Unable to install pihole bause of resolve errors #88
Comments
|
This should be fixed by commit 34656cb, 2 days ago (chart version 1.7.21). The configured PiHole version (5.1.2) was removed from Docker Hub. What you could have done yourself is to check hub.docker.io and search for pihole (here's a direct link) and then look at the tags to find the latest tag (version). Now you have two methods to tell Helm to use the correct version. Let's take "v5.2", as it is the latest tag. Make sure to use the exact tag, so don't forget the 'v' in 'v5.2'. Via values.yamlIf you choose to use a values.yaml file, add the following: image:
tag: v5.2Via the command lineYou can also overwrite the image tag via the command line. When deploying the chart, add Hope this helps! |
|
Thanks for the help @brnl. Sadly it didn't work out, i am still getting the same error. I have updated the helm chart and tried multiple Versions like latest and v5.2. I tried it with the values.yaml file and the override too. See this output: root@master:~# kubectl describe pod pihole-6887d968f7-k54xb -n pihole Normal Scheduled default-scheduler Successfully assigned pihole/pihole-6887d968f7-k54xb to master |
|
@Cryotize I think your DNS is not working, due to the last line in your log:
Can you also share your used values? See helm show values. |
|
I tried the command, no idea what i'm doing wrong. I tried both release names, for helm and pihole, both did not work. Can you give me the correct syntax? I'm still no to helm and k3s. See this output: root@master: This is my pihole.yaml:persistentVolumeClaim: |
|
@Cryotize Please post your code blocks between ``` and ``` so the indentation is preserved. You can even specify the language of the codeblock, like ```yaml for yaml coloring. See the Markdown examples and select 'code'. :-) So your pihole.yml looks like this: persistentVolumeClaim:
enabled: false
ingress:
enabled: true
serviceTCP:
loadBalancerIP: '192.168.1.111'
type: LoadBalancer
serviceUDP:
loadBalancerIP: '192.168.1.111'
type: LoadBalancer
image:
tag: v5.2
resources:
limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 100m
memory: 128MiBut... For your problem: Can you ping
|
|
Thanks for your help! Seems like the DNS is not working correctly, see this output: ubuntu@master:~$ ping registry-1.docker.io
ping: registry-1.docker.io: Temporary failure in name resolution
ubuntu@master:~$ ping google.com
ping: google.com: Temporary failure in name resolution
ubuntu@master:~$ sudo su
root@master:/home/ubuntu# kubectl get node
NAME STATUS ROLES AGE VERSION
slave1 Ready <none> 12d v1.17.5+k3s1
slave2 Ready <none> 12d v1.17.5+k3s1
slave3 Ready <none> 12d v1.17.5+k3s1
master Ready master 12d v1.17.5+k3s1
root@master:/home/ubuntu# kubectl get pods -n pihole
NAME READY STATUS RESTARTS AGE
svclb-pihole-tcp-95xbj 0/3 Pending 0 4d2h
svclb-pihole-tcp-bv7jw 0/3 Pending 0 4d2h
svclb-pihole-tcp-fmqbj 0/3 Pending 0 4d2h
svclb-pihole-tcp-shk2n 0/3 Pending 0 4d2h
svclb-pihole-udp-nh8sl 2/2 Running 2 4d2h
svclb-pihole-udp-9phnq 2/2 Running 2 4d2h
svclb-pihole-udp-6pg9r 2/2 Running 2 4d2h
svclb-pihole-udp-2slkj 2/2 Running 2 4d2h
pihole-6887d968f7-gdwxk 0/1 ImagePullBackOff 0 4d2h
root@master:/home/ubuntu# kubectl delete namespace pihole
namespace "pihole" deleted
root@master:/home/ubuntu# ping registry-1.docker.io
PING registry-1.docker.io (52.1.121.53) 56(84) bytes of data.
