netscaler
diff --git a/‎deploy/README.md‎
Lines changed: 3 additions & 3 deletions b/‎deploy/README.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎deploy/troubleshoot.md‎
Lines changed: 11 additions & 7 deletions b/‎deploy/troubleshoot.md‎
Lines changed: 11 additions & 7 deletions
diff --git a/‎images/kube_cnc_router.png‎
2.18 KB b/‎images/kube_cnc_router.png‎
2.18 KB
diff --git a/‎images/router-cmap-data.png‎
-5.8 KB b/‎images/router-cmap-data.png‎
-5.8 KB
diff --git a/‎images/router-pod-log.png‎
-14.9 KB b/‎images/router-pod-log.png‎
-14.9 KB
@@ -2,7 +2,7 @@
 
   This topic provides information on how to deploy Citrix node controller on Kubernetes and establish the route between Citrix ADC and Kubernetes Nodes.
 
-Note: CNC creates "kube-cnc-router" in HOST mode on all the schedulable-nodes. These router pods creates interface on nodes and do iptable config, hence, NET_ADMIN priviledge is required for same. Thus, CNC serviceaccount must have NET_ADMIN priviledge and ability to create HOST mode pods.
+Note: CNC creates "kube-cnc-router" in HOST mode on all the schedulable-nodes. These router pods create virtual network interface and program iptables accordingly on respective nodes where they are scheduled. These pods need to run with NET_ADMIN capability to achieve the same. Hence CNC serviceaccount must have NET_ADMIN privilege and ability to create HOST mode pods.
 
 Perform the following:
 
@@ -28,13 +28,13 @@ Perform the following:
 
     | Environment Variable | Mandatory or Optional | Description |
     | -------------------- | --------------------- | ----------- |
-    | NS_IP | Mandatory | Citrix k8s node controller uses this IP address to configure the Citrix ADC. The NS_IP can be anyone of the following: </br></br> - **NSIP** for standalone Citrix ADC </br>- **SNIP** for high availability deployments (Ensure that management access is enabled) </br> - **CLIP** for Cluster deployments |
+    | NS_IP | Mandatory | Citrix kubernetes node controller uses this IP address to configure the Citrix ADC. The NS_IP can be anyone of the following: </br></br> - **NSIP** for standalone Citrix ADC </br>- **SNIP** for high availability deployments (Ensure that management access is enabled) </br> - **CLIP** for Cluster deployments |
     | NS_USER and NS_PASSWORD | Mandatory | The user name and password of Citrix ADC. Citrix k8s node controller uses these credentials to authenticate with Citrix ADC. You can either provide the user name and password or Kubernetes secrets. If you want to use a non-default Citrix ADC user name and password, you can [create a system user account in Citrix ADC](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/deploy/deploy-cic-yaml/#create-system-user-account-for-citrix-ingress-controller-in-citrix-adc). </br></br> The deployment file uses Kubernetes secrets, create a secret for the user name and password using the following command: </br></br> `kubectl create secret  generic nslogin --from-literal=username='nsroot' --from-literal=password='nsroot'` </br></br> **Note**: If you want to use a different secret name other than `nslogin`, ensure that you update the `name` field in the `citrix-node-controller` definition. |
     | NETWORK | Mandatory | The IP address range (for example, `192.128.1.0/24`) that Citrix node controller uses to configure the VTEP overlay end points on the Kubernetes nodes. </br></br> **Note:** Ensure that the subnet that you provide is different from your Kubernetes cluster.|
     | VNID | Mandatory | A unique VXLAN VNID to create a VXLAN overlay between Kubernetes cluster and the ingress devices. </br></br>**Note:** Ensure that the VXLAN VNID that you use does not conflict with the Kubernetes cluster or Citrix ADC VXLAN VNID. You can use the `show vxlan` command on your Citrix ADC to view the VXLAN VNID. For example: </br></br> `show vxlan` </br>`1) ID: 500       Port: 9090`</br>`Done` </br> </br>In this case, ensure that you do not use `500` as the VXLAN VNID.|
     | VXLAN_PORT | Mandatory | The VXLAN port that you want to use for the overlay. </br></br>**Note:** Ensure that the VXLAN PORT that you use does not conflict with the Kubernetes cluster or Citrix ADC VXLAN PORT. You can use the `show vxlan` command on your Citrix ADC to view the VXLAN PORT. For example: </br></br> `show vxlan` </br>`1) ID: 500       Port: 9090`</br>`Done` </br> </br>In this case, ensure that you do not use `9090` as the VXLAN PORT.|
     | REMOTE_VTEPIP | Mandatory | The Ingress Citrix ADC SNIP. This IP address is used to establish an overlay network between the Kubernetes clusters.|
-    | CNI_TYPE | Mandatory | The CNI used in k8s cluster. Valid values: flannel,calico,canal,weave,cilium|
+    | CNI_TYPE | Mandatory | The CNI used in kubernetes cluster. Valid values: flannel,calico,canal,weave,cilium|
     | DSR_IP_RANGE | Optional | This IP address range is used for DSR Iptable configuration on nodes. Both IP and subnet must be specified in format : "xx.xx.xx.xx/xx" |
 
 
 
@@ -1,8 +1,8 @@
-# Troubleshoot Guide
+# Troubleshoot guide
 
 Quick help Guide for some of the common issues that may arise.
 
-To validate ADC and basic Node configurations, Refer the screenshots on [deployment](README.md) page.
+To validate Citrix ADC and basic node configurations, Refer screenshots on [deployment](README.md) page.
 
 ### Service status DOWN
 
@@ -14,8 +14,8 @@ We can verify few things to debug the issue of services being in DOWN state.
    kubectl logs <cnc-pod> -n <namespace>
    ```
 
-   Look for any "permission" ERRORs in logs. As stated in deployment page, CNC creates "kube-cnc-router" pods    which need NET_ADMIN priviledge to do the configurations on nodes. So, CNC serviceaccount must have 
-   NET_ADMIN priviledge and the ability to create HOST mode "kube-cnc-router" pods.
+   Look for any "permission" ERRORs in logs. As stated in deployment page, CNC creates "kube-cnc-router" pods    which need NET_ADMIN privilege to do the configurations on nodes. So, CNC serviceaccount must have 
+   NET_ADMIN privilege and the ability to create HOST mode "kube-cnc-router" pods.
 
 2. Verify logs of kube-cnc-router pod using:
 
@@ -49,11 +49,15 @@ We can verify few things to debug the issue of services being in DOWN state.
 
 ### Service status UP but ping from ADC not working
 
-This is the case wherein though services are UP, still user can't do ping from ADC to the service IP. 
+It is possible that user is unable to ping service IP from Citrix ADC even though services are in UP state.
 One probable reason for this could be the presence of a PBR entry which directs the packets from ADC with SRCIP as NSIP to a default gateway.
-As functionally wise, it will not cause any issue, user if required can ping with SRCIP as ADC VTEP created by CNC. User can use "-s" option to set the SRCIP to SNIP added by CNC on ADC.
+It doesn't impact any functionality. User can ping with Citrix ADC's VTEP as source IP using -S option of ping command from Citrix ADC CLI prompt as seen below.
 
-Note: If it is absolutely required to ping with NSIP itself, then as of now, User need to remove the PBR entry or add new PBR entry for endpoint with higher priority
+   ```
+   ping <serviceIP> -S <vtepIP>
+   ```
+
+Note: If it is absolutely required to ping with NSIP itself, then as of now, user need to remove the PBR entry or add new PBR entry for endpoint with higher priority
 
 ### Curl to the pod endpoint/VIP not working