drae/haproxy.conf

## haproxy.conf
# Global parameters
global
        maxconn 32000
        ulimit-n 65535
        daemon
        nosplice

# Default parameters
defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 1
    timeout http-request    10s
    timeout queue           20s
    timeout connect         5s
    timeout client          20s
    timeout server          20s
    timeout http-keep-alive 10s
    timeout check           10s

#---------------------------------------------------------------------
# apiserver frontend which proxys to the control plane nodes
#---------------------------------------------------------------------
frontend k8s_apiserver
    bind 10.1.10.20:6443
    mode tcp
    option tcplog
    default_backend k8s_controlplane

frontend talos_apiserver
    bind 10.1.10.20:50000
    mode tcp
    option tcplog
    default_backend talos_controlplane

#---------------------------------------------------------------------
# round robin balancing for apiserver
#---------------------------------------------------------------------
backend k8s_controlplane
    option httpchk GET /healthz
    http-check expect status 200
    mode tcp
    option ssl-hello-chk
    balance     roundrobin
        server kube-cp-01 10.1.10.21:6443 check
        server kube-cp-02 10.1.10.22:6443 check
        server kube-cp-03 10.1.10.23:6443 check

backend talos_controlplane
    option httpchk GET /healthz
    http-check expect status 200
    mode tcp
    option ssl-hello-chk
    balance     roundrobin
        server kube-cp-01 10.1.10.21:50000 check
        server kube-cp-02 10.1.10.22:50000 check
        server kube-cp-03 10.1.10.23:50000 check
	# Global parameters
	global
	maxconn 32000
	ulimit-n 65535
	daemon
	nosplice

	# Default parameters
	defaults
	mode http
	log global
	option httplog
	option dontlognull
	option http-server-close
	option forwardfor except 127.0.0.0/8
	option redispatch
	retries 1
	timeout http-request 10s
	timeout queue 20s
	timeout connect 5s
	timeout client 20s
	timeout server 20s
	timeout http-keep-alive 10s
	timeout check 10s

	#---------------------------------------------------------------------
	# apiserver frontend which proxys to the control plane nodes
	#---------------------------------------------------------------------
	frontend k8s_apiserver
	bind 10.1.10.20:6443
	mode tcp
	option tcplog
	default_backend k8s_controlplane

	frontend talos_apiserver
	bind 10.1.10.20:50000
	mode tcp
	option tcplog
	default_backend talos_controlplane

	#---------------------------------------------------------------------
	# round robin balancing for apiserver
	#---------------------------------------------------------------------
	backend k8s_controlplane
	option httpchk GET /healthz
	http-check expect status 200
	mode tcp
	option ssl-hello-chk
	balance roundrobin
	server kube-cp-01 10.1.10.21:6443 check
	server kube-cp-02 10.1.10.22:6443 check
	server kube-cp-03 10.1.10.23:6443 check

	backend talos_controlplane
	option httpchk GET /healthz
	http-check expect status 200
	mode tcp
	option ssl-hello-chk
	balance roundrobin
	server kube-cp-01 10.1.10.21:50000 check
	server kube-cp-02 10.1.10.22:50000 check
	server kube-cp-03 10.1.10.23:50000 check