You can annotate a route with : haproxy.router.openshift.io/ip_whitelist to set a whitelist for the route.
Never tried though, let me know if this works 😊
De : users-bounces lists openshift redhat com <users-bounces lists openshift redhat com>
De la part de Peter Heitman
In my deployment there are 5 routes - two of them are from OpenShift (docker-registry and registry-console) and three of them are specific to my application. Of the 5, 4 of them are administrative and shouldn't be accessed by just anyone on the Internet. One of my application's route is required to be accessed by 'anyone' on the Internet.
My question is, what is the best practice to achieve this restriction? Is there a way to set IP address or subnet restrictions on a route? Do I need to set up separate nodes and separate routers so that I can use a firewall to restrict access to the 4 routes and allow access to the Internet service? Any suggestions?