I have single container running in an EC2 instance behind an AWS Application Load Balancer.
The container is running using network_mode=host and displaying a simple JSON of the Request Info and Headers.
Problem is, I don't get the Client Real IP. Instead, I get an internal IP in the X-Forwarded-For Header.
Also:
What am I missing?
The JSON response:
{
"path": "/",
"headers": {
"x-forwarded-for": "10.XXX.XX.XX",
"x-forwarded-proto": "http",
"x-forwarded-port": "80",
"host": "test.com",
"x-amzn-trace-id": "Root=1-XXXXXXX",
"cache-control": "max-age=0",
"upgrade-insecure-requests": "1",
"user-agent": "Mozilla/5.0 ...",
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3",
"accept-encoding": "gzip, deflate",
"accept-language": "en-US,en;q=0.9",
"cookie": "XXXX"
},
"method": "GET",
"body": "",
"fresh": false,
"hostname": "test.com",
"ip": "::ffff:10.YYY.YY.YY",
"ips": [],
"protocol": "http",
"query": {},
"subdomains": [
"test"
],
"xhr": false,
"os": {
"hostname": "ec2-instance"
}
}
Answering my own question.
It happened that there is a NLB in front of out internal LoadBalancer.