Preserve Client IP Setup - 400 error #264
Replies: 3 comments
-
|
Hi, I am converting this to a discussion since it's not an issue with my tool. If you enabled the proxy protocol in the load balancer annotations, then you also need to enable it in Kong, otherwise the ingress won't be able to "understand" the traffic coming from the load balancer. See https://docs.konghq.com/kubernetes-ingress-controller/latest/guides/preserve-client-ip |
Beta Was this translation helpful? Give feedback.
-
|
Hi, no problem regarding the change to discussion👍 I actually have those settings defined in my Kong helm chart, however, I will investigate this further to ensure they are applied correctly. Kudos on the tool by the way, it's great! |
Beta Was this translation helpful? Give feedback.
-
|
It was indeed a configuration with Kong (or possibly LinkerD) so I am closing off this discussion. |
Beta Was this translation helpful? Give feedback.
-
I have followed the excellent advice in this previous thread:
#13
I have my load balancer setup and running using Kong rather than Nginx for the ingress. When I try to hit my domain, I get a SSL_PROTOCOL_ERROR. I have cert-manager running and can see the generated certificate and the relevant annotations in the ingress.
If I look in the proxy log for my pod (deployment) I see that it does indeed have the client IP address but is returning a 400 response.
10.0.0.7 - - [22/Aug/2023:19:28:45 +0000] "PROXY TCP4 MY_IP_ADDRESS LOAD_BALANCER_PUBLIC_IP_ADDRESS 61975 443" 400 12 "-" "-"
Does this look familiar to anyone, has anyone had a similar problem? My K8S environment was all working fine without the proxy protocol enabled.
Beta Was this translation helpful? Give feedback.
All reactions