In my deployment there are 5 routes - two of
them are from OpenShift (docker-registry and
registry-console) and three of them are specific to my
application. Of the 5, 4 of them are administrative and
shouldn't be accessed by just anyone on the Internet. One of
my application's route is required to be accessed by
'anyone' on the Internet.
My question is, what is the best practice to achieve
this restriction? Is there a way to set IP address or
subnet restrictions on a route? Do I need to set up
separate nodes and separate routers so that I can use a
firewall to restrict access to the 4 routes and allow
access to the Internet service? Any suggestions?