Getting real client IP in Docker Swarm
· 2 min read
在 Docker Swarm 中通过 Stack Deploy 部署 Service 的时候,在 Service 中默认无法获取到客户端的 IP 地址, Github 中有一个 issue 在 track 这个问题:Unable to retrieve user's IP address in docker swarm mode
目前的解决方法或 Workaround 是把 port 改成 host 模式, 以 kong 为例.
默认的 port 发布模式:
version: "3.7"
services:
kong-proxy:
image: kong:1.0.3-alpine
deploy:
mode: global
labels:
- "tier=frontend"
restart_policy:
condition: any
ports:
<span style="color: #ff0000;"> - "80:8000"
- "443:8443"</span>
depends_on:
- database-postgresql
environment:
KONG_ADMIN_LISTEN: 0.0.0.0:8001, 0.0.0.0:8444 ssl
KONG_DATABASE: postgres
KONG_PG_DATABASE: kong
KONG_PG_USER: kong
KONG_PG_PASSWORD: PaSsW0rd
KONG_PG_HOST: database-postgresql
KONG_PG_PORT: "5432"
volumes:
- type: "bind"
source: "/var/log/kong/"
target: "/usr/local/kong/logs/"
# read_only: true
networks:
- backend
- frontend
networks:
frontend:
backend:
修改 port 为 host 模式:
version: "3.7"
services:
kong-proxy:
image: kong:1.0.3-alpine
deploy:
mode: global
labels:
- "tier=frontend"
restart_policy:
condition: any
ports:
<span style="color: #ff0000;"> - target: 8000</span>
<span style="color: #ff0000;"> published: 80</span>
<span style="color: #ff0000;"> mode: host</span>
<span style="color: #ff0000;"> - target: 8443</span>
<span style="color: #ff0000;"> published: 43</span>
<span style="color: #ff0000;"> mode: host
</span> depends_on:
- database-postgresql
environment:
KONG_ADMIN_LISTEN: 0.0.0.0:8001, 0.0.0.0:8444 ssl
KONG_DATABASE: postgres
KONG_PG_DATABASE: kong
KONG_PG_USER: kong
KONG_PG_PASSWORD: PaSsW0rd
KONG_PG_HOST: database-postgresql
KONG_PG_PORT: "5432"
volumes:
- type: "bind"
source: "/var/log/kong/"
target: "/usr/local/kong/logs/"
# read_only: true
networks:
- backend
- frontend
networks:
frontend:
backend:
