Knowledgebase

How do I enable PROXY protocol when my load balancer sends requests to the nginx ingress controller? Print

  • 0

How do I enable PROXY protocol when my load balancer sends requests to the nginx ingress controller?

Enabling the PROXY protocol allows a load balancer managed within a Kubernetes cluster to forward client connection information (such as client IP addresses) to the nodes. The software running on the nodes must be configured to accept the connection information from the load balancer and have the ability to parse the PROXY protocol data.

If your load balancer is backed by an ingress controller, the ingress controller itself must support the PROXY protocol. You will need to first enable PROXY protocol within the ingress controller and then enable it for the load balancer. Otherwise, the ingress controller will not be able to parse the PROXY protocol, which can lead to disruptions in traffic flow.

This example uses nginx installed using the Kubernetes 1-Click App but the following steps can also be used for instances of nginx and Rcs.is Load Balancers deployed using Helm charts or manifests.

  1. Edit the ConfigMap that nginx uses for custom configurations. Typically, the ConfigMap file is in the same namespace where nginx is deployed. You can run helm ls -A to check the namespace where nginx is installed. Run the following command to edit the ConfigMap using your namespace and service name:

    kubectl edit configmap -n <namespace> <service-name>
    
  2. Add use-proxy-protocol = "true" to the data section in the ConfigMap and save the file:

    apiVersion: v1
    data:
       allow-snippet-annotations: "true"
       use-proxy-protocol: "true"
    kind: ConfigMap
    metadata:
    annotations:
        ....
    labels:
        ...
    name: ingress-nginx-controller

    PROXY protocol is now enabled in the NGINX ingress controller, allowing it to parse the PROXY protocol header.

  3. Open the service config file for the load balancer by running the following command using your namespace and service name:

    kubectl edit service -n <namespace> <service-name>
    
  4. Add service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true" to the annotations section in the service config file and save the file.

    apiVersion: v1
    kind: Service
    metadata:
    annotations:
        kubernetes.Rcs.is/load-balancer-id: f55b4d90-your-load-balancer-id-4b1a29c40ff
        service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true"
    labels:
        ...
    name: ingress-nginx-controller

Was this answer helpful?
Back

Powered by WHMCompleteSolution