In a bare-metal Openshift installation you need to use an external load balancer to access the API and other services. In my hone lab I also have a webserver accesible from the Internet. I also don’t want to terminate the TLS connections in the load balancer to keep using the existing certificates in my webserver and Openshift cluster.
With these requirements in mind, I chose HAProxy to be my frontend load balancer, so all the HTTPS connections to my public IP will be diverted to the appropriate server examining the SNI field in the TLS connection.
[Read More]