GitHub user senthilnathan-am added a comment to the discussion: Preserve Client Source IP in Virtual Router
Finally found a solution to preserve client IP for Kubernetes platform in ACS. Below are the things to be done: 1. For K8s, if it setup manually then it is recommended to use Load Balancing rules instead of port forwarding rules for network traffic diversion. 2. If Istio service mesh is used to expose the cluster ports then proxy protocol has to be enabled in VR haproxy service in the appropriate listen section, just by adding 'send-proxy-v2' after check. 3. Restart the haproxy service in VR. Also, make sure the proxy protocol is enabled in Istio level. Now, actual client source IP will get displayed in the backend server/pod log as expected. GitHub link: https://github.com/apache/cloudstack/discussions/9529#discussioncomment-10364752 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
