I'm using CloudFlare as DNS server for the system and need of whitelist IP for some domains of the system. I managed to do this but when I enable Proxy status
feature for domain on CloudFlare I get 403 Forbidden
error because CloudFlare forwards its own IP for ingress
instead of client IP address.
I found a tutorial here .
Is there any other way to solve this problem?
Here is the CloudFlare configuration.
Here is the ingress
configuration.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: admin-ingress
namespace: machine-learning
labels:
app.kubernetes.io/managed-by: Helm
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 50m
nginx.ingress.kubernetes.io/whitelist-source-range: 184.90.9.99,183.88.6.88
spec:
rules:
- host: "admin.xxx.com"
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: admin-service
port:
name: http
And this is the error I get
Any contribution is greatly appreciated.
Best regards,
Please add this line real_ip_header CF-Connecting-IP; in your Nginx config file to forward the original client IP address to the server.
nginx.ingress.kubernetes.io/configuration-snippet: |
real_ip_header CF-Connecting-IP;
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.