[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Restricting access to some Routes



Hi

 

From this documentation : https://docs.openshift.com/container-platform/3.10/architecture/networking/routes.html#route-specific-annotations

 

You can annotate a route with : haproxy.router.openshift.io/ip_whitelist to set a whitelist for the route.

 

Never tried though, let me know if this works 😊

 

François

 

 

De : users-bounces lists openshift redhat com <users-bounces lists openshift redhat com> De la part de Peter Heitman
Envoyé : jeudi 30 août 2018 14:54
À : users lists openshift redhat com
Objet : Restricting access to some Routes

 

In my deployment there are 5 routes - two of them are from OpenShift (docker-registry and registry-console) and three of them are specific to my application. Of the 5, 4 of them are administrative and shouldn't be accessed by just anyone on the Internet. One of my application's route is required to be accessed by 'anyone' on the Internet. 

 

My question is, what is the best practice to achieve this restriction? Is there a way to set IP address or subnet restrictions on a route? Do I need to set up separate nodes and separate routers so that I can use a firewall to restrict access to the 4 routes and allow access to the Internet service? Any suggestions?

 

Peter

 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]