Well you either haven't posted all your config or you are missing key item like your resolver config. My strong suggestions is don't mix treaefik.yml, commandline and envvars for you static config - that's not supported and by that i mean its documented it wont work - as soon as you specify anything in traefik yml all command line options appear to be ignored. (i hit same issue, took me an a couple hours of head banging to solve )
and i don't know K8S - but this is what a docker provider looks like - can you use label syntax in K8S?
ports: #these 3 ports must be published (8080 is for the dashboard reverse proxy)
- data:/data # i user glusterfs plugin volume driver instead of regaulr bind mounts
configs: # i use configs to store configs and make avasilabel to entire swarm cluster
- source: traefik_config
- node.role == manager
#Traefik Router Setup
# - "traefik.http.routers.traefik.middlewares=oauth2-redirect@file"
# Dashboard Service Setup
- "traefik.http.services.dashboard.loadbalancer.server.port=8081" # this isn't really used but is required, in reality the port can be anything and the services.name can be anyting note 8081 must be published, this for dashboard only
# global redirect to https
# middleware redirect
maybe that will have something that help. good luck
Sorry the delay responding. Where are you getting certificatesResolvers and entryPoints keys from the Helm chart? If you look at the default Helm chart values.yaml file those keys are not even specified. Thus, why I thought I had to use the command line flags to configure everything with Traefik v2.
Sorry i don't know about helm etc but i don't think it changes the fundamentals of how traefik works?
All i was pointing out is this from the docs (as you were asking for ideas why commands didnt seem to work) - the static config locations in v2.6 are mutually exclusive. Took me ages to figure this out - i couldn't fathom out for a couple of days why command line and env vars were not working for me - it was because i had used traefik.yml. then i found this....
The Static Configuration
There are three different, mutually exclusive (i.e. you can use only one at the same time), ways to define static configuration options in Traefik:
one last suggestion (take with grain of slat as i don't use command line) but you don't seem be matching the canonical as i don't see where either file defines websecure or binds the resolver (but i am new to this so maybe i am missing something?) This seems to be the syntax?
The ingressClass name should match spec.ingressClassName in Ingress object.
Some time ago I recorded the following webinar and there are some examples that should help starting with Traefik on Kubernetes. I use Helm to deploy Traefik since it is the most easy way to deploy it and to start using it.
The last and missing piece is how to specify the CloudFlare credentials for use with the Let's Encrypt DNS challenge type. I know I can set the envars CF_API_EMAIL and CF_API_KEY directly in the Traefik values Helm chart but is there a way I can create a native Kubernetes secret and reference that secret in the Helm chart for Traefik instead? That way sensitive CloudFlare credentials are not stored in the chart configuration.
Finally, creating the custom IngressClass does not seem to be needed for my use-case.