diff --git a/content/en/docs/tutorials/services/source-ip.md b/content/en/docs/tutorials/services/source-ip.md index d2e7845096..d04902ddfe 100644 --- a/content/en/docs/tutorials/services/source-ip.md +++ b/content/en/docs/tutorials/services/source-ip.md @@ -1,6 +1,7 @@ --- title: Using Source IP content_type: tutorial +mermaid: true min-kubernetes-server-version: v1.5 --- @@ -206,18 +207,19 @@ Note that these are not the correct client IPs, they're cluster internal IPs. Th Visually: -``` - client - \ ^ - \ \ - v \ - node 1 <--- node 2 - | ^ SNAT - | | ---> - v | - endpoint -``` +{{< mermaid >}} +graph LR; + client(client)-->node2[Node 2]; + node2-->client; + node2-. SNAT .->node1[Node 1]; + node1-. SNAT .->node2; + node1-->endpoint(Endpoint); + classDef plain fill:#ddd,stroke:#fff,stroke-width:4px,color:#000; + classDef k8s fill:#326ce5,stroke:#fff,stroke-width:4px,color:#fff; + class node1,node2,endpoint k8s; + class client plain; +{{}} To avoid this, Kubernetes has a feature to [preserve the client source IP](/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip). @@ -261,17 +263,18 @@ This is what happens: Visually: -``` - client - ^ / \ - / / \ - / v X - node 1 node 2 - ^ | - | | - | v - endpoint -``` +{{< mermaid >}} +graph TD; + client --> node1[Node 1]; + client(client) --x node2[Node 2]; + node1 --> endpoint(endpoint); + endpoint --> node1; + + classDef plain fill:#ddd,stroke:#fff,stroke-width:4px,color:#000; + classDef k8s fill:#326ce5,stroke:#fff,stroke-width:4px,color:#fff; + class node1,node2,endpoint k8s; + class client plain; +{{}} @@ -324,17 +327,7 @@ deliberately failing health checks. Visually: -``` - client - | - lb VIP - / ^ - v / -health check ---> node 1 node 2 <--- health check - 200 <--- ^ | ---> 500 - | V - endpoint -``` +![Source IP with externalTrafficPolicy](/images/docs/sourceip-externaltrafficpolicy.svg) You can test this by setting the annotation: diff --git a/static/images/docs/sourceip-externaltrafficpolicy.svg b/static/images/docs/sourceip-externaltrafficpolicy.svg new file mode 100644 index 0000000000..eace834f71 --- /dev/null +++ b/static/images/docs/sourceip-externaltrafficpolicy.svg @@ -0,0 +1,473 @@ + +image/svg+xmlSource IP with externalTrafficPolicyServiceLoad balancerconfigurationServiceNode 2Node 1Health check of node 2returns 500Health check of node 1returns 200