How to read client IP addresses from HTTP requests behind Kubernetes services?

As of 1.5, if you are running in GCE (by extension GKE) or AWS, you simply need to add an annotation to your Service to make HTTP source preservation work.

kind: Service
  annotations: OnlyLocal

It basically exposes the service directly via nodeports instead of providing a proxy–by exposing a health probe on each node, the load balancer can determine which nodes to route traffic to.

In 1.7, this config has become GA, so you can set "externalTrafficPolicy": "Local" on your Service spec.

Click here to learn more

Leave a Comment