# UNAVAILABLE: grpc: Envoy UDS connection failed: /tmp/envoy.sock

- **ID:** `grpc/grpc-envoy-uds-connection-failed`
- **Domain:** grpc
- **Category:** network_error
- **Verification:** ai_generated
- **Fix Rate:** 85%

## Root Cause

gRPC client cannot connect to Envoy via Unix Domain Socket due to socket file missing, permissions issues, or Envoy not listening.

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| envoy 1.29.0 | active | — | — |
| grpc-go 1.63.0 | active | — | — |
| grpc-python 1.61.0 | active | — | — |
| Istio 1.20.0 | active | — | — |

## Workarounds

1. **Verify the UDS socket exists and has correct permissions. Run:
  ls -la /tmp/envoy.sock
  If missing, check Envoy logs for startup errors: envoy -c envoy.yaml --log-level debug
  Ensure the socket path in Envoy config matches the client path. Example Envoy config:
  listeners:
  - name: grpc_listener
    address:
      pipe:
        path: /tmp/envoy.sock
    filter_chains:
    - filters:
      - name: envoy.filters.network.http_connection_manager
        typed_config: ...** (90% success)
   ```
   Verify the UDS socket exists and has correct permissions. Run:
  ls -la /tmp/envoy.sock
  If missing, check Envoy logs for startup errors: envoy -c envoy.yaml --log-level debug
  Ensure the socket path in Envoy config matches the client path. Example Envoy config:
  listeners:
  - name: grpc_listener
    address:
      pipe:
        path: /tmp/envoy.sock
    filter_chains:
    - filters:
      - name: envoy.filters.network.http_connection_manager
        typed_config: ...
   ```
2. **If permissions are wrong, change them:
  sudo chmod 777 /tmp/envoy.sock
  Or run Envoy with the same user as the gRPC client to avoid permission issues.** (80% success)
   ```
   If permissions are wrong, change them:
  sudo chmod 777 /tmp/envoy.sock
  Or run Envoy with the same user as the gRPC client to avoid permission issues.
   ```

## Dead Ends

- **** — Envoy is configured to listen on a specific socket path; changing client path without updating Envoy causes mismatch. (90% fail)
- **** — This bypasses UDS but may introduce network overhead and requires Envoy to be configured for TCP as well. (75% fail)