This is a legal agreement ("AGREEMENT") between the end-user customer ("you"), and the providing Citrix entity (the applicable providing entity is hereinafter referred to as "CITRIX"). This AGREEMENT includes the Data Processing Agreement, the Citrix Services Security Exhibit and any other documents incorporated herein by reference. Your location of receipt of the Citrix product (hereinafter "PRODUCT") and maintenance (hereinafter "MAINTENANCE") determines the providing entity as identified at https://www.citrix.com/buy/licensing/citrix-providing-entities.html. BY INSTALLING AND/OR USING THE PRODUCT, YOU AGREE TO BE BOUND BY THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, DO NOT INSTALL AND/OR USE THE PRODUCT. Nothing contained in any purchase order or any other document submitted by you shall in any way modify or add to the terms and conditions contained in this AGREEMENT.
1. PRODUCT LICENSES.
a. End User Licenses. Citrix hereby grants Customer a non-exclusive worldwide license to use the software in a software PRODUCT and the software installed in an appliance PRODUCT under the license models identified at https://www.citrix.com/buy/licensing/product.html. Any experimental features delivered with such software will be identified and are licensed only for internal testing purposes. "Software" means a Citrix proprietary and/or open source software program in object code form licensed hereunder. "Appliance" means a hardware appliance with installed Software. Notwithstanding anything set forth in this AGREEMENT or at the referenced website, your use of open source software shall in all ways be exclusively governed by the open source license indicated as applicable to the code at https://www.citrix.com/buy/licensing/open-source.html.
Your license to software in a Software or Appliance PRODUCT will be activated by license keys that allow use of the PRODUCT in increments defined by the license model purchased ("License Keys"). License Keys for other CITRIX products or other editions of the same PRODUCT may not be used to increase the allowable use for your edition of the PRODUCT.
b. Partner Demo. If a Software PRODUCT is labeled "Partner Demo," notwithstanding any term to the contrary in this AGREEMENT, your license permits use only if you are a current CITRIX authorized distributor or reseller, and then only for demonstration, test, or evaluation purposes in support of your end-user customers, and not for any other purpose, including without limitation customer training or production purposes. Note that a Partner Demo PRODUCT may disable itself upon the expiration of the License Key. In no event may a Partner Demo PRODUCT be used beyond expiration.
c. Evaluation. If a Software PRODUCT is labeled "Evaluation," notwithstanding any term to the contrary in this AGREEMENT, your license permits use only if you are an end-user customer and then only for your internal demonstration, test, or evaluation purposes, and not for any other purpose, including without limitation production purposes. Your license is for ninety (90) days with no right to MAINTENANCE, the Limited Warranty, or Infringement Indemnification. Note that an Evaluation PRODUCT may disable itself upon the expiration of the License Key. In no event may an Evaluation PRODUCT be used beyond expiration.
d. Archive Copy. You may make one (1) copy of the software in a Software or Appliance PRODUCT in machine- readable form solely for backup, provided that you reproduce all proprietary notices on the copy.
2. MAINTENANCE. The MAINTENANCE plan applicable to this PRODUCT is identified at https://www.citrix.com/buy/licensing/product.html and plan entitlements and requirements are explained at https://www.citrix.com/support/programs.html. MAINTENANCE is required at the time of PRODUCT purchase and must be purchased separately. MAINTENANCE is available for an initial one (1) year term and may automatically renew or be extended by your purchase of available annual renewals (the "MAINTENANCE Term"). The MAINTENANCE offering you purchase determines how renewals work. In the event your offering includes automatic renewals, should you wish to allow MAINTENANCE to expire at the end of your then current term, you must provide Citrix thirty (30) days advance written notice. MAINTENANCE for a Software or Appliance PRODUCT begins upon delivery of the License Keys. During the initial or a renewal MAINTENANCE Term, CITRIX will make any Updates for the PRODUCT covered by the plan available to you. An "Update" shall mean a generally available release of the
same edition of the Software for the same PRODUCT that Citrix may make available from time to time. CITRIX is not obligated to make any Updates available. Updates shall be subject to the terms of this AGREEMENT, except that Updates are not covered by the Limited Warranty applicable to the PRODUCT, to the extent permitted by applicable law. You acknowledge that CITRIX may develop and market new or different software or appliance offerings or editions of the PRODUCT that use portions of the PRODUCT and that perform all or part of the functions performed by the PRODUCT. Nothing contained in this AGREEMENT shall give you any rights with respect to such new or different offerings or editions. The MAINTENANCE plan may be purchased for the PRODUCT until it is no longer offered in accordance with the applicable CITRIX PRODUCT Lifecycle Support Policy posted at https://www.citrix.com/support/product-lifecycle.html. Any deliveries of Updates shall be electronic. The MAINTENANCE plan includes technical support, and may include online services, and, for hardware only, an extended hardware warranty, as stated at https://www.citrix.com/support/programs.html. The offering you purchase determines your entitlement and usage rights. In addition to your MAINTENANCE plan, you may also purchase CITRIX consulting services as may be available (including installation services, remote monitoring services or technical consulting). CITRIX’ provision of technical support or consulting services is predicated upon the following responsibilities being fulfilled by you: (i) you will designate a primary administrative contact for technical support; (ii) you agree to perform reasonable problem determination activities and reasonable problem resolution activities as suggested by CITRIX; (iii) you are responsible for implementing procedures necessary to safeguard the integrity and security of software and data from unauthorized access and for reconstructing any lost or altered files resulting from catastrophic failures; (iv) you are responsible for procuring, installing, and maintaining all equipment, telephone lines, communications interfaces, and other hardware at your site and providing CITRIX with access to your facilities as required to operate the PRODUCT and permitting CITRIX to perform the service; and (v) you are required to implement all currently available and applicable software hotfixes, hotfix rollup packs, and service packs or their equivalent for the PRODUCT in a timely manner. CITRIX is not required to provide any technical support for problems arising out of: (i) your or any third party’s alterations or additions to the PRODUCT, operating system or environment; (ii) CITRIX provided alterations or additions to the PRODUCT that do not address Errors or Defects; (iii) any functionality not defined in the user documentation published by CITRIX and included with the PRODUCT (hereinafter "Documentation"); (iv) use of a Software PRODUCT on a processor or peripherals other than the processor and peripherals defined in the Documentation; (v) any PRODUCT that has reached End-of-Life; and (vi) any consulting deliverables from CITRIX, you or any third party. An "Error" is defined as a failure in the PRODUCT to materially conform to the functionality defined in the Documentation. A "Defect" is defined as a failure in the PRODUCT to conform to the specifications in the Documentation. In situations where CITRIX cannot provide a satisfactory resolution to your critical problem through normal technical support methods, CITRIX may engage its product development team to create a private fix. Private fixes are designed to address your specific situation and may not be further distributed by you. CITRIX retains all right, title, and interest in and to all fixes, packs and their equivalent. Any private fixes are not provided as part of the PRODUCT under the terms of this AGREEMENT and they are not covered by the Limited Warranty or Infringement Indemnification applicable to the PRODUCT, to the extent permitted by applicable law. With respect to CITRIX consulting services, all intellectual property rights in all deliverables, pre-existing works and derivative works of such pre-existing works, as well as developments made, conceived, created, discovered, invented, or reduced to practice in the performance of the assessment are and shall remain the sole and absolute property of CITRIX, subject to a worldwide, non-exclusive license to you for internal use.
