-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cloudflare + ELB extracting the client IP in nginx ingress and whiltelist based on the client IP #7761
Comments
@myvelmurugan: This issue is currently awaiting triage. If Ingress contributors determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
remove-kind bug |
@longwuyuan: GuidelinesPlease ensure that the issue body includes answers to the following questions:
For more details on the requirements of such an issue, please see here and ensure that they are met. If this request no longer meets these requirements, the label can be removed In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/remove-kind bug |
@aledbf @J-Ha Can you please help me with this ? I tried adding the below but not working.
I have added this annotation to the ingress which is routed via cloudflare. Kindly let me know the configuration to get the real client IP from the cloudflare to the ingress. |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close |
@k8s-triage-robot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
we have currently configured the below configmap for the nginx ingress.
apiVersion: v1
data:
proxy-body-size: 100m
proxy-connect-timeout: "180"
proxy-read-timeout: "180"
proxy-send-timeout: "180"
use-proxy-protocol: "true"
kind: ConfigMap
Now we are getting the client public Ip in ingress nginx from the ELB (elastic load balancer). Some of the ingress IP we have proxied using cloudflare.
Client --> Cloudflare --> ELB --> Ingress
Now I need to get the original client IP who is accessing the cloudflare endpoint. I have googled and found some of the info and tried but the existing one had the issue. ELB traffic was not properly showing the client IP when I apply the below changes.
I set the below in ingress-nginx controller configmap but it not works. :(
Still it carries the cloudflare side IP only not the client IP.
I want to get both the traffic client IP's (ELB + Cloudflare ). Is there anyway to add only specific ingress to get the cloudflare side client IP, Based on this client IP , I need to whitelist the ingress for the selected client sources.
Kindly help me with this issue.
The text was updated successfully, but these errors were encountered: