HAProxy TCP forward with SNI

For a long time I have been running most of my HTTP traffic via a HAproxy installation. This will grant me great flexibility with a stable frontend, and I’m then free to route different parts of to whatever backend I need to solve my task. Kubernetes I added a Kubernets cluster earlier this year, in it’s first iteration it exposed an Ingress with a self signed TLS certificate that the HAproxy just reverse proxied like any other site, like this:


A little after midnight I write this post. I have spent most of the evening tinkering with Kubernetes, MicroK8s to be more precise. MicroK8s was until recently just a quick and easy way to run a single node Kubernetes cluster on your local computer for development. But it has evolved to also include more serious small scale production deployments. … so I moved this blog over to my new shiny 3-node Kubernets cluster!