^C
--- registry-1.docker.io ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 9204ms
root@master:/home/ubuntu#The weird part is, this only happens when Pihole is installed, it looks like it breaks itself. Any idea why? 🤔 |
|
Are you using pihole as the dns server on the kubernetes node you're trying to run pihole? It look to me like this because you are doing all commands on the same machine. This will not work, because you are creating a circular dependency. The kubernetes hosts needs a working DNS to retrieve images from docker, but can't because the dns is not working. Hence To test if DNS is working you can always use the command |
|
Again, thanks a lot for the help. I disabled The bad news is, when i try to access the webpanel, i get the Here's the output of NAME READY STATUS RESTARTS AGE
svclb-pihole-tcp-8w2cc 0/3 Pending 0 8m19s
svclb-pihole-tcp-2zbdl 0/3 Pending 0 8m19s
svclb-pihole-tcp-jjqj4 0/3 Pending 0 8m19s
svclb-pihole-tcp-fbnx6 0/3 Pending 0 8m19s
svclb-pihole-udp-2mgdx 2/2 Running 0 8m19s
svclb-pihole-udp-mlg4c 2/2 Running 0 8m19s
svclb-pihole-udp-9j446 2/2 Running 0 8m19s
svclb-pihole-udp-l65rq 2/2 Running 0 8m19s
pihole-7dd45774df-4nhxb 1/1 Running 0 8m19sThe TCP Pods are in the Status Pending, but this is normal according to the Tutorial. |
Are you sure you are querying the pihole webserver? |
|
I'm having similar issues, I installed my cluster using Installing Pi-hole and exposing the node's public IP worked for me. But I wasn't satisfied with that setup. My particular issue, since I managed to make Pi-hole work, was with all requests coming from the internal node IP and I want requests to come from the actual device making the DNS query. So I'm trying to setup load balancing so I can get better request logs using Traefik. That's where all the fun begins! So far I'm bumping in all kinds of issues and since I'm new to Kubernetes, Traefik and Pi-hole, the learning curve is pretty much vertical! I thought I'd share this bit, since maybe the OP is unaware of another DNS service running in his cluster causing the issues. |
Sure, here's the output: The Webserver should be available on 192.168.1.110/admin/, but no success :-/ Also, how can i disable coreDNS with the K3s command? I can't figure it out. |
|
well no, from your output, the http service on which pihole's web server exists is not exposed. the You would need an as far as disabling coreDNS, I think you could start each server with the |
No, the DNS server will be available at 192.168.1.110, the webserver will be available at http://<pending>/admin, but that's not gonna work ;-) You can test the DNS server with dig, by the way: |
|
Hi all Output My yaml file Install commands I hope you guys could help me with this. |
|
Can you do a I think there is an issue with your setup. The |
|
Hello, thx for your response. I am more than sure that i messed up at some point. Pihole-Web description Get service output What I forgot to mention. I am also running a Premetheus installaton on the cluster. I followed the tutorial of Jeff Geerling. Versoni Output Thank you for your support! |
|
It looks like you are running k3s. K3s by default uses Traefik. This uses up ports 80 and 443 on your nodes unless you explicitly install k3s without it. If you didn't exclude Traefik from being installed I would use a loadbalancer for the dns and then use an ingress for web. This is how I have mine setup. |
|
Yes you are right, I am using k3s. I already tried setting up Metallb as loadbalancer, sadly without any success. Again I think I made some configuration errors there... You do not happen to have a tutorial laying around on how to configure traefic and Metallb side by side you could forward me? Thanks in advance! |
|
I don't have a tutorial but you should be able to just set the ingress to true in the values.yaml and setup a host. I'm using nip.io for wildcard dns'ing on my local network. https://nip.io/ Then the dns can be set to loadbalancer and you can set which host IP you'd like: serviceDns: Ingress section: Then point your clients or router toward the ip address of the loadbalancer for dns. The web should come up on the ingress host. |
|
Hello @AndyG-0 I tried your suggestions today but sadly still the same result. Again I am more than sure that I messed up the config again (Still learning) I installed metallb (using this tutorial ) with this config On my router I created a new VLAN for the ip range 192.168.1.0/24 so that metallb can use the rest of the space. Than installing pihole using the following settings Thank you for your patience! Btw after watching the |
|
If your using k3s i'd recomment to get familiar with Traefik and use this as the ingress. Metallb is working for me (not using k3s), but it seems like the Traefik is better integrated into k3s. But what i see in your config: and have to match. and loadBalancerIP: My metallb config: My values.yml (v 0.17.x) |
|
#101 fixes it for me. when doing an upgrade we need one at least one pod running or DNS breaks |
|
Encountered the same issue with k3s and this helm package. |
|
Same problem here, i'm not able to pull the image. Any news? |
Check the latest version on the docker hub page and adjust the image tag in your values.yml accordingly. image:
tag: v5.7Otherwise, specify your exact problem because there were a lot discussed in this issue. 🤔 |
I'm using k3s and there is my pihole.yaml file:persistentVolumeClaim:
enabled: true
ingress:
enabled: true
serviceTCP:
loabBalancerIP: '192.168.178.37'
type: LoadBalancer
serviceUDP:
loabBalancerIP: '192.168.178.37'
type: LoadBalancer
resources:
limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 100m
memory: 128Mi
adminPassword: adminand i'm running the helm charts with this command:
|
|
@MovieMaker93 sorry for the late reply, is it working for you with the latest version? |
|
I am having exactly the same issue as the first post. already add the image tag the DNS is working but cant access the admin page |
|
@appleimperio Could you do a |
|
Thanks but I get lost in how many commands I try to fix the problem that I decide to delete the whole cluster and try again. |
|
I hit this issue using the latest helm chart and running on a k3s rpi cluster (with Traefik, CoreDNS, ServiceLB). I found this issue occurs when Commenting this out allows the images to be pulled and pi-hole to be deployed. My solution for exposing pi-hole DNS on port 53 was via Traefik as follows: Pi-hole config... Add Traefik entrypoints via k3s configuration options: (i.e. create Create IngressRoutes for TCP and UDP: One downside to this approach is that pi-hole only shows the Traefik pods IP in the clients list in the pi-hole UI. I tried to enabled proxyProtocol in the Hope this helps others. |
|
Same here. I have tried but it's impossible to see the original ips/hostname with traefik. I will go back to nginx as reverse proxy. It's a pitty |
|
Any update on this? I'm new to kubernetes and pihole, and having trouble configuring it. I'm able to configure pihole with I'm using kubernetes with k3s (traefik + coreDns + service lb) # -- Configuration for the DNS service on port 53
serviceDns:
# Set type as "LoadBalancer" so k3s service lb exposes the service
# externally
type: LoadBalancer
# -- The port of the DNS service
port: 53 |
- When deploying pihole on port 53 of kubernetes cluster the cluster would fail on any type of request, dns lookup. Turns out the VM configured DNS was "127.0.0.53" (a local target), instead of an upstream DNS server like Cloudflare or Google. Refs: k3s-io/k3s#4486 MoJo2600/pihole-kubernetes#88
Problem
I followed Jeff Geerlings guide to install pihole, but i can't figure out what the problem is. When trying to install the helm chart, 1 container fails because it can't pull the image.
