堆栈内存溢出
  简体   繁体   English

使用负载均衡器时在 kubernetes 日志中查看客户端 IP 地址

[英]View client ip address in kubernetes logs when using load balancer

 原文  2019-02-14 12:27:58       kubernetes/ kubernetes-ingress/ google-kubernetes-engine

问题描述

I am hosting my application on GKE.我在 GKE 上托管我的应用程序。 The kubectl version installed in the server is v1.10.11-gke.1 and nginx-ingress is nginx-ingress-0.28.2服务器安装的kubectl版本是v1.10.11-gke.1 ,nginx-ingress是nginx-ingress-0.28.2

I would like to see the client IP address in my logs.我想在我的日志中看到客户端 IP 地址。 For now, I can only see the pod IP address for example:目前,我只能看到 pod IP 地址,例如:

2019-02-14 15:17:21.000 EAT 10.60.1.1 - [10.60.1.1] - - [14/Feb/2019:12:17:21 +0000] "GET /user HTTP/2.0" 404 9 "-" "Mozilla/5.0 (Macintosh;

My service has tls managed by letsencrypt.我的服务有由 letencrypt 管理的 tls。 How can I get the client IP address on the logs?如何在日志中获取客户端 IP 地址?

screenshot of log files日志文件截图

1 个解决方案

解决方案1
 2  2019-02-15 18:41:56

I reproduced the behavior you observed in a test.我重现了您在测试中观察到的行为。 In my own container logs, on a job running with an nginx-ingress controller, we can only see the internal IP address assuming that nginx-ingress-controller service YAML file is set to:在我自己的容器日志中,在使用 nginx-ingress 控制器运行的作业上,我们只能看到内部 IP 地址,假设 nginx-ingress-controller 服务 YAML 文件设置为:

externalTrafficPolicy: Cluster

Setting traffic to 'Cluster” means that all the nodes can receive the requests.将流量设置为“集群”意味着所有节点都可以接收请求。 'Cluster obscures the client source IP', the requests also could be SNAT'd to a node that has the running pod. “集群掩盖了客户端源 IP”,请求也可以通过SNAT发送到具有正在运行的 pod 的节点。

However, If you change:但是,如果您更改:

externalTrafficPolicy: Local

The client source IP are exposed.客户端源 IP 已公开。 “Local” preserves the client source IP but may cause imbalanced traffic spreading.This due to the fact that only the Nodes that are running the pods will be considered healthy by the network load balancer. “本地”保留客户端源 IP,但可能会导致不平衡的流量传播。这是因为只有运行 Pod 的节点才会被网络负载均衡器认为是健康的。 The requests will be sent only to healthy nodes.请求将仅发送到健康节点。

Some background explanation on how to preserve source IP in your containers and some further reading on the hops for source IP for services with Type=Nodeport can be useful to understand what is happening.关于如何在容器中保留源 IP 的一些背景解释以及有关Type=Nodeport服务的源 IP 跃点的一些进一步阅读对于了解正在发生的事情非常有用。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Laravel:用户的 IP 地址在使用负载均衡器和 kubernetes 的后台作业中返回为 127.0.0.1 - Laravel : User's IP address is returned as 127.0.0.1 in background jobs using load balancer and kubernetes 如何为 Kubernetes 负载均衡器指定静态 IP 地址? - How to specify static IP address for Kubernetes load balancer? Flask 不适用于 Kube.netes (GKE) 负载均衡器 IP 地址 - Flask not working on Kubernetes (GKE) Load balancer IP address 如何在AWS上获取kubernetes负载均衡器服务的永久IP地址? - How to get permanent ip address of a kubernetes load balancer service on AWS? Kubernetes负载均衡器类型不响应外部IP地址 - Kubernetes Load Balancer Type not responding to External IP Address 将负载均衡器与 Kubernetes 一起使用 - Using a Load Balancer with Kubernetes 使用负载均衡器的外部 IP 服务用于不同的 pod Kubernetes - Using the external IP service of the load balancer for different pod Kubernetes 是否有负载平衡器策略通过kubernetes中的IP地址识别将请求重定向到同一端点? - Is there a load balancer policy which redirect requests to the same endpoint by IP address recognition in kubernetes? 通过dns名称而不是IP地址访问Azure Kubernetes-内部负载均衡器 - azure kubernetes-internal load balancer access by dns name instead of ip address Kubernetes 负载平衡器外部 IP 待处理 - Kubernetes load balancer External IP pending
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM