- The users are not directly connected to the services running in OpenShift. There is always
 load-balancing HAProxy sitting in between. There is several implications:
    * The service will get request from HAProxy IP. I.e. IP-based authentication is not possible
    anymore.
    * If multiple service replicas running, by default HAProxy will distribute request in round-robin
    fashion. I.e. request from the user will be served by different replicas. If we have several running
    datbases which are not completely in sync, the user may get confusing changing data. This can be fixed
    by setting 'haproxy.router.openshift.io/balance' to 'source' in route metadata. Then, the destination
    replica will be determined based on the client IP.
    * HAProxy has configured a default timeout. If replica does not send data within '30s' the connection
    will be terminated. It can be increased with 'haproxy.router.openshift.io/timeout'
    * There is a several ways to configure certiciates for HTTPS services defined by type of tls termination
    in the route specification. With 'passthrough' the container is expected to handle certificates itself.
    In the edge termination mode, the certificates are configured in the route and HAProxy manages secure
    communication with clients and provides unencrypted data to the service in the cluster.