A simple guide to deploy Pi-hole, a black hole for Internet advertisements, in Azure Container Instances.
1. Install Azure CLI and set your subscription
> az login
> az account set --subscription <subscription_id>
2. Create a Resource Group
> az group create --name <rg_name> --location <location>
3. Create a Storage account
> az storage account create --resource-group <rg_name> --name <storage_name> --location <location> --sku Standard_LRS
4. Create two file shares in the storage account created in the last step
az storage share create --account-name <storage_name> --name etc-pihole
az storage share create --account-name <storage_name> --name etc-dnsmasq
5. Obtain the storage account key
STORAGE_KEY=$(az storage account keys list --resource-group <rg_name> --account-name <storage_name> --query "[0].value" --output tsv)
5. Since our container will require a good number of configuration, let’s use a yaml file
deploy-pi-hole.yaml
name: <container_group_name>
apiVersion: '2018-10-01'
location: <location>
tags: {}
properties:
containers:
- name: <container_name>
properties:
image: pihole/pihole:latest
ports:
- protocol: UDP
port: 53
- protocol: UDP
port: 67
- protocol: TCP
port: 80
- protocol: TCP
port: 443
environmentVariables:
- name: TZ
value: Asia/Kolkata
- name: WEBPASSWORD
value: <custom_large_string>
resources:
requests:
memoryInGB: 1
cpu: 1
volumeMounts:
- name: pihole
mountPath: /etc/pihole/
readOnly: false
- name: dnsmasq
mountPath: /etc/dnsmasq.d/
readOnly: false
restartPolicy: Always
ipAddress:
ports:
- protocol: UDP
port: 53
- protocol: UDP
port: 67
- protocol: TCP
port: 80
- protocol: TCP
port: 443
type: public
dnsNameLabel: <custom_dnsname>
osType: Linux
volumes:
- name: pihole
azureFile:
shareName: etc-pihole
readOnly: false
storageAccountName: <storage_name>
storageAccountKey: <value of $STORAGE_KEY>
- name: dnsmasq
azureFile:
shareName: etc-dnsmasq
readOnly: false
storageAccountName: <storage_name>
storageAccountKey: <value of $STORAGE_KEY>
Replace the place holders in the yaml file.
<custom_dnsname>.<location>.azurecontainer.io
6. Create the container instance
az container create --resource-group <rg_name> --file deploy-pi-hole.yaml
7. Get the IP address of the pi-hole running as container instance.
az container show --resource-group <rg_name> --name <container_group_name> --query ipAddress.ip --output tsv
Update: It has been 10 days since I started using pi-hole and it has blocked ~31% of my DNS queries so far.