Hi all .
I trying, on MAAS version: 2.8.0 (8559-g.a96969555) version, create LXD “pod” see next image
beta
LXD api listen on https://192.168.10.10:8443 and authorization to LXD API endpoint is with trusted client cert (it is functional - tested via curl)
The question is where put this certs (rack controllers? and where? ) and how setup maas to accepted this cert an key, in communication with LXD?
Thank for any suggestion.
Jan
MAAS uses a self signed certificate to communicate with LXD. MAAS will automatically add the certificate to LXD when you connect with a password.
If you do not want to authenticate with a password you can manually add the certificate for each rack controller to your LXD Pod. The certificates are stored in /etc/maas/certificates/ or /var/snap/maas/common/certificates. MAAS will automatically renew the certificates before they expire, if password authentication is disabled you’ll have to manually readd the certificates again.
We are looking into improving this process.
Hi Lee,
thank you very much.
Jan
