Cannot access Consul Ingress Gateway Debug Logs

Hi, I am accessing consul ingress gateway from an external service. When tls is enabled for the ingress gateway, the external service is unable to access it. I have added the following in the config.yaml file and still I just see info logs for the ingress gateway. I want to see the http request in the logs.

  envoyExtraArgs: "--component-log-level upstream:debug,http:debug,router:debug,config:debug"

Command used to access the logs:

kubectl logs --follow consul-ingress-gateway-b69d6467b-sqb52 -c ingress-gateway

Hi @zara.butt,

In order to better assist you with debugging this problem, could you please share the following information:

  • Configuration entry for the ingress gateway.
  • Service intentions config entry for the destination service.
  • Details on how you are attempting to access the service (e.g., curl, web browser, etc).
  • Any client-side errors you are receiving when accessing the service.


@blake Yes sure
Configuration entry for the ingress gateway:

kind: IngressGateway
  name: ingress-gateway
    enabled: true
    - port: 8080
      protocol: http
        - name: info
          - "*"

Client side error:

[2022-05-24T12:54:43.425Z] "GET / HTTP/1.1" 503 UH no_healthy_upstream - "-" 0 19 0 - "-" "node-fetch/1.0 (+" "29c5d458-71a6-49f1-b5f9-16f29357d815" "info" "-" outbound|8080|| - - -
[2022-05-30T12:40:40.565Z] "GET / HTTP/1.1" 503 UF,URX upstream_reset_before_response_started{connection_failure} - "-" 0 91 35 - "-" "node-fetch/1.0 (+" "42cf38c8-3ab5-43a8-bf3a-47c3d96f8b09" "info" "" outbound|8080|| - - -

I am accessing it from the browser and curl both.
The client-side service is Istio. I have configured the same root certificate at Istio and Consul side. When I remove TLS from ingress gateway configuration then the external service in Istio can access the service in Consul using the ingress gateway