Part 0 (Prologue) - Let's talk about the DNS
Before the clusters, castles, and catastrophic over-engineering, there was DNS, a glorified phonebook with delusions of grandeur.
Apr 19, 202612 min read7
Command Palette
Search for a command to run...
Series
An 11-Node Raspberry Pi Kubernetes DNS Cluster
Because one Pi-hole was too simple, and apparently so was one Raspberry Pi.
A multi-part journey into building a highly available, encrypted, ad-blocking DNS on a Kubernetes Raspberry Pi cluster.
Part 1 - The Problem, The Plan, and The Foundation
When you need a safe, you build an impregnable fortress. Then you add a moat. Then redundant DNS. Then Kubernetes. Then you start calling it “infrastructure.”
Apr 25, 202617 min read66
Part 2 - Network Design, Two Networks, and the IoT Problem
When your IoT devices ask for network access, you give them a subnet, a firewall, a DNS policy, and the kind of trust normally reserved for raccoons near open trash cans.
Apr 25, 20266 min read45
Part 3 - DNSCrypt-proxy: Encrypting the Upstream
When your DNS queries head upstream, you don't just let them wander into the internet. You wrap them in encryption, give them a guarded tunnel, and trust public resolvers the way you trust a stranger asking to borrow your router.
Apr 25, 20266 min read12
Part 4 - Pi-hole on Kubernetes: Everything That Went Wrong
Some days you deploy Pi-hole on Kubernetes. Other days Kubernetes deploys emotional damage and puts you on a high-availability support plan.
Apr 26, 202612 min read7
Part 5 - Nebula Sync: Keeping Two Pi-holes in Sync
Some days the Pi-holes agree. Other days one of them develops opinions, and suddenly “redundancy” becomes a custody battle for DNS settings.
Apr 26, 20265 min read25