3. DESCRIPTION OF OTHER RIGHTS, LIMITATIONS, AND OBLIGATIONS. Except as expressly set forth in Section 12, you may not transfer, rent, timeshare, grant rights in or lease the PRODUCT except to the extent such foregoing restriction is prohibited by applicable mandatory law. Any attempt to do so in violation of this prohibition shall be void. If you purchased or otherwise received replacement License Keys as part of a PRODUCT upgrade or trade-up, or a new product release with new product licenses under MAINTENANCE, you agree to destroy the original License Keys and retain no copies after installation of the new License Keys and PRODUCT. Solely for the purpose of migrating users, you are permitted a ninety (90) day grace period to run both your new and old License Keys in production. This period begins with your purchase of the upgrade or trade-up, or with your download of the new release under MAINTENANCE. You shall provide the serial numbers of the original License Keys and corresponding replacement License Keys to the reseller and, upon request, directly to CITRIX, for tracking purposes. In the event you make a transfer of the PRODUCT in the EU or EER, to the extent permitted by law and notwithstanding the terms
of this AGREEMENT, you must uninstall the PRODUCT and License Keys, cease your use, transfer them to the transferee and retain no copies. You are responsible for ensuring that the transferee accepts the terms of this AGREEMENT. You must provide evidence that the conditions for a lawful transfer of the PRODUCT are met. All Limited Warranty, MAINTENANCE and Infringement Indemnification rights will terminate automatically upon such transfer and will not be available to the transferee, including the ability to purchase MAINTENANCE. You must comply with applicable export laws with respect to such a transfer. You may not modify, translate, reverse engineer, decompile, disassemble, create derivative works based on or copy the PRODUCT, except as expressly licensed in this AGREEMENT or to the extent such foregoing restriction is expressly prohibited by applicable mandatory law. You may not remove any proprietary notices, labels or marks on the PRODUCT. Notwithstanding the foregoing, this AGREEMENT shall not prevent or restrict you from exercising additional or different rights to any portions of the PRODUCT that are open source software. To the extent permitted by applicable law, you agree to allow CITRIX to audit your compliance with the terms of this AGREEMENT upon prior written notice and during normal business hours, but no more than once per year. Any audit, which may be conducted on premises, shall not unreasonably interfere with your business activities. You will reasonably cooperate with CITRIX and the auditor and will, without prejudice to other rights of CITRIX, address any non-compliance identified by the audit, including, but not limited to, promptly paying any fees owed. Excess license usage will be determined based on your peak usage and billed to you at the then-current Citrix suggested retail price for licenses, and for maintenance on those licenses (for the lesser of the duration of the excess usage or two years). If the audit discloses an underpayment of ten percent (10%) or more of fees owed for the period audited or other material breach of this AGREEMENT, you agree to also reimburse CITRIX for the reasonable audit expenses. Note that a PRODUCT may be provided with identified experimental features that are not part of the PRODUCT and that are not covered by MAINTENANCE and the Limited Warranty. Such features are offered AS IS and may never become part of the PRODUCT or any CITRIX commercial product. Citrix makes no representations or certifications with respect to experimental features.
ALL RIGHTS IN THE PRODUCT NOT EXPRESSLY GRANTED ARE RESERVED BY CITRIX OR ITS LICENSORS. CITRIX and/or its licensors own and retain all title and ownership of all intellectual property rights in and to the PRODUCT, including any adaptations, modifications, translations, derivative works or copies, and any relating to the design, manufacture, or operation of the same.
4. INFRINGEMENT INDEMNIFICATION. In the event of any claim, suit, or proceeding brought against you based on an allegation that a PRODUCT, experimental features or consulting deliverable hereunder (excluding open source software) infringes upon any patent, copyright or trade secret of any third party ("Infringement Claim"), CITRIX shall defend, or at its option, settle, such Infringement Claim, and shall pay all costs (including reasonable attorney’s fees) associated with the defense of such Infringement Claim, and all damages finally awarded or settlements undertaken by CITRIX in resolution of such Infringement Claim, provided you: (i) promptly notify CITRIX in writing of your notification or discovery of an Infringement Claim such that CITRIX is not prejudiced by any delay in such notification; (ii) give CITRIX sole control over the defense or settlement of the Infringement Claim; and (iii) provide reasonable assistance in the defense of the same. Following notice of an Infringement Claim, or if CITRIX believes such a claim is likely, CITRIX may at its sole expense and option: (i) procure for you the right to continue to use the alleged infringing PRODUCT, experimental feature or consulting deliverable; (ii) replace or modify the PRODUCT, experimental feature or consulting deliverable to make it non-infringing; or (iii) accept return of the PRODUCT, experimental feature or consulting deliverable and, for the PRODUCT, provide you with a prorated refund for the PRODUCT, using a three (3) year straight line depreciation basis for the PRODUCT, or, for the consulting deliverable, refund payments made for the deliverable. CITRIX assumes no liability, and shall have no liability, for any Infringement Claims or allegations of infringement based on: (i) your use of any PRODUCT, experimental feature or consulting deliverable after notice that you should cease use of such PRODUCT, experimental feature or consulting deliverable due to an Infringement Claim; (ii) any modification of the PRODUCT, experimental feature or consulting deliverable by you or at your direction; (iii) your combination of the PRODUCT, experimental feature or consulting deliverable with non-CITRIX hardware, software, services, data or other content or materials if such Infringement Claim would have been avoided by the use of the PRODUCT, experimental feature or consulting deliverable alone. THE FOREGOING STATES YOUR EXCLUSIVE REMEDY WITH RESPECT TO ANY INFRINGEMENT CLAIM OR ALLEGATION OF INFRINGEMENT.
5. LIMITED WARRANTY AND DISCLAIMER. CITRIX warrants that for a period of ninety (90) days from delivery of the License Keys, the software in a Software or Appliance PRODUCT will perform substantially in accordance with the PRODUCT’s Documentation. Citrix warrants that for a period of one (1) year from delivery of the License Keys, the hardware in an Appliance PRODUCT, will be free from defects in material and workmanship in normal use. This hardware warranty does not cover any of the following: (i) improper installation, maintenance, adjustment, repair or modification by Customer or a third party; (ii) misuse, neglect, or any other cause other than ordinary use, including without limitation, accidents or acts of God; (iii) improper environment, excessive or inadequate heating or air conditioning, electrical power failures, surges, water damage or other irregularities; (iv) third party software or software drivers; or (v) damage to hardware during shipment of an Appliance PRODUCT. CITRIX and its licensors’ and suppliers’ ("SUPPLIERS’") entire liability and your exclusive remedy under this software or hardware warranty (which is subject to your return of the PRODUCT to CITRIX or an authorized reseller) will be, at the sole option of CITRIX and subject to applicable law, to replace the PRODUCT or to refund the purchase price and terminate your license to any software on the PRODUCT. CITRIX will provide MAINTENANCE (including consulting services, if purchased separately) in a professional and workmanlike manner, but CITRIX cannot guarantee that every question or problem raised by you will be resolved or resolved in a certain amount of time. Citrix does not warrant in any form the results or achievements of the PRODUCT, technical support, consulting services or related deliverables. With respect to technical support, CITRIX’ and its SUPPLIERS’ entire liability and your exclusive remedy under this warranty is re-performance of the services. With respect to consulting services, CITRIX’ and its SUPPLIERS’ entire liability and your exclusive remedy under this warranty is re-performance of the services or, if re-performance is not possible or conforming, refund of amounts paid for the non-conforming services.
TO THE EXTENT PERMITTED BY APPLICABLE LAW AND EXCEPT FOR THE ABOVE LIMITED WARRANTY, CITRIX AND ITS SUPPLIERS MAKE AND YOU RECEIVE NO WARRANTIES OR CONDITIONS, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE; AND CITRIX AND ITS SUPPLIERS SPECIFICALLY DISCLAIM WITH RESPECT TO THE PRODUCT, ANY EXPERIMENTAL FEATURES, MAINTENANCE AND ANY OTHER SOFTWARE OR SERVICE DELIVERED HEREUNDER, ANY CONDITIONS OF QUALITY, AVAILABILITY, RELIABILITY, SECURITY, LACK OF VIRUSES, BUGS, OR ERRORS, AND ANY IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE. THE PRODUCT AND MAINENANCE ARE NOT DESIGNED, MANUFACTURED, DELIVERED OR INTENDED FOR ANY USE WHERE FAILURE COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY, OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE. YOU ASSUME RESPONSIBILITY FOR THEIR SELECTION TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THEIR INSTALLATION, USE, AND RESULTS OBTAINED THEREFROM.
