-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Get X-Forwarded-* headers for apps on k8s #540
Comments
It's been a long time since our first iteration of K8s ELBs, I can't remember the reason why the ELB protocols were set the way they were. We can fully customize ELB params with our new automation, so I'd like to get this sorted out. |
you're my favorite person |
@glogiotatidis @jgmize and I tested a new ELB in with HTTP/HTTPS listeners for bedrock-dev in Oregon-B. Forwarding appears to be working correctly without the K8s-based redirector service. We'd like to test a similar configuration for snippets in Oregon-B. |
@pmac and I did further testing with bedrock in Frankfurt and Tokyo, and bedrock is now using the HTTP{,S} listeners in production and I believe we should be able to make the switch for snippets and other apps as well. |
I'd very much like to get X-Forwarded headers down to the app level for all our k8s deployed apps. I believe this was never accomplished due to a number of reasons:
Getting those headers will allow apps to identify secure connections without monkey patching them and it secures us better against mis-configurations.
Do the reasons posted still hold or is it a matter of somebody figuring this out? If the later happy to devote some time.
See also #101
The text was updated successfully, but these errors were encountered: