New to Voyager? Please start here.
Keep Source IP
You can preserve client source IP by setting annotation ingress.appscode.com/keep-source-ip
to true
.
For LoadBalancer
type ingresses, the actual configuration generated depends on the underlying cloud provider.
GCE, GKE, Azure, ACS
: SetsExternalTrafficPolicy
toLocal
for services used to expose HAProxy. See here.AWS
: Enables accept-proxy that enforces the use of the PROXY protocol over any connection accepted by any of the sockets declared on the same line.
For NodePort
type ingresses, it sets ExternalTrafficPolicy
to Local
regardless the cloud provider.
Ingress Example
apiVersion: voyager.appscode.com/v1
kind: Ingress
metadata:
name: test-ingress
namespace: default
annotations:
ingress.appscode.com/keep-source-ip: "true"
ingress.appscode.com/health-check-nodeport: "32312"
spec:
rules:
- host: voyager.appscode.test
http:
paths:
- path: /foo
backend:
service:
name: test-server
port:
number: 80
Here health-check-nodeport
annotation specifies HealthCheckNodePort
field for services used to expose HAProxy. If not specified, it will be auto-assigned by kubernetes. Note that, it is only effective when keep-source-ip
is true
and ingress type is LoadBalancer
.
NB: Please note that, Kubernetes support for AWS NLB is limited as of 1.11.x release. Check kubernetes/features#423 for NLB support status.
service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
annotation is not supported for AWS NLB as of 1.11.x release. At this time proxy protocol attribute needs to be set on the NLB target group either manually from the aws console or from aws cli.