View the health and performance of your Gloo Network components and Cilium setup, and view recommendations to harden your setup by using the Dashboard and Insights pages.


Review your Dashboard for an at-a-glance overview of your Gloo Network environment. Environment insights, health, status, inventories, and more are summarized in the following cards:

  • Analysis and Insights: Gloo Network recommendations for how to improve your Cilium setup.
  • Cilium and Gloo health: A status check of the Cilium and Gloo Network installations in your clusters.
  • Cluster Services: Inventory of services across all clusters in your Gloo Network setup, and whether those services are in a service mesh or not.

Gloo UI dashboard


Gloo Network for Cilium comes with an insights engine that automatically analyzes your Cilium setup for health issues. Then, Gloo shares these issues along with recommendations to harden your Cilium setup. The insights give you a checklist to address issues that might otherwise be hard to detect across your environment.

Gloo Network insights

For an overview of available insights, see Insights.


The Inventory section provides an at-a-glance look at the health of registered clusters and discovered services that make up your Gloo environment.


On the Clusters page, review basic details of each cluster that you registered with the Gloo Network control plane.

  1. To filter clusters by the cluster’s Gloo Network installation health, click the Healthy and Unhealthy buttons. You can also use the Sort by Name dropdown or the search bar to filter clusters by name.

    Figure: Clusters page
  2. Click More Details to see a more detailed dashboard for the cluster.

    Figure: Cluster details page


On the Services page, review a list of the discovered services across all clusters in your Gloo setup. Quickly find out if traffic cannot reach your services by clicking the Healthy and Unhealthy buttons. You can also filter services by name using the search bar, filter by in-mesh and out-of-mesh services, and modify the timeframe that services are available in by using the dropdown menu.

Figure: Services page

Note that the health of your services on the Services overview page refers to whether network traffic requests are getting fulfilled by the service. You can review the configuration health of the service by clicking Details.

From the Details page of a service:

  • To debug the service, click View YAML to view the service’s YAML configuration.
  • See an analysis of the service’s error rate and latency in the Service Signals card.
  • View the Graph tab to visualize the network traffic that reaches your service mesh. For more information about how to use the graph, see Graph.
  • If you enable tracing in the Gloo telemetry pipeline, you can see request traces for a service in the built-in Jaeger UI that you can find in the Tracing tab. For more information about how to enable and use the tracing interface, see Tracing.

Figure: Services page


Security insights

The Dashboard and Security Insights pages of the Gloo UI can help you review the overall security posture of your Istio setup (if installed), including insights and recommendations regarding your certificates, encrypted traffic, FIPS compliance, and more.


Find an overview of resources that are deployed in your cluster and use the filter options in the Gloo UI to find the resource that you need.


View the Cilium network policies that you applied to your workloads. In the following example, the rule1 Cilium policy that you can create in the quickstart guide is listed.

Figure: Cilium resources page


View all Kubernetes resources in your cluster, such as services, service accounts, secrets, or cluster roles. Use the Filter options to filter the list by namespace and Kubernetes resource type. To view the YAML configuration for a resource, click View YAML.

Figure: Kubernetes resources page


The Gloo UI consumes telemetry data from Prometheus and Jaeger and visualizes this data in the Observability section.


The Gloo UI includes a Graph page to visualize the network traffic that reaches your service mesh. The graph is based off Prometheus metrics that the agents on each workload cluster send the management cluster.

Review the following sections to learn more about the Graph layout.

Layout settings

From the footer toolbar, click Layout Settings. Toggle on or off the following settings.

Header, filter, and footer toolbars for navigation


From the footer toolbar, click Show Legend.

Node Types describes the icons that are used for the application “nodes” of the graph. For example, a node might be a Kubernetes service, Istio gateway, external service, or an attached virtual machine (VM). (Note that nodes represent your apps, not Kubernetes compute nodes.)

Node States and Edges show whether a service’s traffic behaves normally or not, as indicated by a color or icon.

Color or iconStateDescription
BlueNormalThe node sends and responds to traffic as expected.
RedDangerThe node has some sort of failure. For example, a policy might be applied to a route that blocks traffic to a service.
YellowWarnThe node has some sort of degraded traffic. For example, a policy might be applied to a route that rate limits traffic to a service. Most of the requests are successful, but some are not.
GrayIdleThe node does not yet accept or send traffic. For example, the deployment might be pending.
Dashed, black lineL7The traffic between nodes is sent over Layer 7 (application). For this traffic, you can apply L7 HTTP/HTTPS policies that are supported in Gloo Mesh Enterprise and Gloo Mesh Gateway only.
Solid, navy lineL4The traffic between nodes is sent over Layer 4 (transport). To apply L4 policies, use the Solo distribution of the Cilium CNI.
Colorful trianglesFailure, Healthy, Degraded, or IdleThe connection is in a state of failure, healthy, degraded, or idle, depending on the color. Try describing the resources in your cluster to troubleshoot further.
Blue lock iconmTLS appliedService isolation is enabled for the traffic, with communication secured via mTLS. You can change service isolation settings via an access policy for a specific destination, or for the entire workspace via the workspace settings.
Cilium iconEnforced by CiliumThe traffic connection is enforced by the Solo distribution of the Cilium CNI.
Istio iconEnforced by IstioThe traffic connection is enforced by Istio.
Figure: Graph UI legend

Networking views


You can use the Gloo UI log viewer to see the logs of Gloo Network components, such as the Gloo management server, the Gloo telemetry collector agent, or the Gloo UI. These logs can help you monitor the health of your Gloo Network components and troubleshoot issues.

To view logs, use the log viewer filter options to select the cluster, Gloo Network component, pod name, and, if applicable, the container that you want to check the logs for. You can also use the search capability to find logs that match a specific search term, or download the logs so that you can share them with your team.

Log viewer