Failover can be done with something like keepalived. VRRP/CARP are a thing.

For LB you'll need something in front of your service to bounce connections around, which is replacing one point of failure (DNS) for another (HAproxy, IPVS). Though I guess you can run the LB stack on your app service servers.

And making TLS more difficult, especially for HA systems. Guess you would just need one cert for 127.0.0.1 for all local services.