6. DATA PROTECTION AND GDPR COMPLIANCE. Citrix agrees to deal with personal data relevant to Customer’s end-users in accordance with applicable data protection laws and regulations and the following: (a) with respect to personal data provided in connection with sales and marketing activities or use of Citrix websites, the Citrix Privacy Policy at https://www.citrix.com/about/legal/privacy/; (b) with respect to any personal information of European Union residents processed in connection with Services, the Data Processing Agreement at https://www.citrix.com/buy/licensing/citrix-data-processing-agreement.html ("European Union General Data Protection Regulation Terms"); and (c) with respect to Services, the Citrix Services Security Exhibit at https://www.citrix.com/buy/licensing/citrix-services-security-exhibit.html. Customer agrees to provide any notices and obtain any consent necessary for Citrix to access and process personal and other data as specified in this Agreement. The Privacy Policy, the Data Processing Agreement and the Citrix Services Security Exhibit are incorporated herein by reference.
7. EXPORT RESTRICTION. You agree that you will not export, re-export, or import the PRODUCT, MAINTENANCE or any other software or service delivered hereunder in any form without the appropriate government licenses. You understand that under no circumstances may the PRODUCT, MAINTENANCE or any other software or service delivered hereunder be exported to: (i) any country subject to U.S. embargo, (ii) U.S.-designated denied persons or prohibited entities, or (iii) U.S. specially designated nationals.
8. LIMITATION OF LIABILITY. EXCEPT FOR CITRIX’ INDEMNIFICATION OBLIGATIONS EXPRESSLY SET FORTH IN SECTION 4, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, YOU AGREE THAT NEITHER CITRIX NOR ITS AFFILIATES, SUPPLIERS, OR AUTHORIZED DISTRIBUTORS SHALL BE LIABLE FOR ANY LOSS OF DATA OR PRIVACY, LOSS OF INCOME, LOSS OF OPPORTUNITY OR PROFITS, COST OF RECOVERY, LOSS, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ARISING FROM YOUR USE OF THE PRODUCT, EXPERIMENTAL FEATURES, MAINTENANCE OR ANY OTHER SOFTWARE OR SERVICE DELIVERED HEREUNDER, OR DAMAGE ARISING FROM YOUR USE OF THIRD PARTY PRODUCTS OR HARDWARE, OR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR INDIRECT DAMAGES ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, OR YOUR EXPORTATION, REEXPORTATION, OR IMPORTATION OF ANY OR ALL OF THE SAME. THIS LIMITATION WILL APPLY EVEN IF CITRIX, ITS AFFILIATES, SUPPLIERS, OR AUTHORIZED DISTRIBUTORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND THESE LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY PROVIDED HEREIN. EXCEPT FOR CITRIX’ INDEMNIFICATION OBLIGATIONS EXPRESSLY SET FORTH IN SECTION 4 (UNLESS NOTED AT https://www.citrix.com/buy/licensing/product.html), AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE TOTAL AGGREGATE LIABILITY OF CITRIX, ITS AFFILIATES, SUPPLIERS, OR AUTHORIZED DISTRIBUTORS EXCEED THE AMOUNT PAID FOR THE PRODUCT, EXPERIMENTAL FEATURES, MAINTENANCE TERM, CONSULTING DELIVERABLE OR ANY OTHER SOFTWARE OR SERVICE DELIVERED HEREUNDER AT ISSUE. YOU ACKNOWLEDGE THAT THE PRODUCT AND MAINTENANCE FEES REFLECT THESE ALLOCATIONS OF RISK. SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. For purposes of this AGREEMENT, the term "AFFILIATE" shall mean any entity that controls, is under common control with, or is controlled by CITRIX, where "control" means the ownership, direct or indirect, of a majority of CITRIX’ stock or other interest entitled allowing the owner to direct the affairs of CITRIX. AFFILIATES, suppliers, and authorized distributors are intended to be third party beneficiaries of this AGREEMENT.
9. TERMINATION AND SURVIVAL. This AGREEMENT is effective until terminated. You may terminate this AGREEMENT at any time by removing the software of your Software PRODUCT(s) from your computers and destroying all copies, and by removing the software of your Appliance PRODUCT(s) from the hardware, and then providing written notice to CITRIX with the serial numbers of your License Keys. CITRIX may terminate this AGREEMENT at any time for your breach of this AGREEMENT. Unauthorized copying of the software in a Software or Appliance PRODUCT or the Documentation or otherwise failing to comply with the license grant or restrictions of this AGREEMENT will result in automatic termination of this AGREEMENT and will make available to CITRIX all other legal remedies. You agree and acknowledge that your material breach of this AGREEMENT shall cause CITRIX irreparable harm for which monetary damages alone would be inadequate and that, to the extent permitted by applicable law, CITRIX shall be entitled to injunctive or equitable relief without the need for posting a bond. Upon termination of this AGREEMENT, the PRODUCT licenses granted hereunder will terminate and you must immediately destroy the software in a Software or Appliance PRODUCT and the Documentation, and all backup copies thereof. Any termination of consulting services is subject to the applicable scope definition, and you shall pay for services provided prior to the termination. All purchases are final with no right of return, and neither CITRIX nor any reseller or distributor will be obligated to pay, nor will you beall of the terms, conditions, restrictions, and limitations set forth in this standard commercial license AGREEMENT. If, for any reason, FAR 12.212 or DFARS 227.7202-1 or 227.7202-3 or these license terms are deemed not applicable, you hereby acknowledge that the Government’s right to use, duplicate, or disclose the software and related Documentation are "Restricted Rights" as defined in 48 CFR Section 52.227-14(a) (May 2014) or DFARS 252.227- 7014(a)(15) (Feb 2014), as applicable. Manufacturer is Citrix Systems, Inc., 851 West Cypress Creek Road, Fort Lauderdale, Florida 33309.
11. AUTHORIZED DISTRIBUTORS AND RESELLERS. CITRIX authorized distributors and resellers do not have the right to make modifications to this AGREEMENT or to make any additional representations, commitments, or warranties binding on CITRIX.
12. CHOICE OF LAW AND VENUE. The location of your providing entity will determine the choice of law and venue as identified at https://www.citrix.com/buy/licensing/citrix-providing-entities.html. If any provision of this AGREEMENT is invalid or unenforceable under applicable law, it shall be to that extent be deemed omitted and the remaining provisions will continue in full force and effect. To the extent a provision is deemed omitted, the parties agree to comply with the remaining terms of this AGREEMENT in a manner consistent with the original intent of the AGREEMENT. No waiver is effective unless signed by the party to be bound.
13. ASSIGNMENT AND SUBCONTRACTING. Neither party hereto may assign this AGREEMENT, or any rights or obligations under it except as permitted by law or as set forth below, without the prior written consent of the other party, unless assigned to a successor in interest, or pursuant to a merger, corporate reorganization, or a sale or transfer of all or substantially all of the party’s assets. You shall provide notice to CITRIX upon completion of any permitted assignment. In addition, you may assign this AGREEMENT to a majority-owned affiliate, and CITRIX may assign this AGREEMENT, or any rights or obligations under it to any AFFILIATE or any third party acquiring or otherwise assuming part of the business of CITRIX or any of its AFFILIATES. Subject to this restriction, this AGREEMENT will be binding upon and inure to the benefit of the parties hereto, their successors and assigns. CITRIX may use subcontractors to provide services to you under this AGREEMENT, but CITRIX shall remain responsible to you for the performance of the services.
14. FORCE MAJEURE. CITRIX and/or any of its AFFILIATES shall not be liable for any delay or failure to perform any obligation under this AGREEMENT where the delay or failure results from any cause beyond its/their reasonable control, including without limitation: (i) acts of God; (ii) electrical power failures or surges; (iii) utilities or other telecommunications failures; (iv) storms or other elements of nature; or (v) terrorism or acts of war; but only for so long as such condition exists.
15. HOW TO CONTACT CITRIX. Should you have any questions concerning this AGREEMENT or want to contact CITRIX for any reason, write to CITRIX Customer Service at the address identified at https://www.citrix.com/buy/licensing/citrix-providing-entities.html.
