Hi, I need your help here
I’m using kong with istio sidecar installed at AWS with a Network loadbalancer
What i’m trying to do: get client real ip header in my pod…
I’m following this: Istio / Proxy protocol on AWS NLB and Istio ingress gateway
and this is the envoy filter applied
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: proxy-protocol
namespace: kong-system
spec:
workloadSelector:
labels:
app.kubernetes.io/instance: kong
configPatches:
- applyTo: LISTENER
patch:
operation: MERGE
value:
listener_filters:
- name: envoy.filters.listener.proxy_protocol
- name: envoy.filters.listener.tls_inspector
---
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: kong-settings
namespace: kong-system
spec:
configPatches:
- applyTo: NETWORK_FILTER
match:
listener:
filterChain:
filter:
name: "envoy.filters.network.http_connection_manager"
patch:
operation: MERGE
value:
name: envoy.http_connection_manager
typed_config:
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager"
skip_xff_append: false
use_remote_address: true
xff_num_trusted_hops: 5