0

I have a service host on Amazon ECS. It also have load balancer and CloudFront in front of my ECS, below picture is their architecture:

enter image description here

When my service is running, it will need it's own public IP address to record. And I want get this information without third party library or website. I dig into the fields in HTTP header, I found this in my chrome (see picture below), but I can't access this information by the fields in the header.

enter image description here

My questions is:

  1. Can I get public IP of server without third party library?

(This seems impossible without third party library due to following asked questions)

Get public/external IP address?

Discovering public IP programmatically

How can I get the public IP using python2.7?

  1. Can I get the field like I saw in chrome in python?
John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
Wei Wen Hsiao
  • 191
  • 1
  • 17
  • You want to get your client ip ? Let us know more about your service ecosystem also. What are you using ? – gachdavit May 20 '19 at 07:54
  • @gd8 No, I want get public IP of my server. I'm not quite sure what kind of ecosystem that I should provided. But I write a RESTful web application using Python and Flask framework. Docker it and push to Amazon ECR. Thanks for asking. – Wei Wen Hsiao May 20 '19 at 07:58
  • What do you mean by "need it's own public IP address to record"? What do you mean by "get public IP of server" — are you referring to the ECS instance? If your users are accessing your service via CloudFront, why would they want the Public IP? – John Rotenstein May 20 '19 at 08:24
  • @JohnRotenstein Actually, I was writing a little test application. I want to know which IP that user access when they send their request (for experiment purpose). Because of load balancer, they will access different ECS when they send request. I just want to record this behavior base on public IP. Thanks for asking. – Wei Wen Hsiao May 20 '19 at 08:32
  • Weird requirement and just curious what would you do with the CloudFront IP address, Lambda@edge event structure doesn't log the remote/it's own IP address and – James Dean May 20 '19 at 11:26
  • x-forwarded-for isn't helpful as well because cloudfront uses different IP address to connect to origin compare to where user connected, the only option I could think of to Set Forward ALL header in the cloudfront cache based on select headers and look at the last value of x-forwarded-for header, alb appends it with cloudfront ip address and doing forward all doesn't cache anything, it should proxy everything to origin with the actual ip, if it doesn't, aws might help to tell if there is anyway to proxy cloudfront to oirgin with the same IP. – James Dean May 20 '19 at 11:26
  • In your configuration, it is not possible to capture the "Remote address" value as seen in Chrome, whether or not you use a third party library... but even if it were possible, it would not be useful information because that's an IP address on the front-side of CloudFront -- it does not map 1:1 to anything at the ELB or beyond. It isn't even exclusive to your stack. The `Via` header is similarly not useful, unless you're a support engineer for CloudFront. What do you **actually** want to track, here? The instance or container that handled the request is not revealed by the IP address. – Michael - sqlbot May 20 '19 at 15:31
  • I see. I have to think another plan for this. Thanks for reply. – Wei Wen Hsiao May 21 '19 at 06:16

1 Answers1

0

You can read remote IP address of AWS Cloud Front host using almost any HTTP client in any language or using command line tools like cURL.

However keep in mind that Cloud Front remote IP address you see in your HTTP client (like Chrome in your example) is not "your" address. It is an IP address of the Cloud Front endpoint nearest to your client. Don't confuse Cloud Front endpoint IP (which is not "yours" and might change) with your Elastic Load Balancer IP (which can be "yours" i.e. reserved for you).

Henryk Konsek
  • 9,016
  • 5
  • 32
  • 41
  • Well noted. But In my knowledge, I can get user's IP and cloudFront's IP in 'X-Forwarded-For' field in header in my architectire (according to 'Client IP Addresses' part in this article: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/RequestAndResponseBehaviorCustomOrigin.html). And you said I saw in chrome was the nearest cloudfront to my client, why I got different value in chrome and 'X-Forwarded-For'? Or I misconfigured something? Thanks for reply. – Wei Wen Hsiao May 22 '19 at 03:22