ECS:如何为具有负载平衡器的 ECS 配置“X-Forwarded-For”
Summary: 下面提供的步骤在 ECS 中启用了“X-Forwarded-For”,因此,如果负载平衡器已配置为传递原始 IP 地址,ECS 也会在日志文件中捕获该地址。
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Instructions
将负载平衡器(如 F5 的 Big IP)与 ECS 配合使用时,能够传递原始 IP 地址,使其显示在 ECS 日志文件中。
提醒: 仅当在负载均衡器上启用了“X-Forwarded-For”时,此作才有效。(详情见下文)*。
在 ECS 中启用 X-Forwarded-For 的步骤。
1.以管理员身份通过 Secure shell 连接到 ECS 节点。
2.运行以下命令以检查之前是否设置了该参数。
命令: #svc_param info com.emc.ecs.objheadsvc.request_log.headers
示例 1:如果以前从未设置过,请参阅以下输出。
admin@ecsnode1:~> svc_param info com.emc.ecs.objheadsvc.request_log.headers
svc_param v1.2.2 (svc_tools v2.11.1) Started 2023-07-31 18:13:45
Param: com.emc.ecs.objheadsvc.request_log.headers
Description comma sep list of headers to log
Default value (active)
Configured Value < Never modified >
Modification reason None
Last modified None
示例 2: 下面的示例指示之前设置了该参数。
admin@ecsnode1:~> svc_param info com.emc.ecs.objheadsvc.request_log.headers
svc_param v1.2.2 (svc_tools v2.11.1) Started 2023-07-31 18:15:05
WARNING Could not get REST auth token from IP '127.0.0.1' - Connection failed
Param: com.emc.ecs.objheadsvc.request_log.headers
Description comma sep list of headers to log
Default value
Configured Value (active) X-Forwarded-For
Modification reason log request source ip address
Last modified 2023-07-31 18:14:32 UTC (1690827272918)
3.运行以下命令以启用 X-Forwarded-For。
命令: #svc_param set -n com.emc.ecs.objheadsvc.request_log.headers -v "X-Forwarded-For" -r "log request source ip address"
示例:参数更改
admin@ecsnode1:~> svc_param set -n com.emc.ecs.objheadsvc.request_log.headers -v "X-Forwarded-For" -r "log request source ip address"
svc_param v1.2.2 (svc_tools v2.11.1) Started 2023-07-31 18:14:32
Param value changed.
Param: com.emc.ecs.objheadsvc.request_log.headers
Description comma sep list of headers to log
Default value
Configured Value (active) X-Forwarded-For
Modification reason log request source ip address
Last modified 2023-07-31 18:14:32 UTC (1690827272918)
4.要验证是否已设置命令设置,请运行以下命令。
admin@ecsnode1:~> svc_param info com.emc.ecs.objheadsvc.request_log.headers
svc_param v1.2.2 (svc_tools v2.11.1) Started 2023-07-31 18:15:05
Param: com.emc.ecs.objheadsvc.request_log.headers
Description comma sep list of headers to log
Default value
Configured Value (active) X-Forwarded-For
Modification reason log request source ip address
Last modified 2023-07-31 18:14:32 UTC (1690827272918)
提醒:
- 您只需在一个节点上运行配置更改。它应该立即生效。
- 无需重新启动任何服务。
- 设置此参数不会产生任何影响
- 要确认转发是否正常,请检查dataheadsvc.log中RequestLog.java的dataheadsvc.log文件。
命令:
示例:这是一个包含转发客户端 IP 的示例日志行。
#svc_log -f 'X-Forwarded-For' -sr dataheadsvc-access -start 10m
示例:这是一个包含转发客户端 IP 的示例日志行。
2017-03-13T14:57:38,591 [qtp947043383-731114] INFO RequestLog.java (line 83) 10.XXX.134.55 GET //10.XXX.134.55:9024/v1/9f2f0506dc2748ba98b52904ca44f89a?format=json▮=test-storage-16228-255 HTTP/1.0 200 865 - 3 'X-Forwarded-For: 10.XXX.134.56'
负载平衡器详细信息:
仅当正确配置负载平衡器时,此功能才可用。
F5 BigIP 已在实验室中进行了测试。
例如,使用 F5 BigIP Load Balancer 时,关键是将 ProxyPreserveHost 设置为打开,并确保在 HTTP 配置文件中启用 x-forwarded-for。
提供了以下链接,用于查看如何配置 F5 BIG-IP:
Affected Products
Elastic Cloud StorageProducts
Elastic Cloud StorageArticle Properties
Article Number: 000013873
Article Type: How To
Last Modified: 24 Apr 2025
Version: 8
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.