istio-proxy@istio-ingressgateway-799bbc9474-hf7kv:/$ ss -ntlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 127.0.0.1:15000 0.0.0.0:* users:(("envoy",pid=16,fd=18))
LISTEN 0 128 127.0.0.1:15004 0.0.0.0:* users:(("pilot-agent",pid=1,fd=15))
LISTEN 0 128 0.0.0.0:15021 0.0.0.0:* users:(("envoy",pid=16,fd=24))
LISTEN 0 128 0.0.0.0:15021 0.0.0.0:* users:(("envoy",pid=16,fd=23))
LISTEN 0 128 0.0.0.0:8080 0.0.0.0:* users:(("envoy",pid=16,fd=40))
LISTEN 0 128 0.0.0.0:8080 0.0.0.0:* users:(("envoy",pid=16,fd=39))
LISTEN 0 128 0.0.0.0:15090 0.0.0.0:* users:(("envoy",pid=16,fd=22))
LISTEN 0 128 0.0.0.0:15090 0.0.0.0:* users:(("envoy",pid=16,fd=21))
LISTEN 0 128 *:15020 *:* users:(("pilot-agent",pid=1,fd=12))
istio-proxy@istio-ingressgateway-799bbc9474-hf7kv:/$ ps -ef |grep pilot-agent
istio-p+ 1 0 0 Sep14 ? 00:01:27 /usr/local/bin/pilot-agent proxy router --domain istio-system.svc.cluster.local --proxyLogLevel=warning --proxyComponentLogLevel=misc:error --log_output_level=default:info
istio-p+ 74 30 0 09:37 pts/0 00:00:00 grep --color=auto pilot-agent
istio-proxy@istio-ingressgateway-799bbc9474-hf7kv:/$ /usr/local/bin/pilot-agent proxy router --help
XDS proxy agent
Usage:
pilot-agent proxy [flags]
Flags:
--concurrency int number of worker threads to run
--domain string DNS domain suffix. If not provided uses ${POD_NAMESPACE}.svc.cluster.local
-h, --help help for proxy
--meshConfig string File name for Istio mesh configuration. If not specified, a default mesh will be used. This may be overridden by PROXY_CONFIG environment variable or proxy.istio.io/config annotation. (default "./etc/istio/config/mesh")
--outlierLogPath string The log path for outlier detection
--proxyComponentLogLevel string The component log level used to start the Envoy proxy. Deprecated, use proxyLogLevel instead
--proxyLogLevel string The log level used to start the Envoy proxy (choose from {trace, debug, info, warning, error, critical, off}).Level may also include one or more scopes, such as 'info,misc:error,upstream:debug' (default "warning,misc:error")
--serviceCluster string Service cluster (default "istio-proxy")
--stsPort int HTTP Port on which to serve Security Token Service (STS). If zero, STS service will not be provided.
--templateFile string Go template bootstrap config
--tokenManagerPlugin string Token provider specific plugin name. (default "GoogleTokenExchange")
Global Flags:
--log_as_json Whether to format output as JSON or in plain console-friendly format
--log_caller string Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, mockcred, model, proxyconfig, sds, security, serviceentry, spiffe, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy]
--log_output_level string Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, mockcred, model, proxyconfig, sds, security, serviceentry, spiffe, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default "default:info")
--log_rotate string The path for the optional rotating log file
--log_rotate_max_age int The maximum age in days of a log file beyond which the file is rotated (0 indicates no limit) (default 30)
--log_rotate_max_backups int The maximum number of log file backups to keep before older files are deleted (0 indicates no limit) (default 1000)
--log_rotate_max_size int The maximum size in megabytes of a log file beyond which the file is rotated (default 104857600)
--log_stacktrace_level string Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, mockcred, model, proxyconfig, sds, security, serviceentry, spiffe, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default "default:none")
--log_target stringArray The set of paths where to output the log. This can be any path as well as the special values stdout and stderr (default [stdout])
--vklog Level number for the log level verbosity. Like -v flag. ex: --vklog=9
istio-proxy@istio-ingressgateway-799bbc9474-hf7kv:/$
