diff --git a/.changelog/15988.txt b/.changelog/15988.txt new file mode 100644 index 00000000000..a5df03ad687 --- /dev/null +++ b/.changelog/15988.txt @@ -0,0 +1,3 @@ +```release-note:improvements +cli: Added a flag, `-enable-config-gen-logging`, to the `connect envoy` command to display log messages when generating the bootstrap config. +``` diff --git a/command/connect/envoy/envoy.go b/command/connect/envoy/envoy.go index 61ace0fadd9..12f8520d758 100644 --- a/command/connect/envoy/envoy.go +++ b/command/connect/envoy/envoy.go @@ -9,6 +9,7 @@ import ( "os/exec" "strings" + "github.com/hashicorp/go-hclog" "github.com/mitchellh/cli" "github.com/mitchellh/mapstructure" @@ -36,6 +37,7 @@ type cmd struct { http *flags.HTTPFlags help string client *api.Client + logger hclog.Logger // flags meshGateway bool @@ -51,6 +53,7 @@ type cmd struct { envoyVersion string prometheusBackendPort string prometheusScrapePath string + enableLogging bool // mesh gateway registration information register bool @@ -170,6 +173,9 @@ func (c *cmd) init() { "0.0.0.0:20200/scrape-metrics. "+ "Only applicable when envoy_prometheus_bind_addr is set in proxy config.") + c.flags.BoolVar(&c.enableLogging, "enable-config-gen-logging", false, + "Output debug log messages during config generation") + c.http = &flags.HTTPFlags{} flags.Merge(c.flags, c.http.ClientFlags()) flags.Merge(c.flags, c.http.MultiTenancyFlags()) @@ -226,11 +232,19 @@ func (c *cmd) Run(args []string) int { c.UI.Error(fmt.Sprintf("Error connecting to Consul agent: %s", err)) return 1 } + // TODO: refactor return c.run(c.flags.Args()) } func (c *cmd) run(args []string) int { + opts := hclog.LoggerOptions{Level: hclog.Error} + if c.enableLogging { + opts.Level = hclog.Debug + } + c.logger = hclog.New(&opts) + c.logger.Debug("Starting Envoy config generation") + // Fixup for deprecated mesh-gateway flag if c.meshGateway && c.gateway != "" { c.UI.Error("The mesh-gateway flag is deprecated and cannot be used alongside the gateway flag") @@ -289,6 +303,7 @@ func (c *cmd) run(args []string) int { c.proxyID = c.gatewaySvcName } + c.logger.Debug("Set Proxy ID", "proxy-id", c.proxyID) } if c.proxyID == "" { c.UI.Error("No proxy ID specified. One of -proxy-id, -sidecar-for, or -gateway is " + @@ -369,6 +384,7 @@ func (c *cmd) run(args []string) int { c.UI.Error(fmt.Sprintf("Error registering service %q: %s", svc.Name, err)) return 1 } + c.logger.Debug("Proxy registration complete") if !c.bootstrap { // We need stdout to be reserved exclusively for the JSON blob, so @@ -378,6 +394,7 @@ func (c *cmd) run(args []string) int { } // Generate config + c.logger.Debug("Generating bootstrap config") bootstrapJson, err := c.generateConfig() if err != nil { c.UI.Error(err.Error()) @@ -386,17 +403,20 @@ func (c *cmd) run(args []string) int { if c.bootstrap { // Just output it and we are done + c.logger.Debug("Outputting bootstrap config") c.UI.Output(string(bootstrapJson)) return 0 } // Find Envoy binary + c.logger.Debug("Finding envoy binary") binary, err := c.findBinary() if err != nil { c.UI.Error("Couldn't find envoy binary: " + err.Error()) return 1 } + c.logger.Debug("Executing envoy binary") err = execEnvoy(binary, nil, args, bootstrapJson) if err == errUnsupportedOS { c.UI.Error("Directly running Envoy is only supported on linux and macOS " + @@ -498,6 +518,7 @@ func (c *cmd) generateConfig() ([]byte, error) { if err != nil { return nil, err } + c.logger.Debug("Generated template args") var bsCfg BootstrapConfig @@ -520,6 +541,7 @@ func (c *cmd) generateConfig() ([]byte, error) { if svc.Proxy == nil { return nil, errors.New("service is not a Connect proxy or gateway") } + c.logger.Debug("Fetched registration info") if svc.Proxy.DestinationServiceName != "" { // Override cluster now we know the actual service name diff --git a/website/content/commands/connect/envoy.mdx b/website/content/commands/connect/envoy.mdx index 213b6147184..3b2e6e6b638 100644 --- a/website/content/commands/connect/envoy.mdx +++ b/website/content/commands/connect/envoy.mdx @@ -82,6 +82,8 @@ Usage: `consul connect envoy [options] [-- pass-through options]` always specifies `--config-file` and `--v2-config-only` and by default passes `--disable-hot-restart` see [hot restart](#envoy-hot-restart). +- `-enable-config-gen-logging` - This flag enables debug message logging when generating the Envoy bootstrap configuration to help troubleshoot issues. Logs output to `stderr`. For more information about generating the Envoy bootstrap configuration, refer to [Envoy proxy configuration](/consul/docs/connect/proxies/envoy#bootstrap-configuration). + #### Envoy Sidecar Proxy Options - `-sidecar-for` - The _ID_ (not name if they differ) of the service instance diff --git a/website/content/docs/connect/proxies/envoy.mdx b/website/content/docs/connect/proxies/envoy.mdx index cd6b0c59398..f93cc2049fb 100644 --- a/website/content/docs/connect/proxies/envoy.mdx +++ b/website/content/docs/connect/proxies/envoy.mdx @@ -108,11 +108,17 @@ If TLS is enabled on Consul, you will also need to add the following environment ## Bootstrap Configuration -Envoy requires an initial bootstrap configuration file. The easiest way to -create this is using the [`consul connect envoy` -command](/commands/connect/envoy). The command can either output the -bootstrap configuration directly to stdout, or generate the configuration and issue an `exec` command -to the Envoy binary as a convenience wrapper. +Envoy requires an initial bootstrap configuration file. You can either create the file manually using the Consul command line or configure Consul Dataplane to generate the file. + +### Generate the bootstrap file on the Consul CLI + +Connect to a local Consul client agent and run the [`consul connect envoy` command](/consul/commands/connect/envoy) to create the Envoy bootstrap configuration. The command either outputs the bootstrap configuration directly to stdout or generates the configuration and issues an `exec` command to the Envoy binary as a convenience wrapper. For more information about using `exec` to bootstrap Envoy, refer to [Exec Security Details](/consul/commands/connect/envoy#exec-security-details). + +If you experience issues when bootstrapping Envoy proxies from the CLI, use the +`-enable-config-gen-logging` flag to enable debug message logging. These logs can +help you troubleshoot issues that occur during the bootstrapping process. +For more information about available flags and parameters, refer to the +[`consul connect envoy CLI` reference](/consul/commands/connect/envoy). Because some Envoy configuration options, such as metrics and tracing sinks, can only be specified via the bootstrap configuration, Connect as of Consul 1.5.0 adds