In our setup, a load-balancer distributes traffic to kong containers. That’s an OSI layer 4 load-balancer, so the clients connect to the load-balancer IP on port 443, and the traffic is NATed to each kong instance on a different IP and port (8400, 8401, 8402, …).
Since kong 0.11, the X-Forwarded-Port header has been added, and it uses kong’s port. In our case 8400, 8401 and so on. We actually didn’t know that until a new API was exposed through kong that uses the X-Forwarded-Port to build the data it sends back to the client (the SpringFoxSwagger library from SpringBoot that builds the swagger data for you). The result is that the client (Swagger UI) tries to connect to kong on port 8400… which is not reachable as all connections should go through the load-balancer.
We could use the trusted_ip setting, but that is not what we want: the X-Forwarded-* headers should be set. I think what we need is a way to force X-Forwarded-Port to 443 instead of using the docker’s port.
Any thought on that one? If a setting to force the X-Forwarded-Port is the solution, we can code that and contribute it.