You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been working with some setups in GKE using GLB (through the GCE Ingress ) + Nginx Ingress. I finally got this working with HTTP --> HTTPS redirection + Cert Manager + NEGs + BackendConfig (custom healthcheck).
Now my problem is the Source IP. I've tested a bunch of combinations and got from getting 127.0.0.1. to having the internal Node IP, but not the source IP from the client.
Even setting-up the nginx-ingress with this configurations does not solves the problem. On istio is a more complex configuration.
Not having the Source IP address of the clients breaks a bunch of use cases and traceability. And there's no official documentation to workaround this issue.
The text was updated successfully, but these errors were encountered:
I've been working with some setups in GKE using GLB (through the GCE Ingress ) + Nginx Ingress. I finally got this working with HTTP --> HTTPS redirection + Cert Manager + NEGs + BackendConfig (custom healthcheck).
Now my problem is the Source IP. I've tested a bunch of combinations and got from getting 127.0.0.1. to having the internal Node IP, but not the source IP from the client.
Even setting-up the nginx-ingress with this configurations does not solves the problem. On istio is a more complex configuration.
The
use-protocol-proxy
is commented (even though this is supposed to fix the issue, as a last resource) based on known issues:#1002
This issue is kind of famous as it's all over the internet, with old issues like this ones:
jetstack/kube-lego#57
kubernetes/ingress-nginx#3431
kubernetes/ingress-nginx#1815
Not having the Source IP address of the clients breaks a bunch of use cases and traceability. And there's no official documentation to workaround this issue.
The text was updated successfully, but these errors were encountered: