diff --git a/compose.yml b/compose.yml
index cfb4b058..f48769f0 100644
--- a/compose.yml
+++ b/compose.yml
@@ -6,6 +6,7 @@ services:
       BOOT: "https://dl-cdn.alpinelinux.org/alpine/v3.19/releases/x86_64/alpine-virt-3.19.1-x86_64.iso"
     devices:
       - /dev/kvm
+      - /dev/net/tun
     cap_add:
       - NET_ADMIN
     ports:
diff --git a/kubernetes.yml b/kubernetes.yml
index 81fde8be..96ce56b3 100644
--- a/kubernetes.yml
+++ b/kubernetes.yml
@@ -1,10 +1,11 @@
+---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: qemu-pvc
 spec:
   accessModes:
-    - ReadWriteOnce
+  - ReadWriteOnce
   resources:
     requests:
       storage: 16Gi
@@ -16,47 +17,53 @@ metadata:
   labels:
     name: qemu
 spec:
-  terminationGracePeriodSeconds: 120 # the Kubernetes default is 30 seconds and it may be not enough
   containers:
-    - name: qemu
-      image: qemux/qemu-docker
-      ports:
-        - containerPort: 8006
-          protocol: TCP
-      securityContext:
-        privileged: true
-      env:
-        - name: BOOT
-          value: "https://dl-cdn.alpinelinux.org/alpine/v3.19/releases/x86_64/alpine-virt-3.19.1-x86_64.iso"
-        - name: RAM_SIZE
-          value: 1G
-        - name: CPU_CORES
-          value: "1"
-        - name: DISK_SIZE
-          value: "16G"
-      volumeMounts:
-        - mountPath: /storage
-          name: storage
-        - mountPath: /dev/kvm
-          name: dev-kvm
+  - name: qemu
+    image: qemux/qemu-docker
+    env:
+    - name: BOOT
+      value: "https://dl-cdn.alpinelinux.org/alpine/v3.19/releases/x86_64/alpine-virt-3.19.1-x86_64.iso"
+    - name: RAM_SIZE
+      value: "1G"
+    - name: CPU_CORES
+      value: "1"
+    - name: DISK_SIZE
+      value: "16G"
+    ports:
+    - containerPort: 8006
+    securityContext:
+      capabilities:
+        add:
+        - NET_ADMIN
+      privileged: true
+    volumeMounts:
+    - mountPath: /storage
+      name: storage
+    - mountPath: /dev/kvm
+      name: dev-kvm
+    - mountPath: /dev/net/tun
+      name: dev-tun
+  terminationGracePeriodSeconds: 120
   volumes:
-    - name: storage
-      persistentVolumeClaim:
-        claimName: qemu-pvc
-    - name: dev-kvm
-      hostPath:
-        path: /dev/kvm
+  - name: storage
+    persistentVolumeClaim:
+      claimName: qemu-pvc
+  - hostPath:
+      path: /dev/kvm
+    name: dev-kvm
+  - hostPath:
+      path: /dev/net/tun
+      type: CharDevice
+    name: dev-tun
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: qemu
 spec:
-  type: NodePort
+  ports:
+  - name: tcp-8006
+    port: 8006
   selector:
     name: qemu
-  ports:
-    - name: tcp-8006
-      protocol: TCP
-      port: 8006
-      targetPort: 8006
+  type: NodePort
diff --git a/readme.md b/readme.md
index eaf87282..f33b116a 100644
--- a/readme.md
+++ b/readme.md
@@ -34,6 +34,7 @@ services:
       BOOT: "https://dl-cdn.alpinelinux.org/alpine/v3.19/releases/x86_64/alpine-virt-3.19.1-x86_64.iso"
     devices:
       - /dev/kvm
+      - /dev/net/tun
     cap_add:
       - NET_ADMIN
     ports:
@@ -44,7 +45,7 @@ services:
 Via Docker CLI:
 
 ```bash
-docker run -it --rm -e "BOOT=http://example.com/image.iso" -p 8006:8006 --device=/dev/kvm --cap-add NET_ADMIN qemux/qemu-docker
+docker run -it --rm -e "BOOT=http://example.com/image.iso" -p 8006:8006 --device=/dev/kvm --device=/dev/net/tun --cap-add NET_ADMIN qemux/qemu-docker
 ```
 
 Via Kubernetes: