pfSense

  • install HAProxy package

  • create Virtual IP for K8s Master

  • configure HA Proxy backends for each K8s master node

  • configure HA Proxy frontend using Virtual IP

  • config snippet:

    frontend K8s
        bind			10.0.1.10:6443 name 10.0.1.10:6443   
        mode			tcp
        log			global
        timeout client		30000
        default_backend K8s_ipvANY
    
    backend K8s_ipvANY
        mode			tcp
        id			102
        log			global
        # use mailers
        # level  notice 
        email-alert mailers			globalmailers
        email-alert level			notice
        email-alert from			[email protected]
        email-alert to			[email protected]
        email-alert myhostname			pfsense.ttys0.net
        balance			source
        timeout connect		30000
        timeout server		30000
        retries			3
        server			gandalf 10.0.1.50:6443 id 103 check inter 1000  
        server			saruman 10.0.1.51:6443 id 104 check inter 1000  
        server			radagast 10.0.1.52:6443 id 105 check inter 1000