How to get actual source IP address on Application Pod using HAproxy as Ingress

Question

We have deployed haproxy as ingress on our Kubernetes Cluster in remote DC. Our use case is to get actual source IP (Client IP) on application pod which is php 7.2 based and running in httpd. But we are receiving IP of ingress which is 193.168.100.15 (Although it is Public IP but being used as private network) in our Kubernetes.

193.168.100.15Unauthorized access. It should be 203.99.50.227 as IP of our NAT device.

On Ingress I am using following annotations.

annotations:
    haproxy.org/cors-allow-origin: "*"
    ingress.kubernetes.io/enable-cors: "true"
    haproxy.org/forwarded-for: "true"

and in app servcie yaml file I am using following annotation.

annotations:
    haproxy.org/forwarded-for: "true"

Please guide.

score 1 · Answer 1 · answered Jul 29 '21 at 17:22

1

Try setting service.spec.externalTrafficPolicy to local. This is probably dependent on the provider, but it appears to work for GKE and AKS.

answered Jul 29 '21 at 17:22

logicaldiagram

1,019
11
20

How to get actual source IP address on Application Pod using HAproxy as Ingress

1 Answers1