelper