Rest api instance migration copy/move

LXD
#1

LXD v. 4.11 Rest api:

What is the corresponding syntax to cli:
lxc copy localserver:inst1 remoteserver:inst2
which works independent of hosts being clustered or not.

Rest api:

POST (optional ?target=<member>)

"source": {"type": "migration",                                                 // Can be: "image", "migration", "copy" or "none"
           "mode": "pull",                                                      // "pull" and "push" is supported

It seems “?target=…” only accepting cluster members.
Is there a way to use the rest api? Where the two variables are supposed to be defined? source/target (non clustered!)

#2

You can always pass --debug to see what API calls are made.

In this case, a POST /1.0/instances/NAME will be made on the source server, resulting in a background operation with websocket endpoint.
Then a POST /1.0/instances on the target server is made, passing the source information (certificate of the server, operation URL, …) so the target server can connect to the source.

#3

This is a great Tip!
I have used the --debug occasionally just for debugging! But never saw the value of it as reverse engineering the api calls.

I somehow guessed the above procedure by trying hard to decipher the api docs and lack of examples in any related resources. But somehow hoped, it would be another simpler way, similar straight forward as the cli one liner!

#4

The concept of “remotes” is a purely client side one, so there is no way for one server to directly push something to another as they don’t trust each other.

Instead you need the client to communicate with both sides as a trusted intermediary.

#5

Fully agree on that.
Yet cant this process be simplified? As on cli level, both servers are trusted already through key exchange, so the api could rely on that hand shake and copy / move to an already trusted Server without needing the two level mechanism for the transaction?

#6

Again, there is no concept of trust between servers, no concept of remotes at the server level. The source and target server don’t know each other at all and have no way to authenticate each other.