From: | "Jim Chanco Jr(dot)" <jim(dot)chanco(at)crunchydata(dot)com> |
---|---|
To: | Ron <ronljohnsonjr(at)gmail(dot)com> |
Cc: | pgsql-admin(at)lists(dot)postgresql(dot)org |
Subject: | Re: Client IP in Patroni |
Date: | 2022-11-21 15:30:46 |
Message-ID: | CADxTxx6qej-4ASRLaEoAnzCU0FwGUOS+3Mf3BaQQ6FPOF_5VkQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
If/when PostgreSQL adds support for TPROXY, then you'd be able to see the
source IP.
This thread might be useful to you:
https://www.postgresql.org/message-id/20190519153623.GB13208%40thinkpad
On Mon, Nov 21, 2022 at 10:28 AM Jim Chanco Jr. <jim(dot)chanco(at)crunchydata(dot)com>
wrote:
> AFAIK- HAProxy can only append an x-forwarded-for in layer 7 mode (http).
> Unfortunately, using HAProxy for PostgreSQL connections is layer 4 (tcp).
> The best you could do would be to route the connection through something
> like pgbouncer and have it append the source IP in the app name.
>
> Kind regards,
>
> Jim
>
> On Mon, Nov 21, 2022 at 10:25 AM Ron <ronljohnsonjr(at)gmail(dot)com> wrote:
>
>> On 11/21/22 09:14, Anjul Tyagi wrote:
>>
>> Team,
>>
>> We have setup in Postgres HA Cluster using Patroni. Also we have used the
>> HAProxy for load balancing...
>>
>> On Postgres side, we are getting HaProxy IP instead of Client IP, while
>> checking in pg_stat_activity tables. Can you please suggest the changes
>> needs to be done on HAProxy or Postgres side?
>>
>>
>> Postgresql does not know that HAProxy is a proxy. It just knows that an
>> IP address (which just happens to come from an HAProxy server) has
>> connected and "doing stuff".
>>
>> --
>> Angular momentum makes the world go 'round.
>>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Massimo Ortensi | 2022-11-21 16:37:50 | Out of memory error during pg_upgrade in big DB with large objects |
Previous Message | Jim Chanco Jr. | 2022-11-21 15:28:37 | Re: Client IP in Patroni |