How to enable Envoy access logging in Rancher v2.3 and v2.4 deployed Istio

This document (000020038) is provided subject to the disclaimer at the end of this document.

Situation

Task

This article details how to enable Envoy's access logging, for Rancher deployed Istio, in Rancher v2.3 and v2.4

Pre-requisites

  • A Kubernetes cluster managed by Rancher v2.3 or v2.4, with Istio enabled

Resolution

Access logging can be enabled for Envoy, in Rancher deployed Istio, by setting the global.proxy.accessLogFile path and global.proxy.accessLogEncoding type via Custom Answers on the Istio configuration.

Setting the accessLogFile path to /dev/stdout will route the Envoy access logs to the istio-sidecar container logs, exposing them via kubectl logs or any log forwarding endpoint you have configured in the cluster.

The log format, specified in accessLogEncoding, can be set to JSON or TEXT.

To enable access logging, perform the following steps:

  1. Navigate to the cluster view in the Rancher UI for the desired cluster and select Tools > Istio.
  2. Under the Custom Answers section, enter the following two value pairs and click Save or Enable (the option will depend on whether you have Istio enabled in the cluster already):

    global.proxy.accessLogFile=/dev/stdout
    global.proxxy.accessLogEncoding=JSON
  3. After enabling access logging, you can test the configuration with the Istio sleep and httpbin sample applications, per the Istio documentation.

Further reading

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000020038
  • Creation Date: 06-May-2021
  • Modified Date:06-May-2021
    • SUSE Rancher

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback@suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center