Deploy NetScaler CPX in a Kubernetes Environment

You can integrate NetScaler CPX into a Kubernetes deployment to load balance containerized applications in a cluster environment. For information on Kubernetes, see

In a Kubernetes environment, NetScaler CPX replaces kube-proxy on the minions and balances the load across the containers in a pod. When started with Kubernetes support, NetScaler CPX starts up in the privileged host mode with a NetScaler IP address of It clears the configuration and iptables on its host, queries Kubernetes for the current state of the services and endpoints, and listens for events in the following event streams in the Kubernetes framework:

  • Service channel. NetScaler CPX uses the information in this channel to determine the number of virtual servers required. It creates a virtual server for each service and assigns a virtual IP address of to each virtual server. The virtual servers are differentiated based on an ephemeral port number that is selected from the 20000–30000 range. NetScaler CPX also creates iptables rules to redirect traffic destined for the cluster IP address to the various virtual IP addresses.
  • Endpoint channel. NetScaler CPX uses the information in this channel to configure service group members on a service group bound to the virtual IP address for load balancing of application instances.

NetScaler CPX does not save the NetScaler configuration that it creates for the services.


The range from which IP addresses are assigned to services must not conflict with the NetScaler IP address and the subsequent three IP addresses.

The following figure illustrates how NetScaler CPX works in a Kubernetes environment.

localized image

Before you begin installing the NetScaler CPX instance, make sure you have the following:

  • Docker is installed on the Linux host system.
    To install Docker, run the following command at the Linux shell prompt:
    curl –ssl | sh

For more information about Docker installation on Linux, see

  • Docker host has Internet connectivity.
  • You are logged on as the root user.
  • Kubernetes environment is set up with all the cluster nodes configured.
  • Add the NetScaler CPX docker image to all the nodes in the Kubernetes environment.


You can use NetScaler CPX instance along with kube-proxy but you need to start the NetScaler CPX only after starting the kube-proxy and also you need to make sure that kube-proxy is not restarted.

To install NetScaler CPX instance in the docker host with Kubernetes set up, run the following command:

docker run -dt --privileged=true --net=host -e NS_NETMODE="HOST" -e kubernetes_url=“" cpx:latest


If the network cannot be reserved for NetScaler CPX, you can use any other subnet that is free. Assign the first IP address in that subnet as the NetScaler IP (NSIP). For example, if you want to use as the subnet, run the following command:

docker run -dt --privileged=true --net=host -e NS_NETMODE="HOST" -e NS_IP= -e kubernetes_url="" cpx:latest

Deploy NetScaler CPX in a Kubernetes Environment