How do I enable PROXY protocol when my load balancer sends requests to the NGINX Ingress Controller?

Validated on 5 Jun 2023 • Last edited on 17 Apr 2025

Enabling the PROXY protocol allows a load balancer managed within a Kubernetes cluster to forward client connection information (such as client IP addresses) to the nodes. The software running on the nodes must be configured to accept the connection information from the load balancer and have the ability to parse the PROXY protocol data.

If your load balancer is backed by an ingress controller, the ingress controller itself must support the PROXY protocol. You need to first enable PROXY protocol within the ingress controller and then enable it for the load balancer. Otherwise, the ingress controller cannot parse the PROXY protocol, which can lead to disruptions in traffic flow.

This example uses nginx installed using the Kubernetes 1-Click App but the following steps can also be used for instances of nginx and DigitalOcean Load Balancers deployed using Helm charts or manifests.

  1. Edit the ConfigMap that nginx uses for custom configurations. Typically, the ConfigMap file is in the same namespace where nginx is deployed. You can run helm ls -A to check the namespace where nginx is installed. Run the following command to edit the ConfigMap using your namespace and service name:

    kubectl edit configmap -n <namespace> <service-name>
  2. Add use-proxy-protocol = "true" to the data section in the ConfigMap and save the file:

    apiVersion: v1
    data:
       allow-snippet-annotations: "true"
       use-proxy-protocol: "true"
    kind: ConfigMap
    metadata:
    annotations:
        ....
    labels:
        ...
    name: ingress-nginx-controller

    PROXY protocol is now enabled in the NGINX Ingress Controller, allowing it to parse the PROXY protocol header.

  3. Open the service config file for the load balancer by running the following command using your namespace and service name:

    kubectl edit service -n <namespace> <service-name>
  4. Add service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true" to the annotations section in the service config file and save the file.

    apiVersion: v1
    kind: Service
    metadata:
    annotations:
        kubernetes.digitalocean.com/load-balancer-id: f55b4d90-your-load-balancer-id-4b1a29c40ff
        service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true" 
    labels:
        ...
    name: ingress-nginx-controller
Why did all of my backend Droplets become unhealthy when I enabled PROXY protocol on my load balancer?

Enable PROXY protocol support on your Droplets.

How to Troubleshoot Load Balancer Health Check Issues

Health checks often fail due to firewalls or misconfigured backend server software.

Why do my DOKS load balancer settings keep reverting?

You can configure load balancers that are provisioned by DOKS using Kubernetes service annotations.

We can't find any results for your search.

Try using different keywords or simplifying your search terms.