This post continues the discussion on dynamic SSL certificate reloading when a certificate is renewed. I already discussed keycloak, this post is about HAProxy.
I use HAProxy for an ingress controller in my Docker swarm, much how traefik is used as an ingress controller for Kubernetes. I have both a Docker swarm and a Kubernetes cluster, but I prefer to do development in Swarm, though there are some nice features of Kubernetes. My k8s environment is a cluster of k3os VM instances running Rancher and Longhorn. I also have cert manager configured, which seemed like a simple no-effort solution to managing SSL certificates.
