Yup, and you can even have multiple tunnels that are load balanced, so that you don’t even have to fail over.
We have a single API service which is exposed to the internet, and put the CloudFlare tunnel as a sidecar inside the same pods. This way, it’s actually CloudFlare which handles the load balancing, which is surprisingly effective.
Could you elaborate on the setup a bit - for cluster fail over do you mean that since cloudflare is your frontend ingress you can easily point it to another cluster or is there more to it?
Not the person replying to (but I am the author of the blog post being promoted here)
I believe they _may_ be referring to the feature of being able to run a single "tunnel" on multiple hosts, using the same credentials and ID.
When you do this, not only will Cloudflare automatically serve from the geographically nearest server if it can, but when one client goes offline (When the tunnel is disconnected, not application error sadly) it will automatically ignore that connection and serve from the others, providing some basic degree of failover with no extra payment or much configuration.
We integrate the tunnels with CFs load balancer service which basically lets us route traffic to one or more kubernetes clusters. Right now it’s just for failover where we can repoint a zone from one cluster to another but we’re also looking to route traffic geographically.
One of the great things about cloudflare tunnels is that even without load balancer we can send requests to multiple clusters if we want to.
Makes it really easy to replicate stateless services like ingress gateways.
We have a single API service which is exposed to the internet, and put the CloudFlare tunnel as a sidecar inside the same pods. This way, it’s actually CloudFlare which handles the load balancing, which is surprisingly effective.