I have a ProxMox server with several TKL VMs: LAMP, Node, Mongo and CMSs.
The server is a firewall and offers IP-based-routing (NAT) to access VMs
The LAMP server is a web proxy and offers domain-based routing to local sites and other VMs
Using TKLBAM the VMs can be backed up and restored in the cloud easily.
But: in the ProxMox hoste they are shielded from the internet, but AFAIK when I restore them in the cloud, they are directly accessible, or am I wrong in this?
Is there a best practice to get restore such IP-based routing and firewall functionality in the cloud? Does it make sense to implement this also in a VM and not in the host?