As a container cluster users (DevOps team), I want to use externalTrafficPolicy: local behind a Load-Balancer not only for better performance, but to be able to see the Client IP address in e.g. the ingress controller.
In our current reference implementation, this is not the case, as the internal IP of the load-balancer (octavia) will be seen by the service, not the real client IP.

When we use the nginx-ingress, there should be a possibility to create a work around:

• octavia can be told to use the proxy protocol to communicate the real client IP to a service
• the service -- in this case nginx -- can be told to evaluate the special header

As this does need service specific configuration for most services (some might auto-detect and -evaluate a prozy protocol header), this is unfortunately not a generic solution. But still useful: As we offer to create an nginx-ingress along with cluster deployment, we can set everything in octavia and in ingress from one place to make it work. Further services that the user adds manually however, will not have client-IPs out-of-the-box unfortunately. Still useful ...

This user story is about researching whether this will work and how to make it work in our SCS reference implementation.
It is a reaction to the discussion in issue #227.