CS clusters do not forward client IPs by default as the ALB act as a non-trasparent proxy. So in order to forward the client ip in custom HTTP headers, such as x-forwarded-for , these instructions can be followed.
These instructions assume the container applications should insecurely accept the header from any IP as there is no instruction to find and or determine the IP of the ALB.
Ideally ALBs should be configurable as transparent proxies so no custom deployment or changes are required. However if this is not possible two instructions should be included in the documentation.
1 - how to set up the ALBs to automatically forward the x-forwarded-for header systematically ie through a YAML file
2 - how to get the IP of the ALB routing service as it will be seen by the service container so that i can pass it to the application, thus allowing the application to securely use the custom header from a secure and predetermined source.
Further details are available in support ticket
Do not place IBM confidential, company confidential, or personal information into any field.