I'm using Kubernets on IBM Cloud and I'm trying to create a whitelist policy to be applied to the ingress.
I have installed calico to create kubernetes policies https://console.bluemix.net/docs/containers/cs_network_policy.html#network_policies
and followed this tutorial https://console.bluemix.net/docs/containers/cs_tutorials_policies.html#lesson2
I have also enabled the preservation of the IP source: https://console.bluemix.net/docs/containers/cs_ingress.html#preserve_source_ip
When the policy is applied directly to the loadbalancer it works well, instead when is applied to the ingress it doesn't work.
The reason is that the incoming IP address is mapped to the internal IP address of the ingress.
For this reason, the loadbalancer doesn't recognize the IP as an allowed one ( because the IP address of the ingress is not in the whitelist) and the connection is blocked.
How can I solve this issue?