Error: The remote isn't a private LXD server when adding new remote LXD


I wanted to add a remote LXD server for the purpose of having to trigger lxc copy of images from remote to local. The remote lxd is passing SNI with FQDN and IP whitelisting pass to backend LXD on prem.

Whenever i add the server, it doesn’t accept Admin password nor token using lxc config trust add. What have worked is setting --public flag. But each time i try to lxc copy, I get this error

Error: The remote isn't a private LXD server

What am i missing? Thanks

Please can you describe your setup in more detail? Is there an intermediate proxy?

Hi @tomp , thanks for your response. Yes. There is a proxy and the flow is like this

LXD1 → Cloud HAProxy (SNI) TCP 443–> On Prem (HAProxy HTTP with SSL offloading) 443 → LXD2 on 8443.

My aim is to linked them together via WAN to copy out containers/snapshots from one site to another. I have 5 LXDs (not clustered) on current on prem and I can easily do lxd copy to each of them. Just not sure how different it is for WAN. I noticed I can also publish the image and retrieve it. However, I want the lxd copy easier since I can take a version from snapshots. Thanks in advance.

LXD always requires TLS when communicating over the network, so offloading it at haproxy isn’t going to work.