Good afternoon.
In the past i’ve done clusters of machines behind a load balancer (not to webservices though), and i’ve also installed Caddy with multiple domains on a machine. But now i want to put N nodes (probably a variable number of purely virtual nodes created or destroyed on demand), behind a single load balancer, each one serving the same N domains/virtualhosts. With SSL.
Been searching and reading the whole day and still don’t have a good direction of where to go. I’d love if it was done with Caddy as i now know from experience the relief of no longer worrying about cert generation and renewal issues thanks to that machine i mentioned, and since this time there’s probably going to be dozens of domains/virtual hosts/whatever serving from those nodes it’d be a much bigger headache solved from the start if i do end up going with Caddy again.
But SSL complicates things: I point the DNS records of the pages to the LB IP so that the browsers go to it and be served by all the machines, but if the Caddy machines need to do the Let’s Encrypt challenge to get and renew the certs, do i need to also point the A records at all the nodes, therefore bypassing the LB which is highly undesirable? Or do i need to use Caddy as the LB? Does Caddy serve certs when it’s on reverse proxy mode? Since the pages will be on virtualhosts the browser needs to receive the request from the browser with name, will that be kept if i do reverse proxy? What if i use Caddy as both the LB and the nodes with the dozens of virtualhosts, will it work?
Is there a document that covers this case? Seems to me that it should be a very common case but i have found very little, even when not limiting things to Caddy, so any help would be appreciated.
