Skip to content
You are viewing the documentation for Solo Enterprise for Istio, formerly known as Gloo Mesh (OSS APIs).

Tunnel server and relay

Page as Markdown
Diagnose and resolve common issues with the Solo UI tunnel server and relay components in multicluster setups.
In multicluster setups, the tunnel server in the management cluster and the tunnel client in each workload cluster maintain a persistent connection that the Solo UI uses to proxy Kubernetes API requests and resource management traffic to remote clusters. Use the steps on this page to verify that the tunnel is healthy.
Tunnel server

The tunnel server runs as the tunnel-server container in the solo-enterprise-ui pod in the management cluster.
  1. Verify the solo-enterprise-ui pod is running and all containers are ready.
    kubectl get po -n solo-enterprise -l app=solo-enterprise-ui --context ${context1}
    The pod should show 5/5 containers ready.
  2. Check the tunnel server logs for connection errors.
    kubectl logs -n solo-enterprise -l app=solo-enterprise-ui -c tunnel-server --context ${context1}
Tunnel relay

The tunnel relay runs as the solo-enterprise-relay pod in each workload cluster.
  1. Verify the relay pod is running in the workload cluster.
    kubectl get po -n solo-enterprise --context ${context2}
    The solo-enterprise-relay-* pod should show 2/2 containers ready.
  2. Check the relay logs for connection errors.
    kubectl logs -n solo-enterprise -l app=solo-enterprise-relay -c tunnel-client --context ${context2}
Global services

The tunnel relies on the solo-enterprise-ui and solo-enterprise-telemetry-gateway services being globally exposed in the management cluster so that relay components can reach them. If the relay cannot connect, verify these services have the correct label.
kubectl get svc -n solo-enterprise --context ${context1} --show-labels | grep solo.io/service-scope
Both solo-enterprise-ui and solo-enterprise-telemetry-gateway should have solo.io/service-scope=global. If either is missing, apply the label.
kubectl label svc solo-enterprise-ui -n solo-enterprise solo.io/service-scope=global --overwrite --context ${context1}
kubectl label svc solo-enterprise-telemetry-gateway -n solo-enterprise solo.io/service-scope=global --overwrite --context ${context1}
Telemetry pipeline