[jira] [Commented] (CLOUDSTACK-8180) RouterVM does no longer provide X-ForwardedFor header with Loadbalancer

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14609853#comment-14609853
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8180:
--------------------------------------------

GitHub user wilderrodrigues opened a pull request:

    https://github.com/apache/cloudstack/pull/549

    CLOUDSTACK-8180 - RouterVM does no longer provide X-ForwardedFor header 
with Loadbalancer

    Hi @remibergsma and @DaanHoogland 
    
    The "option forwardfor" in the haproxy has been fixed.
    
    - Make sure the "option forwardfor" is always available by not removing it
    - If keepalived is enabled, then set "no option forceclose"
    
    Could you please have a look at this PR?
    
    The first commit is about formatting the code, can be ignored. The second 
commit is the actual change.
    
    Cheers,
    Wilder

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/schubergphilis/cloudstack fix/CLOUDSTACK-8180

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cloudstack/pull/549.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #549
    
----
commit 4dd000b850d3afa98b66b623aaec6f6e8bdcab01
Author: wilderrodrigues <wrodrig...@schubergphilis.com>
Date:   2015-07-01T09:51:06Z

    CLOUDSTACK-8180 - RouterVM does no longer provide X-ForwardedFor header 
with Loadbalancer
    
       - Formatting code

commit 932f8aee261411da75c549f4e4ddaca77a4714d9
Author: wilderrodrigues <wrodrig...@schubergphilis.com>
Date:   2015-07-01T09:52:11Z

    CLOUDSTACK-8180 - RouterVM does no longer provide X-ForwardedFor header 
with Loadbalancer
    
       - Make sure the "option forwardfor" is always available by not removing 
it
       - If keepalived is enabled, then set "no option forceclose"

----


> RouterVM does no longer provide X-ForwardedFor header with Loadbalancer
> -----------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-8180
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8180
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Virtual Router
>    Affects Versions: 4.3.0, 4.4.2
>            Reporter: Steven Geerts
>            Assignee: Wilder Rodrigues
>              Labels: patch
>
> With the migration from Cloudstack 4.2.1 to 4.3.0 we lost the functionality 
> that the virtual loadbalancer (HaProxy) on a router VM added the 
> "x-forwarded-for" header to the http(s) traffic. 
> This header allows webservers to get the IP address from the originating 
> host. 
> due to the absence of this header all webtraffic seems to originate from the 
> (inside) IP of the routerVM.  
> we confirmed this functionality to be absent/broken until CS 4.4.2



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)