Proxy Protocol - Chart provisioned load balancer show broken openssh header when using gitlab-sshd

Summary

Whilst trying to test a gitlab-sshd deployment in gitlab-charts the below issue is occurring.

When using a GitLab charts deployment, the provisioned load balancer is throwing the below error and rejecting any ssh calls being made.

│ 2022-06-09T15:47:06.999279992Z gitlab-nginx-ingress-controller-5946c65f8c-hdjxz:2022/06/09 15:47:06 [error] 304#304: *596685 broken header: "SSH-2.0-OpenSSH_8.6                                              │
│ 2022-06-09T15:47:06.999406892Z gitlab-nginx-ingress-controller-5946c65f8c-hdjxz:" while reading PROXY protocol, client: 31.48.156.203, server: 0.0.0.0:22                                                     │
│ 2022-06-09T15:47:06.999295642Z gitlab-nginx-ingress-controller-5946c65f8c-hdjxz:[31.48.156.203] [09/Jun/2022:15:47:06 +0000] TCP 400 0 0 0.002
Cloning into 'gpt-project-1'...
kex_exchange_identification: read: Connection reset by peer
Connection reset by 34.73.102.70 port 22
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

This issue only seems to occur when trying to use the Load balancer provisioned by charts. This could be a configuration issue or an issue with the charts application itself.

Steps to reproduce

(Please provide the steps to reproduce the issue)

The easiest way to test this is to set up a normal gitlab-charts deployment with the sshDaemon still using openssh. Once this is set up and confirmed to be working, update the chart with the below config to enable gitlab-sshd

gitlab:
  gitlab-shell:
    config:
      proxyProtocol: true
    sshDaemon: gitlab-sshd
global:
  shell:
    tcp:
      proxyProtocol: true

Once the chart is updated, try to clone a project and the above issue will occur.

Configuration used

(Please provide a sanitized version of the configuration used wrapped in a code block (```yaml))

(Paste sanitized configuration here)

Current behavior

(What you're experiencing happening)

Expected behavior

(What you're expecting to happen)

Versions

  • Chart: (tagged version | branch | hash git rev-parse HEAD)
  • Platform:
    • Cloud: (GKE | AKS | EKS | ?)
    • Self-hosted: (OpenShift | Minikube | Rancher RKE | ?)
  • Kubernetes: (kubectl version)
    • Client:
    • Server:
  • Helm: (helm version)
    • Client:
    • Server:

Relevant logs

(Please provide any relevate log snippets you have collected, using code blocks (```) to format)

Edited by Nick Westbury