16. TRADEMARKS. This AGREEMENT does not grant you the right to use any CITRIX trade or service mark. For information about proper permitted usage of CITRIX trademarks please see: https://www.citrix.com/about/legal/brand-guidelines.html.
# Citrix ADC CPX with Citrix Ingress Controller running as sidecar.
In a [Kubernetes](https://kubernetes.io/) or [OpenShift](https://www.openshift.com) cluster, you can deploy [Citrix ADC CPX](https://docs.citrix.com/en-us/citrix-adc-cpx) with Citrix ingress controller as a [sidecar](https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/). The Citrix ADC CPX instance is used for load balancing the North-South traffic to the microservices in your cluster. And, the sidecar Citrix ingress controller configures the Citrix ADC CPX.
> The "license.accept" is a mandatory argument and should be set to "yes" to accept the terms of the Citrix license.
## Introduction
This Helm chart deploys a Citrix ADC CPX with Citrix ingress controller as a sidecar in the [Kubernetes](https://kubernetes.io/) or in the [Openshift](https://www.openshift.com) cluster using the [Helm](https://helm.sh/) package manager.
### Prerequisites
- The [Kubernetes](https://kubernetes.io/) version is 1.6 or later if using Kubernetes environment.
- The [Openshift](https://www.openshift.com) version 3.11.x or later if using OpenShift platform.
- The [Helm](https://helm.sh/) version is 2.8.x or later. You can follow instruction given [here](https://github.com/citrix/citrix-helm-charts/blob/master/Helm_Installation_Kubernetes.md) to install Helm in Kubernetes environment and [here](https://github.com/citrix/citrix-helm-charts/blob/master/Helm_Installation_OpenShift.md) for OpenShift platform.
- You have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator), if you want to view the metrics of the Citrix ADC CPX collected by the [metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics).
## Installing the Chart
Add the Citrix Ingress Controller helm chart repository using command:
> By default the chart installs the recommended [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/) roles and role bindings.
The command deploys Citrix ADC CPX with Citrix ingress controller as a sidecar on the Kubernetes cluster with the default configuration. The [configuration](#configuration) section lists the mandatory and optional parameters that you can configure during installation.
#### 2. Citrix ADC CPX with Citrix Ingress Controller and Exporter running as side car.
[Metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics) can be deployed as sidecar to the Citrix ADC CPX and collects metrics from the Citrix ADC CPX instance. You can then [visualize these metrics](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/metrics/promotheus-grafana/) using Prometheus Operator and Grafana.
> **Note:**
>
> Ensure that you have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator).
If Citrix ADC CPX with Citrix ingress controller running as side car needs to be deployed in the OpenShift platform please install Helm and Tiller using instruction given [here](https://github.com/citrix/citrix-helm-charts/blob/master/Helm_Installation_OpenShift.md). It will make sure Helm and Tiller have the proper permission that is needed to install Citrix ingress controller on OpenShift.
Add the service account named "cpx-ingress-k8s-role" to the privileged Security Context Constraints of OpenShift:
#### 2. Citrix ADC CPX with Citrix Ingress Controller and Exporter running as side car.
[Metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics) can be deployed as sidecar to the Citrix ADC CPX and collects metrics from the Citrix ADC CPX instance. You can then [visualize these metrics](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/metrics/promotheus-grafana/) using Prometheus Operator and Grafana.
> **Note:**
>
> Ensure that you have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator).
| lsIP | Optional | N/A | Provide the Citrix Application Delivery Management (ADM) IP address to license Citrix ADC CPX. For more information, see [Licensing](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/licensing/)|
| lsPort | Optional | 27000 | Citrix ADM port if non-default port is used. |
| platform | Optional | N/A | Platform license. The platform is **CP1000**. |
| cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX |
| defaultSSLCert | Optional | N/A | Default SSL certificate that needs to be used as a non-SNI certificate in Citrix ADC. |
| nsNamespace | Optional | k8s | The prefix for the resources on the Citrix ADC CPX. |
| exporter.required | Optional | false | Use the argument if you want to run the [Exporter for Citrix ADC Stats](https://github.com/citrix/citrix-adc-metrics-exporter) along with Citrix ingress controller to pull metrics for the Citrix ADC CPX|
| exporter.image | Optional | `quay.io/citrix/citrix-adc-metrics-exporter:1.4.0` | The Exporter for Citrix ADC Stats image. |
| exporter.pullPolicy | Optional | Always | The Exporter for Citrix ADC Stats image pull policy. |
| exporter.ports.containerPort | Optional | 8888 | The Exporter for Citrix ADC Stats container port. |
| ingressClass | Optional | N/A | If multiple ingress load balancers are used to load balance different ingress resources. You can use this parameter to specify Citrix ingress controller to configure Citrix ADC associated with specific ingress class.|
| openshift | Optional | false | Set this argument if OpenShift environment is being used. |
> **Note:**
>
> If Citrix ADM related information is not provided during installation, Citrix ADC CPX will come up with the default license.
Alternatively, you can define a YAML file with the values for the parameters and pass the values while installing the chart.
> The [values.yaml](https://github.com/citrix/citrix-helm-charts/blob/master/citrix-k8s-cpx-ingress-controller/values.yaml) contains the default values of the parameters.
## Uninstalling the Chart
To uninstall/delete the ```my-release``` deployment:
# Citrix ADC CPX with Citrix Ingress Controller running as sidecar.
In a [Kubernetes](https://kubernetes.io/) or [OpenShift](https://www.openshift.com) cluster, you can deploy [Citrix ADC CPX](https://docs.citrix.com/en-us/citrix-adc-cpx) with Citrix ingress controller as a [sidecar](https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/). The Citrix ADC CPX instance is used for load balancing the North-South traffic to the microservices in your cluster. And, the sidecar Citrix ingress controller configures the Citrix ADC CPX.
This Chart bootstraps deployment of Citrix ADC CPX with Citrix Ingress Controller as sidecar.
This is a legal agreement ("AGREEMENT") between the end-user customer ("you"), and the providing Citrix entity (the applicable providing entity is hereinafter referred to as "CITRIX"). This AGREEMENT includes the Data Processing Agreement, the Citrix Services Security Exhibit and any other documents incorporated herein by reference. Your location of receipt of the Citrix product (hereinafter "PRODUCT") and maintenance (hereinafter "MAINTENANCE") determines the providing entity as identified at https://www.citrix.com/buy/licensing/citrix-providing-entities.html. BY INSTALLING AND/OR USING THE PRODUCT, YOU AGREE TO BE BOUND BY THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, DO NOT INSTALL AND/OR USE THE PRODUCT. Nothing contained in any purchase order or any other document submitted by you shall in any way modify or add to the terms and conditions contained in this AGREEMENT.
1. PRODUCT LICENSES.
a. End User Licenses. Citrix hereby grants Customer a non-exclusive worldwide license to use the software in a software PRODUCT and the software installed in an appliance PRODUCT under the license models identified at https://www.citrix.com/buy/licensing/product.html. Any experimental features delivered with such software will be identified and are licensed only for internal testing purposes. "Software" means a Citrix proprietary and/or open source software program in object code form licensed hereunder. "Appliance" means a hardware appliance with installed Software. Notwithstanding anything set forth in this AGREEMENT or at the referenced website, your use of open source software shall in all ways be exclusively governed by the open source license indicated as applicable to the code at https://www.citrix.com/buy/licensing/open-source.html.
Your license to software in a Software or Appliance PRODUCT will be activated by license keys that allow use of the PRODUCT in increments defined by the license model purchased ("License Keys"). License Keys for other CITRIX products or other editions of the same PRODUCT may not be used to increase the allowable use for your edition of the PRODUCT.
b. Partner Demo. If a Software PRODUCT is labeled "Partner Demo," notwithstanding any term to the contrary in this AGREEMENT, your license permits use only if you are a current CITRIX authorized distributor or reseller, and then only for demonstration, test, or evaluation purposes in support of your end-user customers, and not for any other purpose, including without limitation customer training or production purposes. Note that a Partner Demo PRODUCT may disable itself upon the expiration of the License Key. In no event may a Partner Demo PRODUCT be used beyond expiration.
c. Evaluation. If a Software PRODUCT is labeled "Evaluation," notwithstanding any term to the contrary in this AGREEMENT, your license permits use only if you are an end-user customer and then only for your internal demonstration, test, or evaluation purposes, and not for any other purpose, including without limitation production purposes. Your license is for ninety (90) days with no right to MAINTENANCE, the Limited Warranty, or Infringement Indemnification. Note that an Evaluation PRODUCT may disable itself upon the expiration of the License Key. In no event may an Evaluation PRODUCT be used beyond expiration.
d. Archive Copy. You may make one (1) copy of the software in a Software or Appliance PRODUCT in machine- readable form solely for backup, provided that you reproduce all proprietary notices on the copy.
2. MAINTENANCE. The MAINTENANCE plan applicable to this PRODUCT is identified at https://www.citrix.com/buy/licensing/product.html and plan entitlements and requirements are explained at https://www.citrix.com/support/programs.html. MAINTENANCE is required at the time of PRODUCT purchase and must be purchased separately. MAINTENANCE is available for an initial one (1) year term and may automatically renew or be extended by your purchase of available annual renewals (the "MAINTENANCE Term"). The MAINTENANCE offering you purchase determines how renewals work. In the event your offering includes automatic renewals, should you wish to allow MAINTENANCE to expire at the end of your then current term, you must provide Citrix thirty (30) days advance written notice. MAINTENANCE for a Software or Appliance PRODUCT begins upon delivery of the License Keys. During the initial or a renewal MAINTENANCE Term, CITRIX will make any Updates for the PRODUCT covered by the plan available to you. An "Update" shall mean a generally available release of the
same edition of the Software for the same PRODUCT that Citrix may make available from time to time. CITRIX is not obligated to make any Updates available. Updates shall be subject to the terms of this AGREEMENT, except that Updates are not covered by the Limited Warranty applicable to the PRODUCT, to the extent permitted by applicable law. You acknowledge that CITRIX may develop and market new or different software or appliance offerings or editions of the PRODUCT that use portions of the PRODUCT and that perform all or part of the functions performed by the PRODUCT. Nothing contained in this AGREEMENT shall give you any rights with respect to such new or different offerings or editions. The MAINTENANCE plan may be purchased for the PRODUCT until it is no longer offered in accordance with the applicable CITRIX PRODUCT Lifecycle Support Policy posted at https://www.citrix.com/support/product-lifecycle.html. Any deliveries of Updates shall be electronic. The MAINTENANCE plan includes technical support, and may include online services, and, for hardware only, an extended hardware warranty, as stated at https://www.citrix.com/support/programs.html. The offering you purchase determines your entitlement and usage rights. In addition to your MAINTENANCE plan, you may also purchase CITRIX consulting services as may be available (including installation services, remote monitoring services or technical consulting). CITRIX’ provision of technical support or consulting services is predicated upon the following responsibilities being fulfilled by you: (i) you will designate a primary administrative contact for technical support; (ii) you agree to perform reasonable problem determination activities and reasonable problem resolution activities as suggested by CITRIX; (iii) you are responsible for implementing procedures necessary to safeguard the integrity and security of software and data from unauthorized access and for reconstructing any lost or altered files resulting from catastrophic failures; (iv) you are responsible for procuring, installing, and maintaining all equipment, telephone lines, communications interfaces, and other hardware at your site and providing CITRIX with access to your facilities as required to operate the PRODUCT and permitting CITRIX to perform the service; and (v) you are required to implement all currently available and applicable software hotfixes, hotfix rollup packs, and service packs or their equivalent for the PRODUCT in a timely manner. CITRIX is not required to provide any technical support for problems arising out of: (i) your or any third party’s alterations or additions to the PRODUCT, operating system or environment; (ii) CITRIX provided alterations or additions to the PRODUCT that do not address Errors or Defects; (iii) any functionality not defined in the user documentation published by CITRIX and included with the PRODUCT (hereinafter "Documentation"); (iv) use of a Software PRODUCT on a processor or peripherals other than the processor and peripherals defined in the Documentation; (v) any PRODUCT that has reached End-of-Life; and (vi) any consulting deliverables from CITRIX, you or any third party. An "Error" is defined as a failure in the PRODUCT to materially conform to the functionality defined in the Documentation. A "Defect" is defined as a failure in the PRODUCT to conform to the specifications in the Documentation. In situations where CITRIX cannot provide a satisfactory resolution to your critical problem through normal technical support methods, CITRIX may engage its product development team to create a private fix. Private fixes are designed to address your specific situation and may not be further distributed by you. CITRIX retains all right, title, and interest in and to all fixes, packs and their equivalent. Any private fixes are not provided as part of the PRODUCT under the terms of this AGREEMENT and they are not covered by the Limited Warranty or Infringement Indemnification applicable to the PRODUCT, to the extent permitted by applicable law. With respect to CITRIX consulting services, all intellectual property rights in all deliverables, pre-existing works and derivative works of such pre-existing works, as well as developments made, conceived, created, discovered, invented, or reduced to practice in the performance of the assessment are and shall remain the sole and absolute property of CITRIX, subject to a worldwide, non-exclusive license to you for internal use.
3. DESCRIPTION OF OTHER RIGHTS, LIMITATIONS, AND OBLIGATIONS. Except as expressly set forth in Section 12, you may not transfer, rent, timeshare, grant rights in or lease the PRODUCT except to the extent such foregoing restriction is prohibited by applicable mandatory law. Any attempt to do so in violation of this prohibition shall be void. If you purchased or otherwise received replacement License Keys as part of a PRODUCT upgrade or trade-up, or a new product release with new product licenses under MAINTENANCE, you agree to destroy the original License Keys and retain no copies after installation of the new License Keys and PRODUCT. Solely for the purpose of migrating users, you are permitted a ninety (90) day grace period to run both your new and old License Keys in production. This period begins with your purchase of the upgrade or trade-up, or with your download of the new release under MAINTENANCE. You shall provide the serial numbers of the original License Keys and corresponding replacement License Keys to the reseller and, upon request, directly to CITRIX, for tracking purposes. In the event you make a transfer of the PRODUCT in the EU or EER, to the extent permitted by law and notwithstanding the terms
of this AGREEMENT, you must uninstall the PRODUCT and License Keys, cease your use, transfer them to the transferee and retain no copies. You are responsible for ensuring that the transferee accepts the terms of this AGREEMENT. You must provide evidence that the conditions for a lawful transfer of the PRODUCT are met. All Limited Warranty, MAINTENANCE and Infringement Indemnification rights will terminate automatically upon such transfer and will not be available to the transferee, including the ability to purchase MAINTENANCE. You must comply with applicable export laws with respect to such a transfer. You may not modify, translate, reverse engineer, decompile, disassemble, create derivative works based on or copy the PRODUCT, except as expressly licensed in this AGREEMENT or to the extent such foregoing restriction is expressly prohibited by applicable mandatory law. You may not remove any proprietary notices, labels or marks on the PRODUCT. Notwithstanding the foregoing, this AGREEMENT shall not prevent or restrict you from exercising additional or different rights to any portions of the PRODUCT that are open source software. To the extent permitted by applicable law, you agree to allow CITRIX to audit your compliance with the terms of this AGREEMENT upon prior written notice and during normal business hours, but no more than once per year. Any audit, which may be conducted on premises, shall not unreasonably interfere with your business activities. You will reasonably cooperate with CITRIX and the auditor and will, without prejudice to other rights of CITRIX, address any non-compliance identified by the audit, including, but not limited to, promptly paying any fees owed. Excess license usage will be determined based on your peak usage and billed to you at the then-current Citrix suggested retail price for licenses, and for maintenance on those licenses (for the lesser of the duration of the excess usage or two years). If the audit discloses an underpayment of ten percent (10%) or more of fees owed for the period audited or other material breach of this AGREEMENT, you agree to also reimburse CITRIX for the reasonable audit expenses. Note that a PRODUCT may be provided with identified experimental features that are not part of the PRODUCT and that are not covered by MAINTENANCE and the Limited Warranty. Such features are offered AS IS and may never become part of the PRODUCT or any CITRIX commercial product. Citrix makes no representations or certifications with respect to experimental features.
