I'm trying to design a container-based network that uses Citrix ADC CPX (formerly Netscaler CPX). At this stage, I'm trying to get it to run locally on Docker Desktop. When I run:
docker run -dt -P --privileged=true --net=host -e NS_NETMODE="HOST" -e NS_CPX_LITE=1 -e CPX_CONFIG='{"YIELD":"NO"}' -e EULA=yes store/citrix/citrixadccpx:13.0-36.29
There are no Docker specific errors, but when I run docker logs
on the container id, I get quite a few errors. Included directly below are the full logs.
User has accepted EULA. Starting CPX
ignoring ['::1', 'localhost', 'ip6-localhost', 'ip6-loopback']
ignoring ['fe00::0', 'ip6-localnet']
ignoring ['ff00::0', 'ip6-mcastprefix']
ignoring ['ff02::1', 'ip6-allnodes']
ignoring ['ff02::2', 'ip6-allrouters']
Cannot remove namespace file "/var/run/netns/netscaler": No such file or directory
Cannot find device "ns1"
('Generated UUID for CPX: %s\n', '0c8ded4e-aef1-4cb7-a2f0-75dbf4b941e8')
RTNETLINK answers: File exists
nsnetsvc: cfe_state_init(): Pooled licensed
nsnetsvc: check_and_establish_connections(): nsconfigd successfully connected to all packet engines
nsconfigd: ns_init_global_partition_id(): Creating SHM for storing partition id
nsconfigd: main(): Warm Reboot - unsetting partition ids in shared mmy
nsconfigd: cfd_prime(): Cluster is not enabled
nsconfigd: check_and_establish_connections(): nsconfigd successfully connected to all packet engines
nsconfigd: cfd_init_config(): Establishing built-in entities
nsconfigd: _dispatch(): No such file
nsconfigd: _dispatch(): Failing command: "add authentication loginSchema lschema_cert_deviceid -authenticationSchema "/nsconfig/loginschema/LoginSchema/DeviceID_Cert.xml" -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): No such file
nsconfigd: _dispatch(): Failing command: "add authentication loginSchema lschema_single_factor_deviceid -authenticationSchema "/nsconfig/loginschema/LoginSchema/SingleAuthDeviceID.xml" -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): No such file
nsconfigd: _dispatch(): Failing command: "add authentication loginSchema lschema_dual_factor_deviceid -authenticationSchema "/nsconfig/loginschema/LoginSchema/DualAuthDeviceID.xml" -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): No such file
nsconfigd: _dispatch(): Failing command: "add authentication loginSchema lschema_cert_single_factor_deviceid -authenticationSchema "/nsconfig/loginschema/LoginSchema/ClientCertSingleAuthDeviceID.xml" -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): No such file
nsconfigd: _dispatch(): Failing command: "add authentication loginSchema lschema_cert_dual_factor_deviceid -authenticationSchema "/nsconfig/loginschema/LoginSchema/ClientCertDualAuthDeviceID.xml" -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): No such file
nsconfigd: _dispatch(): Failing command: "add authentication loginSchema lschema_adal -authenticationSchema "/nsconfig/loginschema/LoginSchema/OnlyOAuthToken.xml" -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): Action does not exist
nsconfigd: _dispatch(): Failing command: "add authentication loginSchemaPolicy lschema_cert_deviceid -rule "HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"NAC/1.0\")" -action lschema_cert_deviceid -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): Action does not exist
nsconfigd: _dispatch(): Failing command: "add authentication loginSchemaPolicy lschema_single_factor_deviceid -rule "HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"NAC/1.0\")" -action lschema_single_factor_deviceid -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): Action does not exist
nsconfigd: _dispatch(): Failing command: "add authentication loginSchemaPolicy lschema_dual_factor_deviceid -rule "HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"NAC/1.0\")" -action lschema_dual_factor_deviceid -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): Action does not exist
nsconfigd: _dispatch(): Failing command: "add authentication loginSchemaPolicy lschema_cert_single_factor_deviceid -rule "HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"NAC/1.0\")" -action lschema_cert_single_factor_deviceid -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): Action does not exist
nsconfigd: _dispatch(): Failing command: "add authentication loginSchemaPolicy lschema_cert_dual_factor_deviceid -rule "HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"NAC/1.0\")" -action lschema_cert_dual_factor_deviceid -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): Action does not exist
nsconfigd: _dispatch(): Failing command: "add authentication loginSchemaPolicy lschema_adal -rule "HTTP.REQ.HEADER(\"User-Agent\").CONTAINS(\"OAuth/2.0\")" -action lschema_adal -builtin MODIFIABLE PARTITION_ALL"
nsconfigd: _dispatch(): Invalid password
nsconfigd: _dispatch(): Failing command: "add ssl certKey ns-sftrust-certificate -cert ns-sftrust.cert -key ns-sftrust.key"
nsnetsvc: nsnetsvc sent command NSAPI_POST_STARTUP to PEs, ErrorCode=0x0
nsconfigd: cfd_init_config(): 13 built-ins failed
nsconfigd: cfd_init_config(): 0 built-ins exempted
nsconfigd: cfd_init_config(): 0 built-ins immune
nsconfigd: cfd_init_config(): 0 built-ins not sourced due to license absent
nsconfigd: cfd_init_config(): Loading initial configuration
nsconfigd: cfd_init_config(): Loading Partition configuration
nsnetsvc: nsnetsvc sent command NSAPI_NSCONF_READ_END to PEs, ErrorCode=0x0
nsnetsvc: nsnetsvc sent command NSAPI_INIT_DYNMEMPOOLS to PEs, ErrorCode=0x0
nsconfigd: cfd_ch_config(): Skipping command (set callhome -mode CSP -hbcustomInterval 1
) for non-CSP depoyments
nsconfigd: Failed to open file:/flash/nsconfig/.callhome.conf, No such file or directory
nsconfigd: cfd_ch_config(): get_set_callhome_conf failed, error code: -1
nsconfigd: cfd_start(): starting
The container is still up, but I can't ssh into it or connect. I'm mostly following these instructions here. I'm curious if these errors are expected or if I'm missing something.
edit So I ended up abandoning the pure Docker method and went with Kubernetes instead. I followed these tutorials on GitHub (I highly suggest them!) and they really helped and had examples.
0 Answers