Hmm, I thought the port mapping was what the ingresses were for… But I see that you are also terminating the SSL at the HAProxy level. Currently, that goes all the way to Traefik for me which means that I need certs for all of the different endpoints (basically like you had done for the swarm).
But yes, one of the reasons I used Keepalived was for HA.I have keepalived for the masters for the control plane, then also for the workers for the services.
Since Kubernetes is really designed for clouds with things like ELBs and ALBs, this is a critical problem to solve for my bare metal deploy which is why I’m poking on it 