Hi,
I’m running traefik and crowdsec behind a Metallb in a kubernetes cluster.
But I don’t get the real IPs of the clients which access a site behind traefik. In the log of the lapi I only see the internal k8s IP Adresses.
whoami behind traefik shows the following output:
Hostname: whoami-64f6cf779d-4tk67
IP: 127.0.0.1
IP: ::1
IP: 10.244.1.240
IP: fe80::9c95:40ff:fee9:c547
RemoteAddr: 10.244.3.4:39992
[...]
X-Forwarded-For: 172.16.50.10
X-Forwarded-Host: whoami.XXXX
X-Forwarded-Port: 443
X-Forwarded-Proto: https
X-Forwarded-Server: traefik-qsw9k
X-Real-Ip: 172.16.50.10
I already tried much things, but still don’t get it to work.
In the middleware I configured
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: crowdsec-bouncer
namespace: traefik
spec:
plugin:
crowdsec-bouncer:
enabled: true
crowdsecLapiKey: "XXXX"
crowdsecLapiScheme: http
crowdsecLapiHost: crowdsec-service.traefik.svc.cluster.local:8080
forwardedHeadersTrustedIPs:
- 10.0.0.0/8
forwardedHeadersCustomName: X-Forwarded-For
Am I missing something?
Could someone provide me any tips or give me an example configuration?
Thanks alot!