Comment by compounding_it
6 hours ago
What do you do about ipv4 ? Do you also use a routing VM to manage all that ?
It’s very interesting how people rent large VMs with a hypervisor. I’m wondering if licenses for VPS have any clauses preventing this for commercial scale.
I help my dad run a proxmox setup on a server he's got from a local craigslist analog and put on a co-location in a datacenter. It only uses a single public IP. All VMs are in a "virtual intranet", and the host itself acts like a router (giving local IP addresses to VMs via dnsmasq, routing VM internet access via NAT, forwarding specific outside ports to specific VMs). For example ports 80, 443 are given to a dedicated "nginx vm" which then will route a request to a specific VM depending on the hostname.
Hetzner has some docs: https://docs.hetzner.com/robot/dedicated-server/ip/additiona...
Since I only needed about 3 VMs (though each being a bit beefier, running containers on them, a web server sitting in front of those with vhosts as ingress), I could give each VM its own IPv4 address and it didn’t end up being too expensive for my use case. Would be a bit different for someone who wants many small VMs.
There are security benefits of not having public IPs on every VM.
I assign few VMs public IPs and use them as ingress / SSL termination / load balancer for my workloads running on VMs with only internal IPs.
I personally use kvm with libvirt and manage all these with Ansible.