Hi I'm trying to get client real-ip to restrict some access at pod on kubernetes environemnt Hi I'm trying to get client real-ip to restrict some access at pod on kubernetes environemnt kubernetes kubernetes

Hi I'm trying to get client real-ip to restrict some access at pod on kubernetes environemnt


kubernetes kubernetes-ingress kong kong-ingress

Checkout the properties for "real IP" determining (https://docs.konghq.com/2.1.x/configuration/#trusted_ips):

  • trusted_ips
  • real_ip_header
  • real_ip_recursive

This might also of interest: https://github.com/Kong/kong/pull/5861

kubernetes kubernetes-ingress kong kong-ingress

You need to specify the traffic policy on the kong-proxy service

spec:...  selector:    app: ingress-kong  type: LoadBalancer  externalTrafficPolicy: Local

And you may need to add one or both of the following environment variables to the kong container

- name: KONG_TRUSTED_IPS  value: 0.0.0.0/0,::/0- name: KONG_REAL_IP_RECURSIVE  value: "on"

I got this working with a k3s instance.

There are detailed information about the issues with the source-ip in "bare metal considerations for k8s" on the k8s documentation and "preserving client ip addresses" in kong docs. They contain too many details to briefly summarize.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last