apiVersion: traefik.containo.us/v1alpha1 kind: ServersTransport metadata: name: keycloak-frontend spec: serverName: keycloak.keycloak.svc.cluster.local rootCAsSecrets: - keycloak-frontend --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: keycloak spec: rules: - host: auth-next.janky.solutions http: paths: - path: / pathType: Prefix backend: service: name: keycloak port: name: web --- apiVersion: v1 kind: Service metadata: name: keycloak labels: app: keycloak # so prometheus can find this service annotations: traefik.ingress.kubernetes.io/service.serverstransport: keycloak-keycloak-frontend@kubernetescrd traefik.ingress.kubernetes.io/service.serversscheme: https spec: ports: - name: web port: 8443 - name: management port: 9000 clusterIP: None selector: app: keycloak