Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Access external client IP from behind Google Compute Engine network load balancer

Tags:

google-compute-engine

I am running a Ruby on Rails app (using Passenger in Nginx mode) on Google Container Engine. These pods are sitting behind a GCE network load balancer. My question is how to access the external Client IP from inside the Rails app.

The Github issue here seems to present a solution, but I ran the suggested:

for node in $(kubectl get nodes -o name | cut -f2 -d/); do
  kubectl annotate node $node \
    net.beta.kubernetes.io/proxy-mode=iptables;
  gcloud compute ssh --zone=us-central1-b $node \
    --command="sudo /etc/init.d/kube-proxy restart";
done

but I am still getting a REMOTE_ADDR header of 10.140.0.1.

On ideas on how I could get access to the real Client IP (for geolocation purposes)?

Edit: To be more clear, I am aware of the ways of accessing the client IP from inside Rails, however all of these solutions are getting me the internal Kubernetes IP, I believe the GCE network load balancer is not configured (or perhaps unable) to send the real client IP.

like image 636
Jared S Avatar asked Mar 19 '16 22:03

Jared S

People also ask

How do I find external IP of GCP instance?

You view the internal and external IP addresses for your instance through either the Google Cloud console, the Google Cloud CLI, or the Compute Engine API. In the Google Cloud console, go to the VM instances page. If the VM instance has an external IP address, it appears under the External IP column.

Which types of external IP addresses are supported by forwarding rule in Google Compute Engine?

Forwarding rules for target pool-based network load balancer support only IPv4 addresses. For regional external IPv4 addresses, the Network Load Balancing supports both Standard Tier and Premium Tier. Regional external IPv6 addresses are only available in the Premium Tier.

1 Answers

A Googler's answer to another version of my question verifies what I am trying to do is not currently possible with the Google Container Engine Network Load Balancer currently.

EDIT (May 31, 2017): as of Kubernetes v1.5 and up this is possible on GKE with the beta annotation service.beta.kubernetes.io/external-traffic. This was answered on SO here. Please note when I added the annotation the health checks were not created on the existing nodes. Recreating the LB and restarting the nodes solved the issue.

like image 194
Jared S Avatar answered Sep 21 '22 03:09

Jared S
Sign in to Comment

Related questions

Does Google Cloud provide public hostnames for their Compute instances?
Block docker access to specific IP
How can I cleanly remove a container image from the Google Container Registry?
Deleted Compute Engine default service account
How do I install pip modules on google compute engine?
Unable to pull image from private GCR from Container Optimized Compute Engine
ssh to my compute engine machine
Moving Google Compute VM instances between Networks
Redirecting http to https in Google Cloud
Confusion on disk types in gcloud when creating a new disk
Should one use google cloud app engine or compute engine or container engine for a large Drupal website migration?
Rsync to Google Compute engine Instance from Jenkins
How to add More CPU Core and RAM in Running VM Instance
How to pause a kubernetes service
GCE LoadBalancer : Invalid value for field 'namedPorts[0].port': '0'. Must be greater than or equal to 1
How to Install git in google compute engine?
kubectl is not installed on GCE by default
GCP says "Compute Engine API has not been used in project" but it is enabled already

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!