Merge pull request #78234 from dfitzmau/OCPBUGS-36292

jeana-redhat · web-flow · commit 6063bfbdd03c · 2024-07-10T10:17:37.000-04:00
OCPBUGS-36292: Expanded Configuring the PROXY protocol for an Ingress…
diff --git a/modules/nw-ingress-controller-configuration-proxy-protocol.adoc b/modules/nw-ingress-controller-configuration-proxy-protocol.adoc
@@ -6,18 +6,18 @@
 [id="nw-ingress-controller-configuration-proxy-protocol_{context}"]
 = Configuring the PROXY protocol for an Ingress Controller
 
-A cluster administrator can configure https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt[the PROXY protocol] when an Ingress Controller uses either the `HostNetwork` or `NodePortService` endpoint publishing strategy types. The PROXY protocol enables the load balancer to preserve the original client addresses for connections that the Ingress Controller receives. The original client addresses are useful for logging, filtering, and injecting HTTP headers. In the default configuration, the connections that the Ingress Controller receives only contain the source address that is associated with the load balancer.
+A cluster administrator can configure link:https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt[the PROXY protocol] when an Ingress Controller uses either the `HostNetwork`, `NodePortService`, or `Private` endpoint publishing strategy types. The PROXY protocol enables the load balancer to preserve the original client addresses for connections that the Ingress Controller receives. The original client addresses are useful for logging, filtering, and injecting HTTP headers. In the default configuration, the connections that the Ingress Controller receives only contain the source address that is associated with the load balancer.
 
-This feature is not supported in cloud deployments. This restriction is because when {product-title} runs in a cloud platform, and an IngressController specifies that a service load balancer should be used, the Ingress Operator configures the load balancer service and enables the PROXY protocol based on the platform requirement for preserving source addresses.
-
-[IMPORTANT]
+[WARNING]
 ====
-You must configure both {product-title} and the external load balancer to either use the PROXY protocol or to use TCP.
+The PROXY protocol is unsupported for the default Ingress Controller with installer-provisioned clusters on non-cloud platforms that use a Keepalived Ingress VIP.
 ====
 
-[WARNING]
+This feature is not supported in cloud deployments. This restriction is because when {product-title} runs in a cloud platform, and an Ingress Controller specifies that a service load balancer should be used, the Ingress Operator configures the load balancer service and enables the PROXY protocol based on the platform requirement for preserving source addresses.
+
+[IMPORTANT]
 ====
-The PROXY protocol is unsupported for the default Ingress Controller with installer-provisioned clusters on non-cloud platforms that use a Keepalived Ingress VIP.
+You must configure both {product-title} and the external load balancer to either use the PROXY protocol or to use Transmission Control Protocol (TCP).
 ====
 
 .Prerequisites
