Support > How do I enable PROXY protocol when my load balancer sends requests to the NGINX Ingress Controller?

Was this page helpful?

How do I enable PROXY protocol when my load balancer sends requests to the NGINX Ingress Controller?

Validated on 5 Jun 2023 • Last edited on 29 Mar 2024

Enabling the PROXY protocol allows a load balancer managed within a Kubernetes cluster to forward client connection information (such as client IP addresses) to the nodes. The software running on the nodes must be configured to accept the connection information from the load balancer and have the ability to parse the PROXY protocol data.

If your load balancer is backed by an ingress controller, the ingress controller itself must support the PROXY protocol. You need to first enable PROXY protocol within the ingress controller and then enable it for the load balancer. Otherwise, the ingress controller cannot parse the PROXY protocol, which can lead to disruptions in traffic flow.

This example uses nginx installed using the Kubernetes 1-Click App but the following steps can also be used for instances of nginx and DigitalOcean Load Balancers deployed using Helm charts or manifests.

Edit the ConfigMap that nginx uses for custom configurations. Typically, the ConfigMap file is in the same namespace where nginx is deployed. You can run helm ls -A to check the namespace where nginx is installed. Run the following command to edit the ConfigMap using your namespace and service name:
```
kubectl edit configmap -n <namespace> <service-name>
```

Add use-proxy-protocol = "true" to the data section in the ConfigMap and save the file:

    
        
            
    apiVersion: v1
    data:
       allow-snippet-annotations: "true"
       use-proxy-protocol: "true"
    kind: ConfigMap
    metadata:
    annotations:
        ....
    labels:
        ...
    name: ingress-nginx-controller

PROXY protocol is now enabled in the NGINX Ingress Controller, allowing it to parse the PROXY protocol header.

Open the service config file for the load balancer by running the following command using your namespace and service name:
```
kubectl edit service -n <namespace> <service-name>
```

Add service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true" to the annotations section in the service config file and save the file.

    
        
            
    apiVersion: v1
    kind: Service
    metadata:
    annotations:
        kubernetes.digitalocean.com/load-balancer-id: f55b4d90-your-load-balancer-id-4b1a29c40ff
        service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true" 
    labels:
        ...
    name: ingress-nginx-controller

Why did all of my backend Droplets become unhealthy when I enabled PROXY protocol on my load balancer?

Enable PROXY protocol support on your Droplets.

Why do my DOKS load balancer settings keep reverting?

You can configure load balancers that are provisioned by DOKS using Kubernetes service annotations.

Why do my load balancer's Kubernetes node(s) have the No Traffic status?

Kubernetes service ’externaltrafficpolicy’ field controls how nodes respond to health checks.

How do I enable PROXY protocol when my load balancer sends requests to the NGINX Ingress Controller?

Related Topics

We can't find any results for your search.