Receiving external request from internal IP on Nginx Pod in GKE
Question
I have created Nginx pod with Load balancer service in GKE. When it receive requests from external user, in Nginx log it is showing the request is received from an Internal IP (and this is happening randomly).
Sample Request
"@timestamp": "03/Sep/2022:16:25:38 +0530", "@fields": { "remote_addr": "10.160.0.30", "remote_user": "-", "body_bytes_sent": "3767", "gzip_ratio": "3.52","request_time": "0.113", "connection_requests": "7","status": "200", "request": "GET /admin HTTP/2.0", "request_method": "GET"
YAML files
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: image_name
ports:
- containerPort: 80
- containerPort: 443
resources:
requests:
cpu: 2000m
memory: 2Gi
limits:
cpu: 2000m
memory: 2Gi
==========
apiVersion: v1
kind: Service
metadata:
name: dev-nginx-lb-service
spec:
loadBalancerIP: IP_address
type: LoadBalancer
selector:
app: nginx
ports:
- name: https
protocol: TCP
port: 443
targetPort: 443
- name: http
protocol: TCP
port: 80
targetPort: 80
1 answers
solution1
0 2022-09-05 08:46:24
Not sure why it would be random. By default, GKE nodes perform SNAT on packets received via load balancing. If you want to pass the client address directly to the backend pods, you can set externalTrafficPolicy: Local in your Service spec:
apiVersion: v1
kind: Service
metadata:
name: dev-nginx-lb-service
spec:
loadBalancerIP: IP_address
type: LoadBalancer
externalTrafficPolicy: Local
selector:
app: nginx
ports:
- name: https
protocol: TCP
port: 443
targetPort: 443
- name: http
protocol: TCP
port: 80
targetPort: 80
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.