Platform
Table of contents
Bare Metal / Virtual Machine
-
Check Envoy Proxy logs
sudo tail /var/log/envoy/envoy.log -f
-
Check Fyde Access Proxy logs
sudo journalctl -u fydeproxy -f
-
Check firewall rules
sudo firewall-cmd --list-all-zones # or sudo iptables -L -xvn
-
Ensure Envoy Proxy is running
sudo ps axuww | grep envoy
-
Ensure Envoy Proxy is listening on the correct port
sudo ss -anp | grep envoy | grep LISTEN # or sudo netstat -anp | grep envoy | grep LISTEN
Cloudformation ASG
-
Instance logs are sent to CloudWatch by default
-
Check the log group named:
/aws/ec2/FydeAccessProxy
- Select the failing instance from the log stream list
- Filter for
cloud-init:
- Search for script errors. Example:
2020-09-19T22:36:07.894+01:00 Sep 19 21:36:05 ip-10-200-0-114 cloud-init: + curl -sL https://url.fyde.me/install-fyde-proxy-linux 2020-09-19T22:36:07.894+01:00 Sep 19 21:36:06 ip-10-200-0-114 cloud-init: Invalid option: -r
Cloudformation ECS Fargate
-
Pod logs are sent to CloudWatch by default
-
Check the log group named:
fyde-access-proxy-ecs-fargate
- Select the failing pod from the log stream list
- Check the last lines for the error cause
Docker
-
Confirm that both envoy-proxy and fyde-orchestrator containers are running
sudo docker ps
-
Confirm that envoy-proxy container is mapping the correct port to the host
- In the example above, and for the public port 443 the output should contain the following
0.0.0.0:443->443/tcp
-
Check Envoy Proxy logs
sudo docker logs envoy-proxy -f
-
Check Fyde Access Proxy logs
sudo docker logs fyde-orchestrator -f
-
Check that docker network is not conflicting with a remote network
-
Check the value for IPAM.Config.Subnet
-
For more information check compose-file
sudo docker network inspect fyde
-
Kubernetes
-
Correct the namespace if needed
-
Check all deployed resources
kubectl get all \ --namespace fyde-access-proxy
-
Check envoy logs
kubectl logs \ -l app=envoy-proxy -f \ --namespace fyde-access-proxy
-
Check proxy logs
kubectl logs \ -l app=fyde-orchestrator -f \ --namespace fyde-access-proxy
-
Check that envoy service is properly configured for your environment
kubectl describe service envoy-proxy \ --namespace fyde-access-proxy