global
  chroot /var/lib/haproxy
  daemon
  group haproxy
  log 127.0.0.1 local2
  maxconn 21000
  pidfile /run/haproxy.pid
  user haproxy

defaults
  log  global
  mode  http
  timeout connect 5000ms
  timeout client 240000ms
  timeout server 240000ms
  timeout check  10000ms

listen stats
  bind *:2016
  mode http
  stats enable
  stats uri /haproxy
  stats hide-version
  stats refresh 5s
  stats realm Haproxy\ Statistics

listen http
  bind *:80
  mode tcp
  balance roundrobin
{% for node in groups['kube-workers'] %}
  server {{node}} {{ hostvars[node]['ansible_host'] }}:80 check fall 3 inter 3s rise 2
{% endfor %}

listen https
  bind *:443
  mode tcp
  balance roundrobin
{% for node in groups['kube-workers'] %}
  server {{node}} {{ hostvars[node]['ansible_host'] }}:443 check fall 3 inter 3s rise 2
{% endfor %}

listen kubernetes
  bind *:6443
  mode tcp
  balance roundrobin
{% for node in groups['kube-masters'] %}
  server {{node}} {{ hostvars[node]['ansible_host'] }}:6443 check fall 3 inter 3s rise 2
{% endfor %}