Capture Logs in Consul

Bruce LBruce L
2 min read

To effectively troubleshoot issues in your Consul cluster, you must first identify whether the problem originates from the Consul agent or the service mesh. This distinction determines the logs and diagnostic tools required for efficient resolution. This guide outlines the steps to diagnose and collect relevant data for both scenarios.

If the issue involves Consul agents (e.g., performance or operational problems), collect diagnostic data and logs from both the affected followers and leader using a Debug Bundle with command consul debug

The Debug Bundle includes:

  • Logs: Captures all activities of the Consul follower or leader from startup.

  • Profiling Data: Includes CPU, memory, goroutine, and trace profiling (pprof). To enable pprof, set enable_debug=true before running the consul debug command.

For issues related to service mesh connectivity (e.g., service communication failures or routing problems), gather diagnostic data from the Envoy proxy instances involved in the data path (e.g., sidecars or gateways).

Collecting Envoy Diagnostics

Access the Envoy admin endpoint at 127.0.0.1:19000 to retrieve key diagnostic data:

  • Listeners:

      curl 127.0.0.1:19000/listeners
    
  • Clusters:

      curl 127.0.0.1:19000/clusters > clusters-<app-name>.txt
    
  • Config Dump:

      curl 127.0.0.1:19000/config_dump?include_eds
    
  • Stats:

      curl 127.0.0.1:19000/stats
    

Enabling Debug Logging for Envoy

To capture detailed logs from Envoy instances:

  1. Enable debug logging on Envoy:

     curl -X POST 127.0.0.1:19000/logging?level=debug
    
  2. Access logs in Kubernetes:

     kubectl logs -f <consul-mesh-gateway-pod> -c <envoy_container>
    

Tip: Replace <consul-mesh-gateway-pod> and <envoy_container> with the specific pod and container names in your environment.

Reference:

https://go.dev/doc/diagnostics

0
Subscribe to my newsletter

Read articles from Bruce L directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Bruce L
Bruce L

I’ve been rocking the DevOps journey for a decade, starting with building Cisco’s software-defined datacenters for multi-region OpenStack infrastructures. I then shifted to serverless and container deployments for finance institutions. Now, I’m deep into service meshes like Consul, automating with Ansible and Terraform, and running workloads on Kubernetes and Nomad. Stick around for some new tech and DevOps adventures!