Closed venkatamutyala closed 2 days ago
I don't think so, unless Chisel has an option to pass a HTTP header when it detects HTTP traffic.
Chisel is a first and foremost TCP and UDP tunnel, so I don't think this is the case. The chisel operator also treats the tunnel like any normal TCP traffic by specifically setting ip:port/tcp
in the args, so it does not process any headers.
I found an issue related here https://github.com/jpillora/chisel/issues/266
Thanks Cappy. I had a few minutes to do some more research, and it appears if Chisel supported the PROXY Protocol (v2?), it would send over the data needed for my ingress (e.g., nginx) to detect the IP. I opened up a ticket here: https://github.com/jpillora/chisel/issues/540
ref: https://inlets.dev/blog/2022/09/02/real-client-ips-with-proxy-protocol.html https://aws.amazon.com/blogs/networking-and-content-delivery/preserving-client-ip-address-with-proxy-protocol-v2-and-network-load-balancer/
Will this require any changes to the operator?
I think at this time it makes sense to close this out until the support exists upstream.
I'm using chisel operator with ingress nginx it looks like by default I can only see the IP of the chisel pods. Is there a way to get the client IP? I'd like to leverage it to do some advance operations based on IP within my nginx setup.