-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nginx.ingress.kubernetes.io/auth-url Can't use IP whitelisting because the auth-service recieves an internal IP #2938
Comments
@martonsz please make sure you are using |
@aledbf I added the variable but it did not help. I am still getting local IPs The
Here are some logs from my basic auth service showing the request headers. This one is when visiting the address
When I visit the basic auth service directly using its adress
|
@aledbf Yes. I am using |
@martonsz this is a bug. We should send the client IP address in the header |
FEATURE REQUEST
NGINX Ingress controller version:
quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.17.1
Kubernetes version (use
kubectl version
):Environment:
Google kubernetes engine
Container-Optimized OS - 10452.101.0
uname -a
):Linux gke-k8s-gnp-070a1811-63kp 4.14.22+ #1 SMP Wed May 30 13:49:27 PDT 2018 x86_64 Intel(R) Xeon(R) CPU @ 2.50GHz GenuineIntel GNU/Linux
Helm chart for nginx ingress v 0.25.0
What:
I tried to create an IP whitelist in my basic authentication service. Which is a small python Flask app. But I noticed that the service receives an internal IP address when I visit an URL I want to protect with basic auth.
I tried to to use the header
X-forward-for
in my authentication service. But it also contained an internal IP.This is how I annotate my ingress objects.
The text was updated successfully, but these errors were encountered: