I was thinking abut setting internal docker registry. But for that, I need internally resolved domains. Pihole can help with that, and also have ad blocking as a feature, which is a nice bonus. As DNS server is crucial service, I would like to have two instances running in parallel. For that, lets add another node to the cluster:

curl -sfL https://get.k3s.io | K3S_URL=https://192.168.1.43:6443 K3S_TOKEN=K10f7fe3706f8ad61462015f489812856e29847540612c63c6f9e21be60acdd5c91::server:64dc1263ede14dd1624b8bqf438a930f sh -

Change IP of the master node, take the token from /var/lib/rancher/k3s/server/node-token . After few moments, new node will be ready

kubectl get nodes                                                                                                                          
NAME            STATUS   ROLES                  AGE    VERSION
fedora-1.home   Ready    control-plane,master   16d    v1.30.5+k3s1
raspberrypi     Ready    <none>                 126m   v1.30.6+k3s1

If you are using longhorn, you can check longhorn-system namespace, if everything is running fine. In my case, I had to install open-iscsi on raspberry, after that everything was working correctly.

kubectl get pods -l app=longhorn-manager -o custom-columns=NAME:.metadata.name,STATUS:.status.phase,NODE:.spec.nodeName -n longhorn-system 
NAME                     STATUS    NODE
longhorn-manager-q2zzz   Running   raspberrypi
longhorn-manager-rd8dv   Running   fedora-1.home

Now, I can install pihole

helm repo add mojo2600 https://mojo2600.github.io/pihole-kubernetes/
helm repo update

But before installing helm chart, lets prepare values.yaml first. In my case it is:

replicaCount: 2     
serviceDns:         
  type: LoadBalancer  
serviceDhcp:    
  enabled: false   
persistentVolumeClaim: 
  enabled: true    
accessModes:  
  - ReadWriteMany   
adminPassword: "censored"   

now, create namespace, change context and install pihole

kubectl create namespace 
kns pihole
helm install pihole mojo2600/pihole --values values.yaml

That chart will create couple of services

k get svc                                                                                                                                  
NAME             TYPE           CLUSTER-IP     EXTERNAL-IP                 PORT(S)                      
pihole-dns-tcp   LoadBalancer   10.43.74.111   192.168.1.23,192.168.1.43   53:30233/TCP                 
pihole-dns-udp   LoadBalancer   10.43.37.242   192.168.1.23,192.168.1.43   53:31238/UDP                 
pihole-web       NodePort       10.43.250.12   <none>                      80:31808/TCP

We can use the DNS right now:

dig @192.168.1.43 wp.pl                                                                                                                    

;; ANSWER SECTION:
wp.pl.                  150     IN      A       212.77.98.9

And after carefully preparing some record from pihole web ui:

dig @192.168.1.23 dupa666.com                                                                                                              

;; ANSWER SECTION:
dupa666.com.            0       IN      A       6.6.6.6

All it left is to update adlists, and your devices DNS servers.