[nginx-ingress-controller] Fix duplicated real_ip_header #1317
Conversation
| @@ -17,8 +17,14 @@ events { | |||
|
|
|||
| http { | |||
| {{/* we use the value of the header X-Forwarded-For to be able to use the geo_ip module */}} | |||
| {{ if $cfg.useProxyProtocol -}} | |||
| set_real_ip_from {{ $cfg.proxyRealIpCidr }}; | |||
| real_ip_header proxy_protocol; | |||
There was a problem hiding this comment.
for my own eductaion, this actually sets the ip on the forwarded packet from the proxy protocol ascii block, right?
|
I thought we were doing some static checking of the config before reload (and not reloading if the config was invalid)? if that's not the case, can you please file a follow up bug. LGTM. |
|
If reload returns an error nginx continues using the previous version |
|
ah so this won't cause downtime right? just a broken feature |
|
exactly. This is an issue when you start with an error in nginx.conf not in a reload |
|
hmm, we can probably work around that too by persisting the last known good template in a volume or configmap, reading on boot up, and only overwriting it on success reload. But a better first step would be an e2e for the nginx controller :) |
fixes #1316