Are there any best practices to manage certificates needed for LXD?
To get an image from https://images.linuxcontainers.org/
i need a certificate.
So I have code like this:
cert = ssl.get_server_certificate((config.lxd_server, config.lxd_port))
container_spec = {
"name": testbed,
"source": {
"type": "image",
"mode": "pull",
"server": f"https://{config.lxd_server}:{config.lxd_port}",
"protocol": "lxd",
"certificate": cert,
"alias": testbed,
},
"devices": {
"mount-results": {
"path": "results",
"type": "disk",
"source": result_location,
}
},
}
container = client.instances.create(container_spec, wait=True)
So what is the best practice to get these certs? Just ship them with the app? But then how to update them?