Events / Logs
Name: pihole-9cf8cd796-6hg94
Namespace: pihole
Priority: 0
Node: slave1/192.168.1.201
Start Time: Tue, 17 Nov 2020 21:14:07 +0000
Labels: app=pihole
pod-template-hash=9cf8cd796
release=pihole
Annotations: checksum.config.adlists: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546
checksum.config.blacklist: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546
checksum.config.dnsmasqConfig: b8db33b1edc0c6d931e44ddb1f551bef2185bdfbad893d40b1c946479abdbfc
checksum.config.regex: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546
checksum.config.whitelist: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546
Status: Pending
IP: 10.42.1.102
IPs:
IP: 10.42.1.102
Controlled By: ReplicaSet/pihole-9cf8cd796
Containers:
pihole:
Container ID:
Image: pihole/pihole:v5.1.2
Image ID:
Ports: 80/TCP, 53/TCP, 53/UDP, 443/TCP, 67/UDP
Host Ports: 0/TCP, 0/TCP, 0/UDP, 0/TCP, 0/UDP
State: Waiting
Reason: ImagePullBackOff
Ready: False
Restart Count: 0
Limits:
cpu: 200m
memory: 256Mi
Requests:
cpu: 100m
memory: 128Mi
Liveness: http-get http://:http/admin.index.php delay=60s timeout=5s period=10s #success=1 #failure=10
Readiness: http-get http://:http/admin.index.php delay=60s timeout=5s period=10s #success=1 #failure=3
Environment:
WEB_PORT: 80
VIRTUAL_HOST: pi.hole
WEBPASSWORD: <set to the key 'password' in secret 'pihole-password'> Optional: false
DNS1: 8.8.8.8
DNS2: 8.8.4.4
Mounts:
/etc/addn-hosts from custom-dnsmasq (rw,path="addn-hosts")
/etc/dnsmasq.d/02-custom.conf from custom-dnsmasq (rw,path="02-custom.conf")
/etc/pihole from config (rw)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-mfw4h (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
config:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: pihole
ReadOnly: false
custom-dnsmasq:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: pihole-custom-dnsmasq
Optional: false
default-token-mfw4h:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-mfw4h
Optional: false
QoS Class: Burstable
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
Normal Scheduled default-scheduler Successfully assigned pihole/pihole-9cf8cd796-6hg94 to slave1
Normal Pulling 54s (x3 over 103s) kubelet, slave1 Pulling image "pihole/pihole:v5.1.2"
Warning Failed 48s (x3 over 98s) kubelet, slave1 Failed to pull image "pihole/pihole:v5.1.2": rpc error: code = Unknown desc = failed to pull and unpack image "docker.io/pihole/pihole:v5.1.2": failed to resolve reference "docker.io/pihole/pihole:v5.1.2": failed to do request: Head https://registry-1.docker.io/v2/pihole/pihole/manifests/v5.1.2: dial tcp: lookup registry-1.docker.io: Try again
Warning Failed 48s (x3 over 98s) kubelet, slave1 Error: ErrImagePull
Normal BackOff 9s (x5 over 97s) kubelet, slave1 Back-off pulling image "pihole/pihole:v5.1.2"
Warning Failed 9s (x5 over 97s) kubelet, slave1 Error: ImagePullBackOff
nslookup
nslookup https://registry-1.docker.io/v2/pihole/pihole/manifests/v5.1.2
Server: 1.1.1.1
Address: 1.1.1.1#53
** server can't find https://registry-1.docker.io/v2/pihole/pihole/manifests/v5.1.2: NXDOMAIN
curl
curl -I https://registry-1.docker.io/v2/pihole/pihole/manifests/v5.1.2
HTTP/1.1 401 Unauthorized
Content-Type: application/json
Docker-Distribution-Api-Version: registry/2.0
Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:pihole/pihole:pull"
Date: Tue, 17 Nov 2020 21:28:59 GMT
Content-Length: 156
Strict-Transport-Security: max-age=31536000
I hope those outputs help, maybe someone can help me. I have no clue where the problem is.
Any help is appreciated 👍
The text was updated successfully, but these errors were encountered: