Missing support for VM host certificate registration and trust for adding LXD-based VM hosts in MAAS

[vishvikkrishnan]

MAAS allows using LXD servers as VM hosts, and requires authentication through on-the-spot certificate creation. This procedure requires manually downloading the generated certificate from the MAAS UI and importing it into the LXD server through lxd config trust add <certificate>.

It should be possible to do this through the maas_vm_host MAAS resource while adding the LXD VM host.

Alternatively, the maas_vm_host resource should provide the ability to use an existing LXD-trusted certificate to add a trusted LXD server to MAAS.

NOTE: It is required to refresh the VM host in MAAS (maas <user> vm-host refresh <vm-host-id>) after adding the LXD server through both methods.

Example configuration for adding LXD VM host with existing key and certificate pair:

resource "maas_vm_host" "lxd_vm_host" {
  type = "lxd"
  power_address = "10.113.1.24:8443"          # LXD server address
  lxd_certificate = file(lxd_certificate.crt) # new parameter
  lxd_private_key = file(lxd_private_key.key) # new parameter
}

[skatsaounis]

Hi @vishvikkrishnan

Thank you for opening this issue. Indeed, lxd certificate and key are missing fields that could be added to maas_vm_host. I even have a branch in my personal fork that tries to address this feature. However, when I was implementing it and trying to test it, I was receiving an error during maas_vm_host deletion and due to lack of time I temporarily abandoned the effort.

It is nice to have it recorded as feature request and it will land sooner or later here.