docker-haproxy-k8s/haproxy.template.cfg

global
    log         stdout local0
    user        haproxy
    group       haproxy
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    # https://stackoverflow.com/a/74536649
    maxconn 1000

defaults
    # https://github.com/kubernetes/kubeadm/issues/2227#issuecomment-1308555826
    timeout     client 35s
    timeout     server 35s
    timeout     connect 4s
    timeout     http-request 10s
    log global
    mode http
    option httplog

listen stats
  bind    *:9000
  mode    http
  stats   enable
  stats   hide-version
  stats   uri       /stats
  stats   refresh   30s
  stats   realm     Haproxy\ Statistics
  stats   admin     if TRUE
  stats   auth      admin:$ADMIN_PASSWORD

 frontend k8s-https
     bind *:6442
     mode tcp
     option tcplog
     tcp-request inspect-delay 5s
     tcp-request content accept if { req.ssl_hello_type 1 }
     default_backend k8s-https

 backend k8s-https
     balance roundrobin
     mode tcp
     option tcp-check
     default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
     server $PEER_0_NAME $PEER_0 check
     server $PEER_1_NAME $PEER_1 check
     server $PEER_2_NAME $PEER_2 check