Cannot join a new VM to the cluster

petross · March 24, 2026, 4:26am

Hi everyone,

Sorry, another one.

I have issues with a new VM joining a cluster. All like usual, all VMS - in cluster and new - are on same version, 6.7-12e2019 (rev 38450), OS is Ubuntu 22.04, external ZFS tools enabled, so there are no issues in that regard anymore.

As usual, created token with “lxd cluster add VM” on a cluster member, and started a “lxd init”. After supplying the token, an “Are you sure?”, I get

“Error: Failed to retrieve cluster information: Forbidden”

I checked all 7 VMs in the cluster, they all look healthy, “lxc cluster list” works etc.

Couldn’t find anything in system logs pointing me to the issue. Recreated the VM, tried again - same result.

Do you have any ideas what I could do?

Regards

Peter

petross · March 25, 2026, 6:40am

Hi there, Anyone has any ideas what I can do when I get a ““Error: Failed to retrieve cluster information: Forbidden” when trying to join a cluster. Have done it before many times -and no idea what to do here..

Regards

Peter

markylaing · March 25, 2026, 9:02am

Hi @petross , I’ll take a look into this

markylaing · March 25, 2026, 9:10am

Could you please run lxc auth identity list tls and tell me if there are any identities (of any type) with the same name as the new cluster member you are trying to add?

petross · March 26, 2026, 7:25am

Thank you,

It is there.

Must be a “leftover” of an attempt which ultimately failed because of other issues (external ZFS was needed onUbuntu 22.04). I had recreated the VM afterwards, without knowing that it was somehow already registered, even if joining the cluster did not work first time.

Tried “sudo lxc auth identity delete tls/server”

System answered:

Error: Identities of type “Server certificate” cannot be modified via this API.

Okay, I found it in the database and deleted it there:

lxd sql global “delete from identities where name=‘server’”

After that I could join the new VM. All good now.

Learned a bit more about the inner workings of LXD

Thank you

Peter

markylaing · March 26, 2026, 8:47am

Glad that this has helped with your issue. We can definitely do better to surface the problem more clearly.

I’ll create a PR for this and post back here for you to follow if you are interested

Cheers, Mark.

markylaing · March 26, 2026, 9:40am

I’ve created this issue to try and surface the error here more clearly: lxd/cluster: Handle certificate conflict errors when gaining trust by markylaing · Pull Request #17976 · canonical/lxd · GitHub

petross · March 31, 2026, 7:24am

Thank you. For me it was very helpful.