How to get clients public IP on the pod?

问题

I have an application based on Python-Flask. I would like to get Clients Public Ip when they are hits my ingress endpoint.

I have already tried to change externalTrafficPolicy to Local and Cluster.

My Pod YAML file

apiVersion: v1
kind: Pod
metadata:
  labels:
    run: webplatform
  name: webplatform-deployment-6d68c99fc7-xlb8j
  namespace: prod
spec:
  containers:
  - command:
    - python
    - /app/app.py
    envFrom:
    - secretRef:
        name: webplatform-secret
        optional: false
    image: docker.fuchicorp.com/webplatform-prod:0.5
    imagePullPolicy: Always
    name: webplatform-container
  imagePullSecrets:
  - name: nexus-creds
  serviceAccount: webplatform-service-account
  serviceAccountName: webplatform-service-account

My Service YAML file

apiVersion: v1
kind: Service
metadata:
  name: webplatform-service
  namespace: prod
spec:
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 32744
    port: 7101
    protocol: TCP
    targetPort: 5000
  selector:
    run: webplatform
  sessionAffinity: None
  type: NodePort

My Ingress recourses YAML file

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    certmanager.k8s.io/cluster-issuer: letsencrypt-fuchicorp-prod
    kubernetes.io/ingress.class: nginx
  generation: 2
  name: ingress-webplaform
  namespace: prod
spec:
  rules:
  - host: academy.fuchicorp.com
    http:
      paths:
      - backend:
          serviceName: webplatform-service
          servicePort: 7101
  tls:
  - hosts:
    - academy.fuchicorp.com
    secretName: letsencrypt-sec-webplatform-prod

When I see the logs I see that Ingress-Controllers IP on the logs

INFO: 10.16.0.16 - - [28/Sep/2019 20:06:12] "GET / HTTP/1.1" 200 -

回答1:

TL;DR

client IP should be available via the X-Forwarded-For HTTP header

---

It should be provided by the load balancer (the ingress controller). Assuming your cluster is running on the cloud (aws, gcp, etc.), you get the client IP via the X-Forwarded-For HTTP header.

If its an on-prem k8s cluster (you run it on your own private cloud/ local machine), configure your load-balancer to do that- http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_next_upstream

来源：https://stackoverflow.com/questions/58149992/how-to-get-clients-public-ip-on-the-pod