ALL RIGHTS IN THE PRODUCT NOT EXPRESSLY GRANTED ARE RESERVED BY CITRIX OR ITS LICENSORS. CITRIX and/or its licensors own and retain all title and ownership of all intellectual property rights in and to the PRODUCT, including any adaptations, modifications, translations, derivative works or copies, and any relating to the design, manufacture, or operation of the same.
4. INFRINGEMENT INDEMNIFICATION. In the event of any claim, suit, or proceeding brought against you based on an allegation that a PRODUCT, experimental features or consulting deliverable hereunder (excluding open source software) infringes upon any patent, copyright or trade secret of any third party ("Infringement Claim"), CITRIX shall defend, or at its option, settle, such Infringement Claim, and shall pay all costs (including reasonable attorney’s fees) associated with the defense of such Infringement Claim, and all damages finally awarded or settlements undertaken by CITRIX in resolution of such Infringement Claim, provided you: (i) promptly notify CITRIX in writing of your notification or discovery of an Infringement Claim such that CITRIX is not prejudiced by any delay in such notification; (ii) give CITRIX sole control over the defense or settlement of the Infringement Claim; and (iii) provide reasonable assistance in the defense of the same. Following notice of an Infringement Claim, or if CITRIX believes such a claim is likely, CITRIX may at its sole expense and option: (i) procure for you the right to continue to use the alleged infringing PRODUCT, experimental feature or consulting deliverable; (ii) replace or modify the PRODUCT, experimental feature or consulting deliverable to make it non-infringing; or (iii) accept return of the PRODUCT, experimental feature or consulting deliverable and, for the PRODUCT, provide you with a prorated refund for the PRODUCT, using a three (3) year straight line depreciation basis for the PRODUCT, or, for the consulting deliverable, refund payments made for the deliverable. CITRIX assumes no liability, and shall have no liability, for any Infringement Claims or allegations of infringement based on: (i) your use of any PRODUCT, experimental feature or consulting deliverable after notice that you should cease use of such PRODUCT, experimental feature or consulting deliverable due to an Infringement Claim; (ii) any modification of the PRODUCT, experimental feature or consulting deliverable by you or at your direction; (iii) your combination of the PRODUCT, experimental feature or consulting deliverable with non-CITRIX hardware, software, services, data or other content or materials if such Infringement Claim would have been avoided by the use of the PRODUCT, experimental feature or consulting deliverable alone. THE FOREGOING STATES YOUR EXCLUSIVE REMEDY WITH RESPECT TO ANY INFRINGEMENT CLAIM OR ALLEGATION OF INFRINGEMENT.
5. LIMITED WARRANTY AND DISCLAIMER. CITRIX warrants that for a period of ninety (90) days from delivery of the License Keys, the software in a Software or Appliance PRODUCT will perform substantially in accordance with the PRODUCT’s Documentation. Citrix warrants that for a period of one (1) year from delivery of the License Keys, the hardware in an Appliance PRODUCT, will be free from defects in material and workmanship in normal use. This hardware warranty does not cover any of the following: (i) improper installation, maintenance, adjustment, repair or modification by Customer or a third party; (ii) misuse, neglect, or any other cause other than ordinary use, including without limitation, accidents or acts of God; (iii) improper environment, excessive or inadequate heating or air conditioning, electrical power failures, surges, water damage or other irregularities; (iv) third party software or software drivers; or (v) damage to hardware during shipment of an Appliance PRODUCT. CITRIX and its licensors’ and suppliers’ ("SUPPLIERS’") entire liability and your exclusive remedy under this software or hardware warranty (which is subject to your return of the PRODUCT to CITRIX or an authorized reseller) will be, at the sole option of CITRIX and subject to applicable law, to replace the PRODUCT or to refund the purchase price and terminate your license to any software on the PRODUCT. CITRIX will provide MAINTENANCE (including consulting services, if purchased separately) in a professional and workmanlike manner, but CITRIX cannot guarantee that every question or problem raised by you will be resolved or resolved in a certain amount of time. Citrix does not warrant in any form the results or achievements of the PRODUCT, technical support, consulting services or related deliverables. With respect to technical support, CITRIX’ and its SUPPLIERS’ entire liability and your exclusive remedy under this warranty is re-performance of the services. With respect to consulting services, CITRIX’ and its SUPPLIERS’ entire liability and your exclusive remedy under this warranty is re-performance of the services or, if re-performance is not possible or conforming, refund of amounts paid for the non-conforming services.
TO THE EXTENT PERMITTED BY APPLICABLE LAW AND EXCEPT FOR THE ABOVE LIMITED WARRANTY, CITRIX AND ITS SUPPLIERS MAKE AND YOU RECEIVE NO WARRANTIES OR CONDITIONS, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE; AND CITRIX AND ITS SUPPLIERS SPECIFICALLY DISCLAIM WITH RESPECT TO THE PRODUCT, ANY EXPERIMENTAL FEATURES, MAINTENANCE AND ANY OTHER SOFTWARE OR SERVICE DELIVERED HEREUNDER, ANY CONDITIONS OF QUALITY, AVAILABILITY, RELIABILITY, SECURITY, LACK OF VIRUSES, BUGS, OR ERRORS, AND ANY IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, ANY WARRANTY OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, MERCHANTABILITY, NONINFRINGEMENT, OR FITNESS FOR A PARTICULAR PURPOSE. THE PRODUCT AND MAINENANCE ARE NOT DESIGNED, MANUFACTURED, DELIVERED OR INTENDED FOR ANY USE WHERE FAILURE COULD LEAD DIRECTLY TO DEATH, PERSONAL INJURY, OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE. YOU ASSUME RESPONSIBILITY FOR THEIR SELECTION TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THEIR INSTALLATION, USE, AND RESULTS OBTAINED THEREFROM.
6. DATA PROTECTION AND GDPR COMPLIANCE. Citrix agrees to deal with personal data relevant to Customer’s end-users in accordance with applicable data protection laws and regulations and the following: (a) with respect to personal data provided in connection with sales and marketing activities or use of Citrix websites, the Citrix Privacy Policy at https://www.citrix.com/about/legal/privacy/; (b) with respect to any personal information of European Union residents processed in connection with Services, the Data Processing Agreement at https://www.citrix.com/buy/licensing/citrix-data-processing-agreement.html ("European Union General Data Protection Regulation Terms"); and (c) with respect to Services, the Citrix Services Security Exhibit at https://www.citrix.com/buy/licensing/citrix-services-security-exhibit.html. Customer agrees to provide any notices and obtain any consent necessary for Citrix to access and process personal and other data as specified in this Agreement. The Privacy Policy, the Data Processing Agreement and the Citrix Services Security Exhibit are incorporated herein by reference.
7. EXPORT RESTRICTION. You agree that you will not export, re-export, or import the PRODUCT, MAINTENANCE or any other software or service delivered hereunder in any form without the appropriate government licenses. You understand that under no circumstances may the PRODUCT, MAINTENANCE or any other software or service delivered hereunder be exported to: (i) any country subject to U.S. embargo, (ii) U.S.-designated denied persons or prohibited entities, or (iii) U.S. specially designated nationals.
8. LIMITATION OF LIABILITY. EXCEPT FOR CITRIX’ INDEMNIFICATION OBLIGATIONS EXPRESSLY SET FORTH IN SECTION 4, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, YOU AGREE THAT NEITHER CITRIX NOR ITS AFFILIATES, SUPPLIERS, OR AUTHORIZED DISTRIBUTORS SHALL BE LIABLE FOR ANY LOSS OF DATA OR PRIVACY, LOSS OF INCOME, LOSS OF OPPORTUNITY OR PROFITS, COST OF RECOVERY, LOSS, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, ARISING FROM YOUR USE OF THE PRODUCT, EXPERIMENTAL FEATURES, MAINTENANCE OR ANY OTHER SOFTWARE OR SERVICE DELIVERED HEREUNDER, OR DAMAGE ARISING FROM YOUR USE OF THIRD PARTY PRODUCTS OR HARDWARE, OR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR INDIRECT DAMAGES ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, OR YOUR EXPORTATION, REEXPORTATION, OR IMPORTATION OF ANY OR ALL OF THE SAME. THIS LIMITATION WILL APPLY EVEN IF CITRIX, ITS AFFILIATES, SUPPLIERS, OR AUTHORIZED DISTRIBUTORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND THESE LIMITATIONS WILL APPLY NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY PROVIDED HEREIN. EXCEPT FOR CITRIX’ INDEMNIFICATION OBLIGATIONS EXPRESSLY SET FORTH IN SECTION 4 (UNLESS NOTED AT https://www.citrix.com/buy/licensing/product.html), AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE TOTAL AGGREGATE LIABILITY OF CITRIX, ITS AFFILIATES, SUPPLIERS, OR AUTHORIZED DISTRIBUTORS EXCEED THE AMOUNT PAID FOR THE PRODUCT, EXPERIMENTAL FEATURES, MAINTENANCE TERM, CONSULTING DELIVERABLE OR ANY OTHER SOFTWARE OR SERVICE DELIVERED HEREUNDER AT ISSUE. YOU ACKNOWLEDGE THAT THE PRODUCT AND MAINTENANCE FEES REFLECT THESE ALLOCATIONS OF RISK. SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU. For purposes of this AGREEMENT, the term "AFFILIATE" shall mean any entity that controls, is under common control with, or is controlled by CITRIX, where "control" means the ownership, direct or indirect, of a majority of CITRIX’ stock or other interest entitled allowing the owner to direct the affairs of CITRIX. AFFILIATES, suppliers, and authorized distributors are intended to be third party beneficiaries of this AGREEMENT.
9. TERMINATION AND SURVIVAL. This AGREEMENT is effective until terminated. You may terminate this AGREEMENT at any time by removing the software of your Software PRODUCT(s) from your computers and destroying all copies, and by removing the software of your Appliance PRODUCT(s) from the hardware, and then providing written notice to CITRIX with the serial numbers of your License Keys. CITRIX may terminate this AGREEMENT at any time for your breach of this AGREEMENT. Unauthorized copying of the software in a Software or Appliance PRODUCT or the Documentation or otherwise failing to comply with the license grant or restrictions of this AGREEMENT will result in automatic termination of this AGREEMENT and will make available to CITRIX all other legal remedies. You agree and acknowledge that your material breach of this AGREEMENT shall cause CITRIX irreparable harm for which monetary damages alone would be inadequate and that, to the extent permitted by applicable law, CITRIX shall be entitled to injunctive or equitable relief without the need for posting a bond. Upon termination of this AGREEMENT, the PRODUCT licenses granted hereunder will terminate and you must immediately destroy the software in a Software or Appliance PRODUCT and the Documentation, and all backup copies thereof. Any termination of consulting services is subject to the applicable scope definition, and you shall pay for services provided prior to the termination. All purchases are final with no right of return, and neither CITRIX nor any reseller or distributor will be obligated to pay, nor will you beall of the terms, conditions, restrictions, and limitations set forth in this standard commercial license AGREEMENT. If, for any reason, FAR 12.212 or DFARS 227.7202-1 or 227.7202-3 or these license terms are deemed not applicable, you hereby acknowledge that the Government’s right to use, duplicate, or disclose the software and related Documentation are "Restricted Rights" as defined in 48 CFR Section 52.227-14(a) (May 2014) or DFARS 252.227- 7014(a)(15) (Feb 2014), as applicable. Manufacturer is Citrix Systems, Inc., 851 West Cypress Creek Road, Fort Lauderdale, Florida 33309.
11. AUTHORIZED DISTRIBUTORS AND RESELLERS. CITRIX authorized distributors and resellers do not have the right to make modifications to this AGREEMENT or to make any additional representations, commitments, or warranties binding on CITRIX.
12. CHOICE OF LAW AND VENUE. The location of your providing entity will determine the choice of law and venue as identified at https://www.citrix.com/buy/licensing/citrix-providing-entities.html. If any provision of this AGREEMENT is invalid or unenforceable under applicable law, it shall be to that extent be deemed omitted and the remaining provisions will continue in full force and effect. To the extent a provision is deemed omitted, the parties agree to comply with the remaining terms of this AGREEMENT in a manner consistent with the original intent of the AGREEMENT. No waiver is effective unless signed by the party to be bound.
13. ASSIGNMENT AND SUBCONTRACTING. Neither party hereto may assign this AGREEMENT, or any rights or obligations under it except as permitted by law or as set forth below, without the prior written consent of the other party, unless assigned to a successor in interest, or pursuant to a merger, corporate reorganization, or a sale or transfer of all or substantially all of the party’s assets. You shall provide notice to CITRIX upon completion of any permitted assignment. In addition, you may assign this AGREEMENT to a majority-owned affiliate, and CITRIX may assign this AGREEMENT, or any rights or obligations under it to any AFFILIATE or any third party acquiring or otherwise assuming part of the business of CITRIX or any of its AFFILIATES. Subject to this restriction, this AGREEMENT will be binding upon and inure to the benefit of the parties hereto, their successors and assigns. CITRIX may use subcontractors to provide services to you under this AGREEMENT, but CITRIX shall remain responsible to you for the performance of the services.
14. FORCE MAJEURE. CITRIX and/or any of its AFFILIATES shall not be liable for any delay or failure to perform any obligation under this AGREEMENT where the delay or failure results from any cause beyond its/their reasonable control, including without limitation: (i) acts of God; (ii) electrical power failures or surges; (iii) utilities or other telecommunications failures; (iv) storms or other elements of nature; or (v) terrorism or acts of war; but only for so long as such condition exists.
15. HOW TO CONTACT CITRIX. Should you have any questions concerning this AGREEMENT or want to contact CITRIX for any reason, write to CITRIX Customer Service at the address identified at https://www.citrix.com/buy/licensing/citrix-providing-entities.html.
16. TRADEMARKS. This AGREEMENT does not grant you the right to use any CITRIX trade or service mark. For information about proper permitted usage of CITRIX trademarks please see: https://www.citrix.com/about/legal/brand-guidelines.html.
[Citrix](https://www.citrix.com/en-in/) provides an Ingress Controller for Citrix ADC MPX (hardware), Citrix ADC VPX (virtualized), and [Citrix ADC CPX](https://docs.citrix.com/en-us/citrix-adc-cpx/13/about.html)(containerized) for [bare metal](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/deployment/baremetal) and [cloud](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/deployment) deployments. It configures one or more Citrix ADC based on the Ingress resource configuration in [Kubernetes](https://kubernetes.io/) or in [OpenShift](https://www.openshift.com) cluster.
> The `license.accept` argument is mandatory. Ensure that you set the value as `yes` to accept the terms and conditions of the Citrix license.
## Introduction
This Helm chart deploys Citrix ingress controller in the [Kubernetes](https://kubernetes.io) or in the [Openshift](https://www.openshift.com) cluster using [Helm](https://helm.sh) package manager.
### Prerequisites
- The [Kubernetes](https://kubernetes.io/) version 1.6 or later if using Kubernetes environment.
- The [Openshift](https://www.openshift.com) version 3.11.x or later if using OpenShift platform.
- The [Helm](https://helm.sh/) version is 2.8.x or later. You can follow instruction given [here](https://github.com/citrix/citrix-helm-charts/blob/master/Helm_Installation_Kubernetes.md) to install Helm in Kubernetes environment and [here](https://github.com/citrix/citrix-helm-charts/blob/master/Helm_Installation_OpenShift.md) for OpenShift platform.
