It wouldn’t be today. But you could route to service name via DNS, so the re-write config / reload HAProxy loop is probably much less frequent (per-service vs. per-container). Being specific about which services you are allowing ingress to from the outside world via HAProxy container re-deploy vs. automatically exposing them seems reasonable idea to me, although I admit it’s less “magic”.

e.g., the scope of hacks outlined by this article (which, for the record, is not an official Docker Inc., source) would be reduced as you would not have server ... check line for each container any more. Just one backend and the conn forwarding will be handled by Docker. Additionally in 1.12 a health check could be baked right into the image so that if a container starts failing its health check, it is not just taken out of the rotation, but re-scheduled / re-started automatically. (I’m not 100% sure that’s the exact way health checks will work in the new Swarm stuff, but I don’t see why it wouldn’t automatically reschedule failing tasks).