Issue:
x-forwarded-for
http header just shows 127.0.0.1 instead of the original ipSetup
Details
I tried to adapt the ingress rule with nginx CORS enablement but no success.
Here my ingress Annotation for the service:
nginx.ingress.kubernetes.io/cors-allow-headers: X-Forwarded-For
nginx.ingress.kubernetes.io/cors-allow-methods: PUT, GET, POST, OPTIONS
And here the output via echoheaders app:
Hostname: backend-78dd9d4ffd-cwkvv
Pod Information:
-no pod information available-
Server values:
server_version=nginx: 1.13.3 - lua: 10008
Request Information:
client_address=10.60.8.16
method=GET
real path=/
query=
request_version=1.1
request_scheme=http
request_uri=[REDACTED]
Request Headers:
accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding=gzip, deflate, br
accept-language=en-GB,en-US;q=0.9,en;q=0.8
cache-control=max-age=0
connection=close
cookie=_ga=[REDACTED]
host=[REDACTED]
upgrade-insecure-requests=1
user-agent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
x-forwarded-for=127.0.0.1 <--- why doesn't it show the source IP?
x-forwarded-host=[REDACTED]
x-forwarded-port=443
x-forwarded-proto=https
x-original-uri=/
x-real-ip=127.0.0.1 <--- why doesn't it show the source IP?
x-scheme=https
Request Body:
-no body in request-
X-forwarded-for
should work out of the box with the nginx ingress controller. This works for me:
$ curl -H 'Host: foo.bar' aws-load-balancer.us-west-2.elb.amazonaws.com/first
Hostname: http-svc-xxxxxxxxxx-xxxxx
Pod Information:
node name: ip-172-x-x-x.us-west-2.compute.internal
pod name: http-svc-xxxxxxxxx-xxxxx
pod namespace: default
pod IP: 192.168.x.x
Server values:
server_version=nginx: 1.13.3 - lua: 10008
Request Information:
client_address=192.168.x.x
method=GET
real path=/first
query=
request_version=1.1
request_uri=http://foo.bar:8080/first
Request Headers:
accept=*/*
connection=close
host=foo.bar
user-agent=curl/7.58.0
x-forwarded-for=x.x.x.x <- public IP address
x-forwarded-host=foo.bar
x-forwarded-port=80
x-forwarded-proto=http
x-original-uri=/first
x-real-ip=x.x.x.x < - same IP as x-forwarded-for
x-request-id=xxxxxxxxxxxxxxxxxx
x-scheme=http
Request Body:
-no body in request-
There are a few things you can try:
If you are enabling CORS you need to also need the enable annotation:
nginx.ingress.kubernetes.io/enable-cors: "true"
There's a use-forwarded-headers config option for nginx on your ingress controller that might need to be enabled. This would get enabled on the ConfigMap
used by your nginx ingress controller.