Lxc remote -> connection refused

M_Rez · August 17, 2022, 12:06pm

I am trying to connect to a LXD remote from another machine. ufw is disabled. When I do: lxc remote add babylon 192.168.1.10:8443

I get this error:

Error: Get "https://192.168.1.10:8443": Unable to connect to: 192.168.1.10:8443 ([dial tcp 192.168.1.10:8443: connect: connection refused])

I run this on the server: lxc monitor --type=logging --pretty. Which gives me this output:

DEBUG  [2022-08-17T12:04:41Z] Heartbeat updating local raft members         members="[{{1 192.168.1.10:8443 voter} babylon}]"
DEBUG  [2022-08-17T12:04:41Z] Starting heartbeat round                      local="192.168.1.10:8443" mode=normal
DEBUG  [2022-08-17T12:04:41Z] Completed heartbeat round                     duration=4.091455ms local="192.168.1.10:8443"

sudo netstat -ltpn | grep lxd gives me this:

tcp        0      0 192.168.1.10:8443       0.0.0.0:*               LISTEN      3436/lxd

and curl 192.168.1.10:8443 gives me this:

curl: (7) Failed to connect to 192.168.1.10 port 8443 after 12 ms: Connection refused

lxc config show:

config:
  cluster.https_address: 192.168.1.10:8443
  core.https_address: 192.168.1.10:8443

I have no added IPTABLES rules.

But why I cannot get to add this remote?

tomp · August 17, 2022, 2:55pm

Where are you trying to connect from?

M_Rez · August 17, 2022, 6:05pm

I am connecting in the same network from a macos m1 machine.

tomp · August 18, 2022, 7:37am

Does curl 192.168.1.10:8443 connect when run from the LXD host itself?

You’ve most likely got a firewall setup without knowing it.

What does sudo nft list ruleset and sudo iptables-save show?

M_Rez · August 18, 2022, 12:07pm

As always, you are right. firewalld had a couple of rules added, and I was not aware. iptable chains are a mystery to me.