I am trying to use the HAProxy Ingress Controller with Let's Encrypt for the SSL on GKE. But I think HAProxy does not support Let's Encrypt. These are the steps I did. 1. Created HAProxy Ingress Controller 2. Created Cert Manager and Cluster Issuer 3. Creating Ingress Resource

Generally an Ingress resource creates L7 HTTP(S) load balancer. But as I have asked Ingress resource to get the SSL certificate using Let's Encrypt, it is not able to install the certificate on the loadbalancer as the LB is not created yet.

I can understand that NGINX Ingress Controller is another option. But NGINX, it creates L4 loadbalancer.

Is there any way out with HAProxy Ingress Controller? Or Should I move to Voyager Ingress Controller which is backed by HAProxy?

Ingress Resource

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: fanout-ingress-haproxy
  namespace: xyz-product
  labels:                     # Labels that will be applied to this resource
    app: prod-user-reg-app
  annotations:
    kubernetes.io/ingress.global-static-ip-name: prod-reg-static-ip  #Defined in GCP platform. A Static IP needs to be created in the GCP.
 #   ingress.kubernetes.io/force-ssl-redirect: "true"
    haproxy.org/ingress.class: "haproxy"
    haproxy.org/load-balance: "leastconn"  #roundrobin
    haproxy.org/forwarded-for: "enabled"
 #   haproxy.org/ssl-certificate: "xyz-product/prod-tls-secret"
 #   haproxy.org/ssl-redirect: "ON"
 #   haproxy.org/ssl-redirect-code: "303"
    cert-manager.io/cluster-issuer: letsencrypt-staging
spec:
  tls:
  - hosts:
    - apps.mydomain.co.uk
    secretName: staging-issuer-account-key
  rules:
  - host: apps.mydomain.co.uk
    http:
      paths:
      - path: /user-reg/create/*
        backend:
          serviceName: prod-user-reg-create-app
          servicePort: 8081