This issue is a continuation of https://github.com/DataONEorg/k8s-cluster/issues/16, which began as a discussion of port 80/443 access and morphed into "Preserve source IP". For clarity, the discussion continues in this issue.
The source IP discussion began with:
@mbjones dropped a note in Slack today to have us check about source IP preservation. Apparently ESS-DIVE has been bit by this before. It looks like, by default, source IPs don't get preserved and this means that applications only see a cluster IP address as the source IP of incoming HTTP requests. I'm not sure if this is an immediate problem for the services we're running today but it's almost guaranteed to be a problem in the future (ie if we want to deploy Metacat or if a service wants to do usage tracking or rate limiting).
This issue is a continuation of https://github.com/DataONEorg/k8s-cluster/issues/16, which began as a discussion of port 80/443 access and morphed into "Preserve source IP". For clarity, the discussion continues in this issue.
The source IP discussion began with: