Refreshing or creating lxd vm from maas output error Certificate is restricted

  • Distribution: Ubuntu
  • Distribution version: 22.04
  • The output of “lxc info” or if that fails:
    • Kernel version: 6.5.0-15-generic
    • LXC version: “5.20”
    • LXD version: “5.20”
    • Storage backend in use: pool1 | dir | /mnt/pool1/

Steps to reproduce

  1. Step one : MAAS → Lxd → Add Lxd Machine → compose machine.
  2. Step two: Also MAAS gui → Lxd → myLxdHost → refresh host

From rackd.log

2024-02-09 06:33:53 provisioningserver.rpc.pods: [critical] Failed to discover VM host.
	Traceback (most recent call last):
	  File "/usr/lib/python3.10/", line 1016, in _bootstrap_inner
	  File "/usr/lib/python3.10/", line 953, in run
	    self._target(*self._args, **self._kwargs)
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/twisted/_threads/", line 47, in work
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/twisted/_threads/", line 182, in doWork
	--- <exception caught here> ---
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/twisted/python/", line 244, in inContext
	    result = inContext.theWork()  # type: ignore[attr-defined]
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/twisted/python/", line 260, in <lambda>
	    inContext.theWork = lambda:  # type: ignore[attr-defined]
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/twisted/python/", line 117, in callWithContext
	    return self.currentContext().callWithContext(ctx, func, *args, **kw)
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/twisted/python/", line 82, in callWithContext
	    return func(*args, **kw)
	  File "/snap/maas/32469/lib/python3.10/site-packages/provisioningserver/utils/", line 203, in wrapper
	    result = func(*args, **kwargs)
	  File "/snap/maas/32469/lib/python3.10/site-packages/provisioningserver/drivers/pod/", line 295, in discover
	    discovered_pod = self._discover(client, pod_id, context)
	  File "/snap/maas/32469/lib/python3.10/site-packages/provisioningserver/drivers/pod/", line 367, in _discover
	    storage_pools = client.storage_pools.all()
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/pylxd/models/", line 85, in all
	    response = client.api.storage_pools.get()
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/pylxd/", line 210, in get
	  File "/snap/maas/32469/usr/lib/python3/dist-packages/pylxd/", line 162, in _assert_response
	    raise exceptions.LXDAPIException(response)
	pylxd.exceptions.LXDAPIException: Certificate is restricted

Hi @pordonez,

It seems that LXD 5.20 introduced a bug that we were able to reproduce. The LXD team applied a bug fix here and we are currently testing if it is solving the MAAS issue that you hit. Since there is already a bug created to MAAS LP here, please feel free to subscribe and thank you for bringing it to our attention.