How do I enable debug logs

[rajarajanpsj]

I see a --v option to ./server in the deployment yaml file, but values 0,1,2,3 represents info and above as per glog documentation but how do I enable debug logs??. Right now, I see this as the last msg, but my ALBs are not created so I need this debug logs to debug further.

I1017 17:05:32.039977 1 flags.go:132] Watching for Ingress class: alb W1017 17:05:32.040162 1 client_config.go:552] Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work. I1017 17:05:32.040644 1 main.go:159] Creating API client for https://172.20.0.1:443 I1017 17:05:32.052658 1 main.go:203] Running in Kubernetes cluster version v1.10+ (v1.10.3-eks) - git (clean) commit 58c199a59046dbf0a13a387d3491a39213be53df - platform linux/amd64 I1017 17:05:32.056463 1 alb.go:85] ALB resource names will be prefixed with ec577676 I1017 17:05:32.066015 1 alb.go:158] Starting AWS ALB Ingress controller I1017 17:05:33.266925 1 leaderelection.go:185] attempting to acquire leader lease cluster-mgmt/ingress-controller-leader-alb... I1017 17:05:33.277795 1 leaderelection.go:194] successfully acquired lease cluster-mgmt/ingress-controller-leader-alb I1017 17:05:33.277838 1 status.go:152] new leader elected: alb-ingress-controller-b48d9f885-665g8

POD is up and running and no logs after this though I have many ingresses deployed with the right configurations.

Thanks Rajarajan Pudupatti SJ

[thadamski]

There is a container arg in alb-ingress-controller that will give you aws-api debugging: - --aws-api-debug, is that what you're looking for?

I was having issues with getting my resources to register an alb (had to do the same for external-dns service) until I finally made a dns change to alb-ingress-controller.yaml and haven't had an issue since. I'm sure I have something configured wrong somewhere else and this might be a bandaid. I think the aws apis couldn't be reached due to dns not resolving until I added the following:

dnsPolicy: "None"
dnsConfig:
  nameservers:
    - 8.8.8.8

[rajarajanpsj]

@thadamski aws-api-debug I believe is for debug logs in AWS calls, but I was looking for debug logs in aws controller itself. In my case, the issue was proxy was not enabled (my company specific) and hence there was no logs in aws-ingress-controller logs. I don't think there is an option for enabling verbose logs from command line as of now, based on my experience.

[M00nF1sh]

@rajarajanpsj There is no "Debug" in glog(which we use), but only info with different levels, more verbose if lever is greater can you try pass -v 5 to the controller? BTW, can you past your controller pod yaml here?

[rajarajanpsj]

-v 5 worked for me! Thanks!

[rajarajanpsj]

-v 5 worked for me!

[chrisvdb]

How does one add that flag?

When I do:

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: alb-ingress-controller
  name: alb-ingress-controller
  namespace: kube-system
spec:
  replicas: 1
  selector:
    matchLabels:
      app: alb-ingress-controller
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      creationTimestamp: null
      labels:
        app: alb-ingress-controller
    spec:
      containers:
        - args:
            - --ingress-class=alb
            - --cluster-name=eks
            - -v 4
          image: docker.io/amazon/aws-alb-ingress-controller:v1.1.2
          imagePullPolicy: Always
          name: server
          resources: {}
          terminationMessagePath: /dev/termination-log
      dnsPolicy: ClusterFirst
      restartPolicy: Always
      securityContext: {}
      terminationGracePeriodSeconds: 30
      serviceAccountName: alb-ingress
      serviceAccount: alb-ingress

I get the following error:

unknown flag: --v 4
Usage of :
      --alb-name-prefix string             Prefix to add to ALB resources (11 alphanumeric characters or less)
      --alsologtostderr                    log to standard error as well as files
      --annotations-prefix string          Prefix of the Ingress annotations specific to the AWS ALB controller. (default "alb.ingress.kubernetes.io")
      --apiserver-host string              Address of the Kubernetes API server.
                                                        Takes the form "protocol://address:port". If not specified, it is assumed the
                                                        program runs inside a Kubernetes cluster and local discovery is attempted.
      --aws-api-debug                      Enable debug logging of AWS API
      --aws-max-retries int                Maximum number of times to retry the AWS API. (default 10)
      --aws-region string                  AWS Region for the kubernetes cluster
      --aws-vpc-id string                  AWS VPC ID for the kubernetes cluster
      --backend-protocol string            Default protocol to use for target groups, must be "HTTP" or "HTTPS" (default "HTTP")
      --cluster-name string                Kubernetes cluster name (required)
      --default-tags stringToString        Default tags to add to all ALBs (default [])
      --election                           Whether we do leader election for ingress controller (default true)
      --election-id string                 Namespace of leader-election configmap for ingress controller (default "ingress-controller-leader-alb")
      --election-namespace string          Namespace of leader-election configmap for ingress controller. If unspecified, the namespace of this controller pod will be used
      --feature-gates mapStringBool        A set of key=bool pairs enable/disable features (default waf=true)
      --health-check-period duration       Period at which the controller executes AWS health checks for its healthz endpoint. (default 1m0s)
      --healthz-port int                   Port to use for the healthz endpoint. (default 10254)
      --httptest.serve string              if non-empty, httptest.NewServer serves on this address and blocks
      --ingress-class string               Name of the ingress class this controller satisfies.
                                                        The class of an Ingress object is set using the annotation "kubernetes.io/ingress.class".
                                                        All ingress classes are satisfied if this parameter is left empty.
      --kubeconfig string                  Path to a kubeconfig file containing authorization and API server information.
      --log_backtrace_at traceLocation     when logging hits line file:N, emit a stack trace (default :0)
      --log_dir string                     If non-empty, write log files in this directory
      --log_file string                    If non-empty, use this log file
      --logtostderr                        log to standard error instead of files (default true)
      --profiling                          Enable profiling via web interface host:port/debug/pprof/ (default true)
      --restrict-scheme                    Restrict the scheme to internal except for whitelisted namespaces
      --restrict-scheme-namespace string   The namespace with the ConfigMap containing the allowed ingresses. Only respected when restrict-scheme is true. (default "default")
      --skip_headers                       If true, avoid header prefixes in the log messages
      --stderrthreshold severity           logs at or above this threshold go to stderr (default 2)
      --sync-period duration               Period at which the controller forces the repopulation of its local object stores. (default 1h0m0s)
      --sync-rate-limit float32            Define the sync frequency upper limit (default 0.3)
      --target-type string                 Default target type to use for target groups, must be "instance" or "ip" (default "instance")
  -v, --v Level                            log level for V logs
      --version                            Show release information about the AWS ALB Ingress controller and exit.
      --vmodule moduleSpec                 comma-separated list of pattern=N settings for file-filtered logging
      --watch-namespace string             Namespace the controller watches for updates to Kubernetes objects.
                                                        This includes Ingresses, Services and all configuration resources. All
                                                        namespaces are watched if this parameter is left empty.

[M00nF1sh]

@chrisvdb It should be - -v=4 😄

[chrisvdb]

Great, it starts now. Logging doesn't seem to have increased much, though :thinking:

[DingGGu]

Currently, use --log-level=debug instead of --v=5