Now I'm wondering how can I load balance the traffic so it won't all go through this single tunneler to access my K8S cluster. Are there any best practices ?
Yes! This style of load balancing is built into Ziti. Just grant multiple hosting tunnelers permission to host the service, and they'll share the load according to the default "smartrouting" terminator strategy.
You can define terminator actions, e.g., "mark unhealthy", triggered by health checks in host.v1 configs.
Terminators are automatically created by hosting SDKs on three routers, creating multiple potential paths to the hosting SDK in the Ziti network. Their dynamic costs are factored in in the default "smart routing" strategy.
One last question, if I have 3 same web applications running (they all use the same backend API / peristance storage). If I configure 3 services with 3 host.v1 configs for each application and the same intercept config. Does Openziti load balance the traffic automatically on the 3 ?