Hello,
you can use an ingress listening for https with TLS termination and the entrypoint default configuration.
I could be something like:
# Traefik service
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: traefik
labels:
app: traefik-lb
spec:
replicas: 1
selector:
matchLabels:
app: traefik-lb
template:
metadata:
labels:
app: traefik-lb
spec:
serviceAccountName: traefik-controller
containers:
- name: traefik
image: traefik:v2.3
args:
- --entrypoints.web.address=:80
- --entrypoints.web.http.redirections.entryPoint.to=websecure
- --entrypoints.websecure.address=:443
- --providers.kubernetesingress
ports:
- name: web
containerPort: 80
- name: websecure
containerPort: 443
---
apiVersion: v1
kind: Service
metadata:
name: traefik
spec:
selector:
app: traefik-lb
ports:
- protocol: TCP
port: 80
targetPort: 80
name: web
- protocol: TCP
port: 443
targetPort: 443
name: websecure
type: LoadBalancer
# ingress
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: whoami-ingress
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
spec:
rules:
- host: whoami
http:
paths:
- backend:
serviceName: whoami
servicePort: 80
tls:
- secretName: mysecret
Let me know if it helps. 