I was working on bug CS-14862 [1] which made me wonder if a basic zone with/without security group can be used to build a public clouds. Obviously if basic zone deployment with true public IP's for guest IP address, then an account gets access to the guest VM's, snapshots etc from anywhere. It seems to me that one can not build a public cloud with zones using private IP address range for guest IP's (SSVM and CPVM getting the private address being the reason). Is it correct argument?
Clearly having EIP/ELB support in CloudStack enables to public cloud's with basic zones using private address. While EIP does the NATing for inbound traffic into the cloud instances, as there is source NAT service what happens to the outbound traffic from cloud instances when there is no EIP assigned to it? [1] http://bugs.cloudstack.org/browse/CS-14862 EIP/ELB - SSVM and CPVM should be given an ip address from the public ip address range.
