Most of our traffic comes in from pods running in k8s clusters and traverses a haproxy load-balancer enroute to elasticsearch. So, the XFF header shows the ip address of the inbound k8s node.
How do you recommend that we identify the inbound pod traffic so we can easily identify them at the backend? Fluentd has the abilty to set custom headers. So, we can do whatever works best for RoR.