#---------------------------------------------------------------------
# Configure HAProxy for Kubernetes API Server
#---------------------------------------------------------------------
listen stats
  bind    *:9000
  mode    http
  stats   enable
  stats   hide-version
  stats   uri       /
  stats   refresh   30s
  option  httplog

# change haproxy.cfg file with the following
global
   lua-load /etc/haproxy/unpause.lua

############## Configure HAProxy Secure Frontend #############
frontend k8s-api-https-proxy
    bind *:6443
    mode tcp
    tcp-request inspect-delay 5s
    tcp-request content accept if { req.ssl_hello_type 1 }
    default_backend k8s-api-https
############## Configure HAProxy SecureBackend #############
backend k8s-api-https
    balance roundrobin
    mode tcp
    #tcp-request inspect-delay 10s
    #tcp-request content lua.foo_action
    tcp-request inspect-delay 10s
    tcp-request content lua.unpause {{.NetworkInfo.ControlPlaneNodeIP}} 8080
    tcp-request content reject if { var(req.blocked) -m bool }
    option tcplog
    option tcp-check
    default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
    server k8s-api-1 {{.NetworkInfo.ControlPlaneNodeIP}}:{{.NetworkInfo.ControlPlaneNodePort}} check