![](/img/trans.png)
[英]How to get client IP address from inside a Azure Kubernetes with a LoadBalancer service
[英]Kubernetes - How to get client IP behind loadbalancer?
如何从 nginx 入口负载平衡器获取客户端 IP? 我尝试设置use proxy protocol
和externalTrafficPolicy
,但它仍然没有显示客户端 IP。
Apache 为每个 http 请求记录10.0.0.225
。 我不确定 IP 是什么,它似乎不是 pod 的 IP 或节点 IP。
httpd服务:
apiVersion: v1
kind: Service
metadata:
name: httpd
labels:
app: httpd-service
namespace: test-web-dev
spec:
type: NodePort
selector:
app: httpd
ports:
- name: port-80
port: 80
protocol: TCP
targetPort: 80
- name: port-443
port: 443
protocol: TCP
targetPort: 443
sessionAffinity: "ClientIP"
sessionAffinityConfig:
clientIP:
timeoutSeconds: 10800
externalTrafficPolicy: Local
入口磅:
apiVersion: v1
kind: ConfigMap
metadata:
name: tcp-services
namespace: ingress-nginx
data:
use-proxy-protocol: 'true'
---
kind: Service
apiVersion: v1
metadata:
name: ingress-nginx
namespace: ingress-nginx
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
externalTrafficPolicy: Local
type: LoadBalancer
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
- name: https
port: 443
protocol: TCP
targetPort: https
在 Apache 中,我配置了以下日志记录设置:
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog "logs/ssl_access_log" combined env=!forwarded
CustomLog "logs/ssl_access_log" proxy env=forwarded
您应该在X-Forwarded-For
header 中获得原点 IP,这是 nginx-ingress 的默认配置: forwarded-for-header
这是在ConfigMap中配置的
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.