Preserve Source IP when using NLB and Nginx LoadBalancer Controller
Last updated
Last updated
Preserve Source IP when using vLB Layer 4 and Nginx LoadBalancer Controller in Kubernetes is the process of maintaining the client's original IP address when traffic is forwarded through the load balancer and into the Kubernetes cluster. This is important in some cases when you need detailed information about the client's connection, such as the client's original IP address and root port, to be able to make traffic handling or logging decisions. Exactly. Below are our specific instructions to help you implement this usecase.
You have initialized the Cluster on the VKS system according to the instructions here VNGCloud LoadBalancer Controller has been installed on your cluster with appversion from v0.2.1 or higher. If your appversion is lower than this standard version, you can perform the upgrade according to the following instructions:
First, you need to get the release name of vngcloud-controller-manager installed on your cluster:
Then, please upgrade to the latest version via the command:
Next, you need to install nginx-ingress-controller with the command:
Add to Nginx LoadBalancer Controller's ConfigMap the settings to enable proxy protocol via command:
If you arenot using cert-manager
, the code you need to add is as follows:
If you are using cert-manager
, the code you need to add is as follows:
Next, you need to configure vLB Layer4 to allow the use of proxy protocol for the Load Balancer Nginx service. The input value is a list of service names in Load Balancer using Proxy Protocol.
Finally, please perform NLB testing on vLB Portal until these Load Balancers are ACTIVE with full listener and pool.
Suppose, you have a service prometheus-node-exporter with port 9100 in the default namespace, you can apply the following yaml to make it accessible via NLB
Then I use IP 103.245.252.75 to curl to host kkk.example.com as follows:
The recorded log result has this Client IP information as shown: