
You are responsible for a cloud-hosted application that serves internet traffic through multiple backend services running in containers. Traffic has grown, and the current single-entry setup is causing uneven request distribution, weak visibility into backend health, and concern about exposing internal services too broadly. At the same time, the platform must keep customer-facing endpoints highly available while ensuring only trusted workloads can receive or forward traffic.
How would you implement load balancing in this environment so that it improves availability and scaling without weakening the security posture? Explain the architecture, the trust boundaries, and the controls you would put in place to protect traffic from the edge through the backend services.