Use Nginx to preserve headers/client IP when working with ELB

If you configure ELB for Http/s then ELB injects X-Forwarded-For: client-ip-address header that has orginal client IP address this is an application layer mode. But if you decide to use TCP load balancing ELB is not not aware of any headers. For this we going to use Nginx to proxy_websocket connections L4 TCP.

HAproxy developed Proxy Protocol to solve this problem, so we are going to configure the Proxy_Protocol on our load balancer, then configure nginx for the proxy protocol. Proxy protoclol allows to confiure additional header including a client IP.

sudo apt-get install nginx
systemctl status nginx
tail -f /var/log/nginx/access.log
pip install awscli==1.6.6
aws configure
aws elb describe-load-balancer-policy-types
aws elb create-load-balancer-policy --load-balancer-name linuxacademy-protocol-policy --policy-name "<POLICY NAME>" --policy-type-name ProxyProtocolPolicyType --policy-attributes AttributeName=Proxy Protocol, AttributeValue-true
aws elb describe-load-balancer-policies --load-balancer-name aws "<LOAD BALANCER NAME>"
aws elb set-load-balancer-policies-for-backend-server --load-balancer-name "<LOAD BALANCER NAME>" --instance-port 80 --policy-names linuxacademy-protocol-policy
cd /etc
cd nginx/
vim nginx.conf
systemctl restart nginx