You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In Swarm mode, a container that receives a request will not get the real source IP but the internal Docker swarm proxy's IP. This can be a problem when a service needs the real IP, obviously.
Traefik receives outside requests for the installed cypherapps and some of those apps need the source IP often for logging purposes. Same goes for the gatekeeper when it is exposed outside of the Docker network and receives requests from CN clients.
Possible solution: make traefik listen directly to host ports (80/443) instead of ingress network, it will then forward the IP in X-Real-Ip header. Something like this for traefik deployment:
In Swarm mode, a container that receives a request will not get the real source IP but the internal Docker swarm proxy's IP. This can be a problem when a service needs the real IP, obviously.
Traefik receives outside requests for the installed cypherapps and some of those apps need the source IP often for logging purposes. Same goes for the gatekeeper when it is exposed outside of the Docker network and receives requests from CN clients.
Possible solution: make traefik listen directly to host ports (80/443) instead of ingress network, it will then forward the IP in X-Real-Ip header. Something like this for traefik deployment:
The text was updated successfully, but these errors were encountered: