Brevet/dev/provisioning/ansible/roles/haproxy/templates/haproxy_keydb.new

global
    log /dev/log    local0
    log /dev/log    local1 notice
    chroot /var/lib/haproxy
    #stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
    stats timeout 30s
    user haproxy
    group haproxy
    daemon

    # The lines below enable multithreading. This should correlate to number of threads available you want to use.
    nbproc 1
    #nbthread 4
    #cpu-map auto:1/1-4 0-3

    # Default SSL material locations
    #ca-base /etc/ssl/certs
    #crt-base /etc/ssl/private

    # Default ciphers to use on SSL-enabled listening sockets.
    #ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
    #ssl-default-bind-options no-sslv3
    maxconn 40000

defaults
    log global
    mode    http
    option  httplog
    option  dontlognull
    timeout connect 5000
    timeout client  50000
    timeout server  50000

listen mykeydb 
    bind *:{{ redis_vip_port }}
    maxconn 40000 
    mode tcp
    balance first
    option tcplog
    option tcp-check
    #uncomment these lines if you have basic auth
    #tcp-check send AUTH\ yourpassword\r\n
    #tcp-check expect string +OK
    tcp-check send PING\r\n
    tcp-check expect string +PONG
    tcp-check send info\ replication\r\n
    tcp-check expect string role: active-replica
    tcp-check send QUIT\r\n
    tcp-check expect string +OK
    {% for item in haproxy_backend_servers %}
    server {{ item }} {{ hostvars[item]['ansible_host'] }}:{{ redis_port }} maxconn 20000 check inter 1s
    {% endfor %}