Debugging and Managing cSRX Container Firewall
Stop a cSRX Container Firewall POD
By default, cSRX Container Firewall will not mount any external volumes from compute node. When a new cSRX Container Firewall instance is started, it will synchronize configuration from Security Director. Any syslog and security logs will be posted to Security Director as well. So cSRX Container Firewall POD can be stopped and destroyed directly by Contrail Service Orchestration (CSO).
To stop the cSRX Container Firewall POD:
Run the Docker command to stop cSRX Container Firewall.
# kubectl delete -f <csrx-yaml-file>
After the cSRX Container Firewall POD is stopped and destroyed, compute and storage resources of this cSRX Container Firewall POD are released.
# kubectl delete -f <csrx-yaml-file>
Verify Network Name
To verify the network name:
# kubectl get network-attachment-definitions
-n
Verify Logs
To view and verify logs: