btzq commented on issue #8864: URL: https://github.com/apache/cloudstack/issues/8864#issuecomment-4160012017
Hi @weizhouapache , this should work well for us. For context, we use Autoscale Groups as internal load balancers, which should not be exposed to the internet. Currently, CloudStack requires a load balancer to have a Public IP. Adding a firewall rule in front of the Public IP to restrict access to private IP ranges is a good workaround. Long term, it would be better if CloudStack supports load balancers using Private IPs only. This reduces reliance on public IPs, lowers cost, and minimizes security risks from misconfiguration.ges. I think in the long term, CS should be enhanced to support creating Load Balancers without Public IP (using Private IP Instead). This is to reduce the cost of having to acquire many public IPs and risk security issues from misconfigurations. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
