On 2021-02-11 18:45:48 +0100 (+0100), Thomas Goirand wrote: [...]
You should *not* expose your compute machines to the internet (and probably not your controller either, except the API). You should set them up with a private network address (192.168.x.x or 10.x.x.x for example). Only your VMs should have access to internet. I would strongly recommend revisiting your network setup. [...]
I'm not trying to be pedantic, but just because something has an RFC 1918 address doesn't mean it's not also exposed to the Internet (for example via a port forward, or 1:1 NAT, or through a proxy, or an interface alias, or another interface, or another address family like inet6, or...). Conversely, using globally routable addresses doesn't mean those systems are necessarily exposed to the Internet either (they could be secured behind this new-fangled contraption called a "network firewall" which is a far more thorough means of policy enforcement than merely hopes and wishes that certain addresses won't be reachable thanks to loosely obeyed routing conventions). While not wasting global IPv4 addresses on systems which don't need to be generally reachable is probably a sensible idea from the perspective of v4 address exhaustion/conservation, it's dangerous to assume or suggest that something is secure from remote tampering just because it happens to have an RFC 1918 address on it. -- Jeremy Stanley