Any step-by-step guides on how to pass through headers to K8s pods?
I have a site that was deployed in Kubernetes and it's using the NodeBalancer from Linode. I use let's encrypt with a cert-manager and issuer on the cluster.
All that works great but I am trying to get client ip's passed through the site so the site can do some geolocation to compare coordinates and distances on a map.
Unfortunately this doesn't work because my pods are getting the LoadBalancer's IP instead of the client IP.
I've read many guides about setting up the LoadBalancer to terminate the SSL at the LB and then let the traffic between the LB and the pods unencrypted.
My question is: if I need to use HTTPS instead of TCP at the LB level, then I need to paste the certs manually there instead of letting let'sencrypt manage the cert issuing. Is there a better way?
Is there a step by step guide that someone can write on how to properly do this?
I think @pambrosky might be able to help here or maybe someone who has done this already.
Thank you
1 Reply
While I'm not able to write up step-by-step instructions personally, I have some links that I think can help.
First, we have another post on our Community Site that sounds like it's at least very similar to what you're looking to do:
How can I use Proxy Protocol with Linode Kubernetes Engine?
There are some comments in the discussion that address SSL, which may require some additional troubleshooting.
I also wanted to share some of our documentation related to this that could answer some questions that you may have as you get this set up:
Guides - Client's IP Address Pass-through
Proxy Protocol
Getting Started with LoadBalancing on LKE
Kubernetes Cloud Controller Manager for Linode