cant find x-real-ip in pod #1134
Comments
|
I'm guessing that you used kube-proxy in iptables mode. A while back, the SIG-NET team did a lot of work to preserve the source IP in iptables mode: kubernetes/kubernetes#3760 However, kube-router and kube-proxy in ipvs mode uses ipvs which does full source NAT'ing by default. There have been a number of efforts to bring this back in ipvs mode: kubernetes/kubernetes#62537 kubernetes/kubernetes#59976 but I believe that all of them haven't made traction. For kube-router, NAT'ing the source IP is just part of the way that we make our clusters a bit easier to manage. If you have a need to preserve the source IP, I would recommend looking into kube-router's DSR functionality: https://github.com/cloudnativelabs/kube-router/blob/master/docs/user-guide.md#direct-server-return This will do more than what you want to do, but it will preserve the source IP. The other alternative (although it comes with a lot of drawbacks) would be to run your workload in the host's network namespace, then no source nat'ing would be done either. |
What happened?
hi
i use kube-router in kubernetes
when i run one pod with echoip image and i open pod url in browser (with nginx-ingress) this pod return pod ip instent of client real ip (x-real-ip)
when i use kube-proxy that return pod ip and when i use kube-router return master ip inside x-real-ip field and x-forwarded-for field
** System Information (please complete the following information):**
kube-router --version): 1.3.0kubectl version) : v1.21.2The text was updated successfully, but these errors were encountered: