diff options
author | Stan Hu <stanhu@gmail.com> | 2019-03-12 21:22:29 +0300 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2019-03-12 22:46:40 +0300 |
commit | 01203e7188374b2df1246950bffa7fbb2ea87628 (patch) | |
tree | 13c59993c910cd11a756aff14b2346effe28453a /lib/gitlab/request_context.rb | |
parent | 30e52b239ce9ac7ba83778e00f4b45d65e61a4a0 (diff) |
Fix health checks not working behind load balancers
The change in
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24199 caused
requests coming from a load balancer to arrive as 127.0.0.1 instead of
the actual IP.
`Rack::Request#ip` behaves slightly differently different than
`ActionDispatch::Request#remote_ip`: the former will return the first
X-Forwarded-For IP if all of the IPs are trusted proxies, while the
second one filters out all proxies and falls back to REMOTE_ADDR, which
is 127.0.0.1.
For now, we can revert back to using `Rack::Request` because these
middlewares don't manipulate parameters. The actual fix problem involves
fixing Rails: https://github.com/rails/rails/issues/28436.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/58573
Diffstat (limited to 'lib/gitlab/request_context.rb')
-rw-r--r-- | lib/gitlab/request_context.rb | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/gitlab/request_context.rb b/lib/gitlab/request_context.rb index d9811e036d3..f6d289476c5 100644 --- a/lib/gitlab/request_context.rb +++ b/lib/gitlab/request_context.rb @@ -13,7 +13,13 @@ module Gitlab end def call(env) - req = ActionDispatch::Request.new(env) + # We should be using ActionDispatch::Request instead of + # Rack::Request to be consistent with Rails, but due to a Rails + # bug described in + # https://gitlab.com/gitlab-org/gitlab-ce/issues/58573#note_149799010 + # hosts behind a load balancer will only see 127.0.0.1 for the + # load balancer's IP. + req = Rack::Request.new(env) Gitlab::SafeRequestStore[:client_ip] = req.ip |