FIPS-ready in the sense that a FIPS-compliant SSL lib can relatively easily be dropped in. I'm bad at marketing things, so I won't try too hard - this project uses CentOS to use an Ansible deployment to lay down a replicated Consul deployment that runs the backend for a Traefik reverse proxy, all of which runs behind behind an opportunisticallly-encrypted LibreSwan network to get both a) TCP packet-level encryption and b) easy scalability. New services can be registered either from a REST request, or a CVS-trackable YAML file.<p>I'm looking to move it to Docker images soon (the code is set up to be fully Compose/K8/etc. ready), but haven't had the the time yet and if any Go gurus have the time to spare to inform me how bad my code smells, I'd love it.<p>I hope this is useful to someone (:<p>Forgive the use of Vagrant - I've had to work in many bare-metal enterprises. I'm looking at ansible-docker to modernize this project a bit more.