I currently have projects set up to be restricted to cluster groups as follows.
victoitor@bastion:~$ incus project show dedicado
config:
features.images: "true"
features.profiles: "true"
features.storage.buckets: "true"
features.storage.volumes: "true"
limits.instances: "3"
restricted: "true"
restricted.backups: allow
restricted.cluster.groups: dedicado
restricted.cluster.target: allow
restricted.containers.lowlevel: allow
restricted.containers.nesting: allow
restricted.devices.nic: allow
restricted.snapshots: allow
description: Experimentos - máquinas dedicadas
name: dedicado
(...)
victoitor@bastion:~$ incus project show aux
config:
features.images: "true"
features.profiles: "true"
features.storage.buckets: "true"
features.storage.volumes: "true"
restricted: "true"
restricted.backups: allow
restricted.cluster.groups: compartilhado
restricted.cluster.target: allow
restricted.containers.lowlevel: allow
restricted.containers.nesting: allow
restricted.devices.nic: allow
restricted.snapshots: allow
description: Containers com baixo recurso
name: aux
(...)
So project aux is restricted to compartilhado machines and project dedicado is restricted to dedicado machines.
When I’m in the dedicado project and I copy an instance to the aux project, it is moved into an appropriate cluster node.
victoitor@bastion:~$ incus copy robertty-exp2 robertty-exp2 --target-project aux
victoitor@bastion:~$ incus list robertty-exp2 --project aux
+---------------+---------+------+------+-----------+-----------+-----------------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | LOCATION |
+---------------+---------+------+------+-----------+-----------+-----------------+
| robertty-exp2 | STOPPED | | | CONTAINER | 0 | compartilhado01 |
+---------------+---------+------+------+-----------+-----------+-----------------+
The issue is that when it’s moved, it is maintained in the same cluster node which is invalid for the project.
victoitor@bastion:~$ incus move robertty-exp2 robertty-exp3 --target-project aux
victoitor@bastion:~$ incus list robertty-exp --project aux
+---------------+---------+------+------+-----------+-----------+-----------------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | LOCATION |
+---------------+---------+------+------+-----------+-----------+-----------------+
| robertty-exp | STOPPED | | | CONTAINER | 0 | compartilhado03 |
+---------------+---------+------+------+-----------+-----------+-----------------+
| robertty-exp2 | STOPPED | | | CONTAINER | 0 | compartilhado01 |
+---------------+---------+------+------+-----------+-----------+-----------------+
| robertty-exp3 | STOPPED | | | CONTAINER | 0 | dedicado03 |
+---------------+---------+------+------+-----------+-----------+-----------------+
This is already a problem. There’s another issue that if I try to fix it with --target, it mentions it’s not allowed to be used together with --target-project.
victoitor@bastion:~$ incus move robertty-exp3 robertty-exp3 --target-project dedicado --project aux
victoitor@bastion:~$ incus list robertty-exp
+---------------+---------+------+------+-----------+-----------+------------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | LOCATION |
+---------------+---------+------+------+-----------+-----------+------------+
| robertty-exp3 | STOPPED | | | CONTAINER | 0 | dedicado03 |
+---------------+---------+------+------+-----------+-----------+------------+
victoitor@bastion:~$ incus move robertty-exp3 robertty-exp3 --target-project aux --target @compartilhado
Error: The --target-project flag can't be used with --target
Is this the expected behaviour?