Unable to add remote lxd after blocked port

After trying to add a remote lxd server with filtered (firewalled) port 8443 I now can not add the server anymore. As soon as I try I get this error:

root@stb ~ # lxc remote add stb-old stb.server.com
Certificate fingerprint: ab476b944de4b25270…1b785496ec53507255b22a8a1
ok (y/n)? y
Error: Failed to fetch https://stb.server.com:8443/1.0: 403 Forbidden

I tried to find the certificate so I could delete it but could not find it. How can I fix this?

Can you show output of lxc remote list and also please can you enable the debug logging on the target LXD server and show the output of the logs here when you try to add it as a s remote:

sudo snap set lxd daemon.debug=true; sudo systemctl reload snap.lxd.daemon
sudo tail -f /var/snap/lxd/common/lxd/logs/lxd.log

That does not show anything. I figured out why lxd was not reachable. Haproxy was using port 8443. The strange thing is that lxd does not complain about this port.

Anyway its fixed this problem. Thanks!

1 Like

It probably does in the logs, but just doesn’t prevent LXD from starting.

Locally lxc uses the unix socket so wouldn’t prevent it from controlling LXD locally.