I have the following IngressRoute definition (mostly taken from the dashboard docs but added https):
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: traefik-dashboard
namespace: traefik
spec:
entrypoints: # Note the missing "web" entrypoint
- websecure
routes:
- match: Host(`traefik.example.com`)
kind: Rule
services:
- name: api@internal
kind: TraefikService
middlewares:
- name: admin-basic-auth
namespace: traefik
tls:
certResolver: letsencrypt
Despite the fact that I specified only the websecure entrypoint, the web entrypoint is also used for this IngressRoute.
Here is my question: Why?
Possibly related issue: Traefik not respecting entrypoint constraints
1 Like
Hey @overheadhunter
What version are you running? 
I'm running Traefik 2.2.0 final
Can you provide me also with your static configuration?
The static config is done via CLI args:
--log.level=DEBUG
--api
--entrypoints.web.address=:80
--entryPoints.web.http.redirections.entryPoint.to=websecure
--entryPoints.web.http.redirections.entryPoint.scheme=https
--entryPoints.web.http.redirections.entryPoint.permanent=true
--entrypoints.websecure.address=:443
--providers.kubernetescrd
--providers.kubernetesingress
--providers.kubernetesingress.namespaces=default,traefik
--certificatesresolvers.letsencrypt.acme.tlschallenge
--certificatesresolvers.letsencrypt.acme.email=webmaster@example.com
--certificatesresolvers.letsencrypt.acme.storage=acme.json
# Please note that this is the staging Let's Encrypt server.
# Once you get things working, you should remove that whole line altogether.
--certificatesresolvers.letsencrypt.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory