#--------------------------------------------------------------------- # Global settings #--------------------------------------------------------------------- global log /dev/log local0 log /dev/log local1 notice daemon #--------------------------------------------------------------------- # common defaults that all the 'listen' and 'backend' sections will # use if not designated in their block #--------------------------------------------------------------------- defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 20s timeout connect 10s timeout client 1h timeout server 1h timeout http-keep-alive 10s timeout check 10s #--------------------------------------------------------------------- # apiserver frontend which proxys to the control plane nodes #--------------------------------------------------------------------- frontend k8s_apiserver bind *:6443 mode tcp option tcplog default_backend k8s_controlplane frontend talos_apiserver bind *:50000 mode tcp option tcplog default_backend talos_controlplane #--------------------------------------------------------------------- # round robin balancing for apiserver #--------------------------------------------------------------------- backend k8s_controlplane option httpchk GET /healthz http-check expect status 200 mode tcp option ssl-hello-chk balance roundrobin server worker1 10.1.1.31:6443 check server worker2 10.1.1.32:6443 check server worker3 10.1.1.33:6443 check server worker4 10.1.1.34:6443 check backend talos_controlplane option httpchk GET /healthz http-check expect status 200 mode tcp option ssl-hello-chk balance roundrobin server worker1 10.1.1.31:50000 check server worker2 10.1.1.32:50000 check server worker3 10.1.1.33:50000 check server worker4 10.1.1.34:50000 check