application-gateway-kubernetes-ingress icon indicating copy to clipboard operation
application-gateway-kubernetes-ingress copied to clipboard

Published 20 hours ago verified publisher icon Azure

Question: client source IP preservation

Open niteenkole opened this issue 5 years ago • 4 comments
trafficstars

Describe the bug Multiple setup we need "client source IP preservation" due to audit or other logic like in finance app allow only this attempt and if more block.

Normal ingress if we create we have option "add --set controller.service.externalTrafficPolicy=Local to the Helm install command" is this valid here ?

https://docs.microsoft.com/en-us/azure/aks/ingress-basic To Reproduce Steps to reproduce the behavior:

Ingress Controller details

  • Output of kubectl describe pod <ingress controller> . The pod name can be obtained by running helm list.
  • Output of `kubectl logs .
  • Any Azure support tickets associated with this issue.

niteenkole avatar Mar 28 '20 18:03 niteenkole

Hi @niteenkole, Thanks for the question. In terms of "client IP preservation", Azure Application Gateway automatically injects "X-FORWARDED-FOR" when it relays the request from client to the backend. AGIC install doesn't have that configuration now.

3quanfeng avatar Apr 18 '20 19:04 3quanfeng

@3quanfeng do you have plans to release this functionality for AGIC?

egorchabala avatar Apr 27 '20 22:04 egorchabala

@3quanfeng any feedback about this?

giotab avatar Jan 17 '22 06:01 giotab

@3quanfeng we really need this feature. Any update on this?

ramazankilimci avatar Apr 13 '22 08:04 ramazankilimci