ON THIS PAGE
Debug cSRX Container Firewall in Contrail Network
Stop a cSRX Pod
By default, cSRX Container Firewall does not mount any external volumes from compute node. When a new cSRX instance is started, then that instance synchronizes the configuration from Security Director. Any syslog and security logs are posted to Security Director as well. So cSRX POD can be stopped and destroyed directly by Contrail Service Orchestration (CSO).
To stop the cSRX POD:
Run the Docker command to stop cSRX.
# kubectl delete -f <csrx-yaml-file>
After the cSRX POD is stopped and destroyed, compute and storage resources of this cSRX POD are released.
# kubectl delete -f <csrx-yaml-file>
Verify Network Name
To verify the network name:
# kubectl get network-attachment-definitions
-n
Verify Logs
To view and verify logs: