> There is a /healthz endpoint in HA-proxy on port 1936, but it isn't
> exposed outside the cluster and requires a password (which is unique
> per dc). What else could be used? We would like to stay as close as
> "stock configuration" as possible to reduce technical dept.
For the HAProxy have we added the 1936 port on the router nodes in the
iptables chain OS_FIREWALL_ALLOW and configured the LB to check