HA microk8s in prod...
 
Notifications
Clear all

HA microk8s in production

13 Posts
3 Users
2 Reactions
826 Views
Posts: 33
Topic starter
(@mscrocdile)
Eminent Member
Joined: 11 months ago

Finally (after thinking i'm definitely lost) I have enabled both these in traefik values.yaml:

## -- Trust forwarded headers information (X-Forwarded-*).
ย forwardedHeaders:
ย trustedIPs: []
ย insecure: true
#
## -- Enable the Proxy Protocol header parsing for the entry point
ย proxyProtocol:
ย trustedIPs: []
ย insecure: true
#

And everything works (including tls). I just wonder what it means and if insecure=true is correct...

False doesn't work.

ย 

Reply
1 Reply
Brandon Lee
Admin
(@brandon-lee)
Joined: 14 years ago

Member
Posts: 395

@mscrocdile Ah yes, this was probably restricting the traffic coming in. Note the following:

Setting insecure to true in the context of the Proxy Protocol means that Traefik will accept Proxy Protocol headers from all incoming connections, regardless of their source IP address. This is considered insecure because it trusts the incoming Proxy Protocol headers without any restriction. In a secure setup, you would typically specify a list of trusted IPs that are known to send correct and safe Proxy Protocol headers.

Reply
Page 2 / 2