[英]How can I access (forward) the public HTTP request IP address inside a docker compose network?
With the following setup:使用以下设置:
only the YARP container has published ports.只有 YARP 容器有发布的端口。 It correctly sets the
X-Forward*
headers for other containers to use.它正确地设置了
X-Forward*
标头供其他容器使用。 But unfortunately it's the docker compose gateway address.但不幸的是,它是 docker 组合网关地址。
When I want to log the (public) client's IP address, I get ::ffff:172.18.0.1
which is the docker compose gateway IP address.当我想记录(公共)客户端的 IP 地址时,我得到
::ffff:172.18.0.1
这是 docker 组成网关 IP 地址。 Somehow I need to tell docker to put the public IP address in the X-Forward-For
header which then will be used by my reverse proxy.我需要以某种方式告诉 docker 将公共 IP 地址放入
X-Forward-For
header 中,然后我的反向代理将使用它。
My containers run inside their own.network:我的容器在它们自己的网络中运行:
services:
yarp:
...
networks:
- mynet
I can see the created.network:我可以看到 created.network:
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
2bf19f507987 dockercompose1502733..._mynet bridge local
and to see the details:并查看详细信息:
$ docker network inspect 2bf
[
{
"Name": "dockercompose1502733..._mynet",
"Id": "2bf...",
"Created": "...",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1" // this is the address I get for public requests
}
]
},
"Internal": false,
"Attachable": true,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"b82645911...": {
"Name": "YARP",
"EndpointID": "fb1b...",
"MacAddress": "02:42:ac:...",
"IPv4Address": "172.18.0.10/16",
"IPv6Address": ""
},
...
},
"Options": {},
"Labels": {
"com.docker.compose.network": "mynet",
"com.docker.compose.project": "dockercompose1502733...",
"com.docker.compose.version": "1.29.2"
}
}
]
You could do network_mode: host
for the reverse proxy service: https://docs.docker.com/compose/compose-file/.network_mode您可以为反向代理服务执行
network_mode: host
: https://docs.docker.com/compose/compose-file/.network_mode
Be mindful though, because:不过要注意,因为:
host: which gives the container raw access to host's.network interface主机:它使容器能够原始访问主机的网络接口
It looks like this is your only solution: https://github.com/docker/roadmap/issues/157看起来这是您唯一的解决方案: https://github.com/docker/roadmap/issues/157
I assume this is a production workload, you might be better off migrating to kube.netes where you certainly will face other set of problems:) but this one is not a problem at least with ingress-nginx I was able to configure it.我认为这是一个生产工作负载,你最好迁移到 kube.netes ,在那里你肯定会遇到其他问题:)但这不是问题,至少对于我能够配置的 ingress-nginx。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.