Question posted in 
My workflow is as follows.
[ Client => Kubernetes Service => Nginx => Tomcat ]
Here’s my nginx.conf
worker_processes 1;
http {
log_format main '$remote_addr - $http_nid_id [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# HTTP server
server {
listen 80;
listen [::]:80;
server_name localhost;
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
location / {
proxy_pass http://localhost:8080/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Real-IP $remote_addr;
}
...
...
When API is called, $remote_addr is displayed as 127.0.0.1 in access.log.
Here’s my access.log
127.0.0.1 - - [12/Sep/2021:21:32:25 +0900] "GET /test HTTP/1.1" 200 98 "-" "Go-http-client/1.1" "-"
127.0.0.1 - - [12/Sep/2021:21:32:25 +0900] "GET /test HTTP/1.1" 200 98 "-" "Go-http-client/1.1" "-"
127.0.0.1 - - [12/Sep/2021:21:32:25 +0900] "GET /test HTTP/1.1" 200 98 "-" "Go-http-client/1.1" "-"
127.0.0.1 - - [12/Sep/2021:21:32:27 +0900] "GET /test HTTP/1.1" 200 98 "-" "Go-http-client/1.1" "-"
...
Why is $remote_addr 127.0.0.1?
(Ref. https://nginx.org/en/docs/http/ngx_http_core_module.html#var_remote_addr)
2
Answers
You are setting
set_real_ip_fromto127.0.0.1, so as docs says in here, it makes client address
127.0.0.1Just omit this line for getting real client address
You has set
X-Real-IPwhen proxying the queries. In tomcat just use getHeader("x_real_ip") to obtain the real IP of the client.