- You determine the NS_IP IP address needed by the controller to communicate with Citrix ADC. The IP address might be anyone of the following depending on the type of Citrix ADC deployment:
- (Standalone appliances) NSIP - The management IP address of a standalone Citrix ADC appliance. For more information, see [IP Addressing in Citrix ADC](https://docs.citrix.com/en-us/citrix-adc/12-1/networking/ip-addressing.html).
- (Appliances in High Availability mode) SNIP - The subnet IP address. For more information, see [IP Addressing in Citrix ADC](https://docs.citrix.com/en-us/citrix-adc/12-1/networking/ip-addressing.html).
- (Appliances in Clustered mode) CLIP - The cluster management IP (CLIP) address for a clustered Citrix ADC deployment. For more information, see [IP addressing for a cluster](https://docs.citrix.com/en-us/citrix-adc/12-1/clustering/cluster-overview/ip-addressing.html).
- You have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator), if you want to view the metrics of the Citrix ADC CPX collected by the [metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics).
- The user name and password of the Citrix ADC VPX or MPX appliance used as the ingress device. The Citrix ADC appliance needs to have system user account (non-default) with certain privileges so that Citrix ingress controller can configure the Citrix ADC VPX or MPX appliance. For instructions to create the system user account on Citrix ADC, see [Create System User Account for CIC in Citrix ADC](#create-system-user-account-for-cic-in-citrix-adc).
You can pass user name and password using Kubernetes secrets. Create a Kubernetes secret for the user name and password using the following command:
#### Create system User account for Citrix ingress controller in Citrix ADC
Citrix ingress controller configures the Citrix ADC using a system user account of the Citrix ADC. The system user account should have certain privileges so that the CIC has permission configure the following on the Citrix ADC:
- Add, Delete, or View Content Switching (CS) virtual server
- Configure CS policies and actions
- Configure Load Balancing (LB) virtual server
- Configure Service groups
- Cofigure SSl certkeys
- Configure routes
- Configure user monitors
- Add system file (for uploading SSL certkeys from Kubernetes)
- Configure Virtual IP address (VIP)
- Check the status of the Citrix ADC appliance
> **Note:**
>
> The system user account would have privileges based on the command policy that you define.
To create the system user account, do the following:
1. Log on to the Citrix ADC appliance. Perform the following:
1. Use an SSH client, such as PuTTy, to open an SSH connection to the Citrix ADC appliance.
2. Log on to the appliance by using the administrator credentials.
2. Create the system user account using the following command:
```
add system user <username> <password>
```
For example:
```
add system user cic mypassword
```
3. Create a policy to provide required permissions to the system user account. Use the following command:
> By default the chart installs the recommended [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/) roles and role bindings.
The command deploys Citrix ingress controller on Kubernetes cluster with the default configuration. The [configuration](#configuration) section lists the mandatory and optional parameters that you can configure during installation.
#### 2. Citrix Ingress Controller with Exporter
[Metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics) can be deployed along with Citrix ingress controller and collects metrics from the Citrix ADC instances. You can then [visualize these metrics](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/metrics/promotheus-grafana/) using Prometheus Operator and Grafana.
> **Note:**
> Ensure that you have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator).
If Citrix ingress controller needs to be deployed in the OpenShift platform please install Helm and Tiller using instruction given [here](https://github.com/citrix/citrix-helm-charts/blob/master//Helm_Installation_OpenShift.md). It will make sure Helm and Tiller have the proper permission that is needed to install Citrix ingress controller on OpenShift.
Add the service account named "cic-k8s-role" to the privileged Security Context Constraints of OpenShift:
The command deploys Citrix ingress controller on your Openshift cluster in the default configuration. The [configuration](#configuration) section lists the mandatory and optional parameters that you can configure during installation.
#### 2. Citrix Ingress Controller with Exporter
[Metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics) can be deployed along with Citrix ingress controller and collects metrics from the Citrix ADC instances. You can then [visualize these metrics](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/metrics/promotheus-grafana/) using Prometheus Operator and Grafana.
> **Note:**
> Ensure that you have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator)
| loginFileName | Mandatory | nslogin | The secret key to log on to the Citrix ADC VPX or MPX. For information on how to create the secret keys, see [Prerequisites](#prerequistes). |
| nsIP | Mandatory | N/A | The IP address of the Citrix ADC device. For details, see [Prerequisites](#prerequistes). |
| nsVIP | Optional | N/A | The Virtual IP address on the Citrix ADC device. |
| nsPort | Optional | 443 | The port used by CIC to communicate with Citrix ADC. You can port 80 for HTTP. |
| nsProtocol | Optional | HTTPS | The protocol used by CIC to communicate with Citrix ADC. You can also use HTTP on port 80. |
| logLevel | Optional | DEBUG | The loglevel to control the logs generated by CIC. The supported loglevels are: CRITICAL, ERROR, WARNING, INFO, and DEBUG. For more information, see [Logging](/Docs/Logging.md).|
| kubernetesURL | Optional | N/A | The kube-apiserver url that CIC uses to register the events. If the value is not specified, CIC uses the [internal kube-apiserver IP address](https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-the-api-from-a-pod). |
| ingressClass | Optional | N/A | If multiple ingress load balancers are used to load balance different ingress resources. You can use this parameter to specify CIC to configure Citrix ADC associated with specific ingress class. For more information on Ingress class, see [Ingress class support](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/configure/ingress-classes/). |
| nodeWatch | Optional | false | Use the argument if you want to automatically configure network route from the Ingress Citrix ADC VPX or MPX to the pods in the Kubernetes cluster. For more information, see [Automatically configure route on the Citrix ADC instance](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/network/staticrouting/#automatically-configure-route-on-the-citrix-adc-instance). |
| defaultSSLCert | Optional | N/A | Default SSL certificate that needs to be used as a non-SNI certificate in Citrix ADC. |
| nsNamespace | Optional | k8s | The prefix for the resources on the Citrix ADC VPX/MPX. |
| exporter.required | Optional | false | Use the argument, if you want to run the [Exporter for Citrix ADC Stats](https://github.com/citrix/citrix-adc-metrics-exporter) along with CIC to pull metrics for the Citrix ADC VPX or MPX|
> The [values.yaml](https://github.com/citrix/citrix-helm-charts/blob/master/citrix-k8s-ingress-controller/values.yaml) contains the default values of the parameters.
> **Note:**
>
> Please provide frontend-ip (VIP) in your application ingress yaml file. For more info refer [this](https://github.com/citrix/citrix-k8s-ingress-controller/blob/master/docs/configure/annotations.md).
## Route Addition in MPX/VPX
For seamless functioning of services deployed in the Kubernetes cluster, it is essential that Ingress NetScaler device should be able to reach the underlying overlay network over which Pods are running.
`feature-node-watch` knob of Citrix Ingress Controller can be used for automatic route configuration on NetScaler towards the pod network. Refer [Static Route Configuration](https://github.com/citrix/citrix-k8s-ingress-controller/blob/master/docs/network/staticrouting.md) for further details regarding the same.
By default, `feature-node-watch` is false. It needs to be explicitly set to true if auto route configuration is required.
For configuring static routes manually on Citrix ADC VPX or MPX to reach the pods inside the cluster follow:
4. Ensure that Ingress MPX/VPX has a SNIP present in the host-network (i.e. network over which K8S nodes communicate with each other. Usually eth0 IP is from this network).
4. Ensure that Ingress MPX/VPX has a SNIP present in the host-network (i.e. network over which OpenShift nodes communicate with each other. Usually eth0 IP is from this network).
For example, if the output of the `oc get hostsubnet` is as follows:
[Citrix Ingress Controler](https://github.com/citrix/citrix-k8s-ingress-controller) is an ingress controller for Citrix ADC MPX (hardware), Citrix ADC VPX (virtualized), and Citrix ADC CPX (containerized) for bare metal and cloud deployments. It is built around Kubernetes Ingress and automatically configures Citrix ADC based on the Ingress resource configuration.
This Chart bootstraps standalone Citrix Ingress Controller which can be used to configure Citrix MPX or VPX.
