It seems to have been fixed here: https://github.com/lxc/lxd/pull/3616
The fix should already have landed, on the server side I’ve tried LXD 3.6 and 3.0.3.
On the client I’ve had 3.5 and 3.7.
Unfortunately I can’t post the logs here because they contain more http links than I’m allowed to post as new user.
So I’ve created two pastebins. I’ve made an effort to anonymize IPs and hostnames in the output.
Hmm, so I’m not sure why the secret appears to no longer be valid by the time LXD attempts to transfer using the right address, but one way to avoid this issue would be to set core.https_address to a specific address on your source server, ideally, an address that all other LXD servers will be able to reach.
This will avoid the current guessing game where the client has to tell the target server about all the potential IPs of the source image server so that it can try to figure out which one will work.
Sorry for taking so long to respond, I’ve been away for the holidays.
I’ve tried setting core.https_address to the public IPv4 address of the machine, this is reachable by all my other LXD servers. It didn’t work.
Here is the debug log, I’ve replaced some IPs, hostnames and stuff: https://pastebin.com/6DUdZ6wh