php5.6获取客户端ip,php – Docker Swarm在Nginx中获得真正的IP(客户端主机)

我有一个使用nginx和

PHP的堆栈在Docker Swarm Cluster上运行.

在我的PHP应用程序中,我需要获取remote_addr($_SERVER [‘REMOTE_ADDR’]),其中包含访问我的webapp的客户端主机的真实IP.

但问题是IP通过docker swarm集群通知了nginx.它显示了内部IP,如10.255.0.2,但真正的IP是来自客户端主机的外部IP(如192.168.101.151).

我怎么解决这个问题？

我的docker-compose文件：

version: '3'

services:

php:

image: php:5.6

volumes:

- /var/www/:/var/www/

- ./data/log/php:/var/log/php5

networks:

- backend

deploy:

replicas: 1

web:

image: nginx:latest

ports:

- "80:80"

volumes:

- /var/www/:/var/www/

- ./data/log/nginx:/var/log/nginx

networks:

- backend

networks:

backend:

我的default.conf(vhost.conf)文件：

server {

listen 80;

root /var/www;

index index.html index.htm index.php;

access_log /var/log/nginx/access.log main;

error_log /var/log/nginx/error.log error;

location / {

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

try_files $uri $uri/ /index.php;

}

location = /50x.html {

root /var/www;

}

# set expiration of assets to MAX for caching

location ~* \.(js|css|gif|png|jp?g|pdf|xml|oga|ogg|m4a|ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff|ico|webp|appcache|manifest|htc|crx|oex|xpi|safariextz|vcf)(\?[0-9]+)?${

expires max;

log_not_found off;

}

location ~ \.php${

try_files $uri =404;

fastcgi_index index.php;

fastcgi_split_path_info ^(.+\.php)(/.+)$;

fastcgi_pass php:9000;

include fastcgi_params;

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

fastcgi_param PATH_INFO $fastcgi_path_info;

fastcgi_read_timeout 300;

}

}

我的nginx配置文件：

user nginx;

worker_processes 3;

error_log /var/log/nginx/error.log warn;

pid /var/run/nginx.pid;

events {

worker_connections 1024;

}

http {

include /etc/nginx/mime.types;

default_type application/octet-stream;

keepalive_timeout 15;

client_body_buffer_size 100K;

client_header_buffer_size 1k;

client_max_body_size 8m;

large_client_header_buffers 2 1k;

gzip on;

gzip_comp_level 2;

gzip_min_length 1000;

gzip_proxied expired no-cache no-store private auth;

gzip_types text/plain application/x-javascript text/xml text/css application/xml;

log_format main '$remote_addr - $remote_user [$time_local] "$request_filename" "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

sendfile on;

#tcp_nopush on;

include /etc/nginx/conf.d/*.conf;

}