Thanks Jochen!
Yeah sorry I assumed Linux because who would use windows for things outside of AD/DNS anyway, jk!
Okay, this is exactly what I was looking for… Seems like redhat has a nice write up on this, crazy that I haven’t run into this service before but will need to start do some homework. It doesn’t seem terribly different from VRRP which I am familiar with since it seems like keepalived is based on the same RFC’s anyway.
I only don’t understand one of your comments:
What stunnel AFAIK does *not* do is check the backends for liveliness and do failovers *for them*. You'd need something external to keep tabs on the backends "remotely" (which keepalived doesn't do), and restart
What do you mean by this? Are you referring to service failures due to a bad config / expired cert? I guess I can leverage systemd to accomplish this or suggest something crazier like multiple services running different sessions?