How to enable Envoy access logging in Rancher v2.3 and v2.4 deployed Istio
This document (000020038) is provided subject to the disclaimer at the end of this document.
This article details how to enable Envoy's access logging, for Rancher deployed Istio, in Rancher v2.3 and v2.4
- A Kubernetes cluster managed by Rancher v2.3 or v2.4, with Istio enabled
Access logging can be enabled for Envoy, in Rancher deployed Istio, by setting the
global.proxy.accessLogFile path and
global.proxy.accessLogEncoding type via Custom Answers on the Istio configuration.
accessLogFile path to
/dev/stdout will route the Envoy access logs to the
istio-sidecar container logs, exposing them via
kubectl logs or any log forwarding endpoint you have configured in the cluster.
The log format, specified in
accessLogEncoding, can be set to JSON or TEXT.
To enable access logging, perform the following steps:
- Navigate to the cluster view in the Rancher UI for the desired cluster and select
Custom Answerssection, enter the following two value pairs and click
Enable(the option will depend on whether you have Istio enabled in the cluster already):
After enabling access logging, you can test the configuration with the Istio
httpbinsample applications, per the Istio documentation.
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020038
- Creation Date: 06-May-2021
- Modified Date:06-May-2021
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com