How do I access my cluster? Trying : incus list
This client hasn’t been configured to use a remote server yet.
As your platform can’t run native Linux instances, you must connect to a remote server.
If you already added a remote server, make it the default with “incus remote switch NAME”.
incus version
Client version: 0.4
Server version: unreachable|
incus info
This client hasn’t been configured to use a remote server yet.
As your platform can’t run native Linux instances, you must connect to a remote server.
If you already added a remote server, make it the default with “incus remote switch NAME”.
incus remote switch RRSOC
Error: Remote RRSOC doesn’t exist
incus remote switch rrterabk
Error: Remote rrterabk doesn’t exist
incus remote switch 192.168.1.18
Error: Remote 192.168.1.18 doesn’t exist
Obviously, I am doing something wrong here, and can find Server Cluster.
Run incus config trust add CLIENT-NAME on your server, then run incus remote add SERVER-NAME TOKEN
CLIENT-NAME for the first command is the name that will identify your client in the future, so either the hostname of your Windows system or something like that.
SERVER-NAME for the second command is the name your server will be identified as in the command line client on your Windows machine.
Once that’s done, you can incus remote switch SERVER-NAME on the Windows system to make your server the default remote it operates against, at which point all commands should behave as if you’re on the server.
I’ve tried this with a new incus setup on a Windows system. I’ve created a token on my cluster and then used that in incus remote add mycluster token-blabla
However, this gives:
Error: Failed to create certificate: not authorized
Just FYI. The server is LXD 5.0, incus windows client is 0.6
The monitor log on the server side isn’t very intesting with regard to this issue. Just two Allowing untrusted GETs and one Allowing untrusted POST.
On the client side debug log I see two times a GETSending request to Incus followed by a Got responce struct from Incus. Then a POSTSending request to Incus with the token. After that it breaks off with the error message (see above).
Ah, so that’d be why, this should work fine if dealing with LXD on both sides or Incus on both sides.
Otherwise, our HTTP headers have differed when handling token authentication.
You can still make it work but instead of using a token to add your client certificate, you’ll need to do it the old school way and send your client system’s “client.crt” over to one of the servers on your client and then do “lxc config trust add client.crt --name windows-client” on there.
With your client’s certificate trusted by the server, you can then add it with “incus remote add lxd-cluster 1.2.3.4” (so using the IP of the server instead of providing a token).
Incus 0.7 will have the new incus remote generate-certificate.
Until then you can force its generation with something like incus remote add foo 1.2.3.4 which will trigger the generation of the certificate and then fail due to it not being a valid remote.
We tried that, but it doesn’t work, with the error I mentioned earlier. I’m now being to suspect that incus tries to create the client.crt and that it fails with that.
PS C:\Windows\System32> incus remote add foo 1.2.3.4
Error: Get "https://1.2.3.4:8443": Unable to connect to: 1.2.3.4:8443 ([dial tcp 1.2.3.4:8443: i/o timeout])
On Linux (as expected)
$ incus remote add foo 1.2.3.4
Generating a client certificate. This may take a minute...
Error: Get "https://1.2.3.4:8443": Unable to connect to: 1.2.3.4:8443 ([dial tcp 1.2.3.4:8443: i/o timeout])