k8s ingress obtains the real IP of the client client

Others 2023-08-08 17:27:36 views: null

background

In Kubernetes, obtaining the real IP address of the client is a common requirement. This is because in the load balancing architecture, the source IP address of the original request will be replaced with the IP address of the load balancer.

The requirement background for obtaining the real IP of the client includes the following points:

  1. Security: Access control and authentication authorization based on client IP can improve system security.
  2. Logging and Auditing: Logging real IPs helps with monitoring, troubleshooting, and compliance auditing.
  3. Statistics and analysis: Understanding user origin regions and behaviors can provide valuable data support for business decision-making and resource allocation optimization.
  4. Anti-fraud and risk assessment: Fraud detection, risk assessment or geo-location related functions based on real IP can improve accuracy and reliability.
    By properly configuring Kubernetes Ingress and related components, it is possible to ensure that the real IP in the original request is correctly passed to the backend service, meeting the above requirements and providing more accurate, secure and reliable services.

configuration method

Take the ingress-nginx installed in the Alibaba Cloud ack cluster as an example

Method 1 command line add method

1. Get the configmap configuration file name of ingress-nginx-controller

[root@K8SMASTER01 ~]# kubectl get -n kube-system deployment ack-ingress-nginx-controller -oyaml|grep configmap
        - --configmap=$(POD_NAMESPACE)/ack-ingress-nginx-controller

2. Edit the configmap configuration file of ingress-nginx-controller

Add the parameters to the configuration file to add the level as shown below

compute-full-forwarded-for = true
forwarded-for-header = X-Forwarded-For
use-forwarded-headers =true

kubectl edit -n kube-system cm ack-ingress-nginx-controller

insert image description here
Just save and exit, it will take effect immediately without restarting the pod

Method 2 console add

1. View the yaml file of ingress-nginx-controller
insert image description here
2. Go to the k8s cluster console configuration item option
insert image description here
3. Add the following configuration and click Save
insert image description here

Guess you like

Origin blog.csdn.net/Habo_/article/details/132106530
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com