如何使用Gcloud / kubernetes获取客户端外部ip

时间:2016-06-28 13:09:14

标签: networking docker containers kubernetes gcloud

我最近开始在gcloud上使用kubernetes,到目前为止一直非常流畅,但我似乎无法使用wildfly(jsf)在我的应用上获得客户端/用户外部IP地址任何想法不胜感激! 我使用以下命令公开我的pod:

kubectl expose rc modcluster-replication-controller --name=modcluster --type="LoadBalancer"

  • 1 pod运行wildfly独立模式
  • 1个运行mod-cluster的pod
  • 1 pod运行postgres
  • 1 rc运行mod-cluster-replication controler
  • 1公开rc mod-cluster-replication controler port 80
  • 1 gcloud loadbalancer

我使用基于Ticket-monster Kubernetes的kubernetes,gcloud,modcluster,wildfly

3 个答案:

答案 0 :(得分:4)

我的建议(如果你的应用程序是端口80/443上的HTTP / HTTPs)是 利用Ingress控制器,它基本上暴露了 服务作为HTTP / HTTPs负载均衡器,在数据包中注入X-Forwarded-For。

这将显示源/客户端的IP地址。请关注tutorial 有关X-Forwarded-For字段的详细信息,请访问here

我刚刚使用该教程测试的示例调用: LB IP:130.211.10.191

容器内的Tcpdump:

$ tcpdump -n -l -w - | strings

Output:
Host: 130.211.10.191
Cache-Control: max-age=0
Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; CrOS x86_64 7978.74.0) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/50.0.2661.103 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
If-None-Match: "574da256-264"
If-Modified-Since: Tue, 31 May 2016 14:40:22 GMT
X-Cloud-Trace-Context:
6b36a7d93d60dc6921417796255466d5/14093000126457324029
Via: 1.1 google
X-Forwarded-For: 81.47.XXX.XXX, 130.211.10.191    # the IP starting with
81. is my local IP
X-Forwarded-Proto: http
Connection: Keep-Alive
JxHTTP/1.1 304 Not Modified

答案 1 :(得分:0)

k8s 1.7版(仅在1.7.2中测试过)使这变得轻而易举。只需在LoadBalancer服务中使用spec:externalTrafficPolicy:Local。它将毫无问题地为端口80和443提供服务​​。例如:

apiVersion: v1
kind: Service
metadata:
  name: myservice
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
    name: http
  - port: 443
    protocol: TCP
    targetPort: 443
    name: https
  selector:
    app: myapp
    role: myrole
  type: LoadBalancer
  loadBalancerIP: 104.196.208.195
  externalTrafficPolicy: Local 

答案 2 :(得分:0)

kubectl describe svc servicename | grep 'LoadBalancer Ingress'