new proxy protocol breaks pod to ingress communication

Created by: flyersa

the new proxy protocol setting in the nginx ingress breaks pod to ingress lb communication. e.G pods cannot request from ingress setups deployed in the cluster in the same network, it will only work from external.

values in ngrinx-ingress.yaml:

loadbalancer.openstack.org/proxy-protocol: "true" use-proxy-protocol: "true"

This also breaks cert-manager with letsencrypt cluster issuer since the cert-manager is not able to curl for the .acme challenges. In proxymode connections only work from outside the network, with proxy-protocol active pods running in the cluster cannot access ingress urls (empty response).

setting proxy-protocol to false ín the current setup will make the ingress only available from inside the cluster, but then the ingress will stop working from outside.

digitalocean on there own provider face something similar and there is a workaround by setting some kind of hostname to the ip of the deployed loadbalancer (step 5 here https://www.digitalocean.com/community/questions/how-to-support-internal-traffic-with-proxy-protocol-enabled-on-a-kubernetes-loadbalancer) . similar reference here: https://github.com/kubernetes/cloud-provider-openstack/issues/1287