global #chroot /var/run/haproxy daemon user haproxy group haproxy maxconn 4000 pidfile /var/run/haproxy/haproxy.pid #log 127.0.0.1 local0 tune.bufsize 1000000 stats socket /var/run/haproxy.sock stats timeout 2m defaults log global maxconn 8000 option redispatch option dontlognull option splice-auto timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 50s timeout server 50s timeout check 10s retries 3 listen kubernetes-apiserver-https bind {{ public_vip.ip }}:8383 option ssl-hello-chk mode tcp option tcpka option tcplog timeout client 3h timeout server 3h balance roundrobin {% for host,ip in haproxy_hosts.items() %} server {{ host }} {{ ip }}:6443 weight 1 check inter 2000 rise 2 fall 5 {% endfor %} listen stats mode http bind 0.0.0.0:9999 stats enable stats refresh 30s stats uri / stats realm Global\ statistics stats auth admin:admin