Containers and Kubernetes

Get Involved. Join the Conversation.

Topic

    Karthik Murthy
    How to preserve Source IP for LoadBalancer Service OKE
    Topic posted July 17, 2019 by Karthik Murthy, tagged Containers, Kubernetes 
    44 Views, 4 Comments
    Title:
    How to preserve Source IP for LoadBalancer Service OKE
    Summary:
    Unable to preserve source IP for a Kubernetes service exposed as type 'LoadBalancer'
    Content:

    I have deployed a backed service and nginx ingress controller as a Load Balancer service as documented in https://docs.cloud.oracle.com/iaas/Content/ContEng/Tasks/contengsettingupingresscontroller.htm 

    I would like to know if there is any way we can preserve source IP on the backed Pod. i.e I expect to see that the source IP of my external client when the request reaches the backend pod via the loadbalancer and nginx ingress controller.

    Any help is greatly appreciated !

    Version:
    12.7

    Comment

     

    • Joydeepta Bhattacharjee

      Is it that you are looking to preserve the Ip which your consumer sees when calling the externalised POD? Ask is not clear ? You have a Ingress rule which would give you a host mapped against the OCI Load balencer IP which your consumer app may use .

      • Karthik Murthy

        Thank you Joydeepta.

        I would like to preserve the IP of my external client that the backend pod sees. Consider the scenario below

        Client -- OCI LoadBalancer -- Ingress -- BackEnd Pod

        10.1.1.2 (Client IP)-- <Public IP of OCI LB> -------- 20.244.2.5 (Backend Pod IP) 

        I expect to see 10.1.1.2 src IP being preserved upto Backend Pod i.e the backend pod to see that the request is coming in from 10.1.1.2. Or atleast that the request is coming in from the IP of the Ingress Pod. Right now the backend pod sees the request coming in from a private IP of the LB. I hope my expectation is clear

    • Hassan Ajan

      Hi Karthik,

      I think you need to look at the header X-Forwarded-For or X-Real-IP, they should contain the IP of the client. 

      Check out https://docs.cloud.oracle.com/iaas/Content/Balance/Reference/httpheaders.htm for more details. 

      Thanks,

      Hassan