Since we are using ClusterIP, in the service type above, and our MinIO application is accessible via HTTP/HTTPS, we expose the application via a route. If our service used another protocol, besides HTTP/HTTPS, we would use a NodePort service type.
Here is our [route.yaml](https://code.ornl.gov/ryu/slate_helm_examples/-/blob/prout-dev/charts/minio-standalone/templates/route.yaml) file:
```
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: minio-standalone
spec:
host: minio-standalone.apps.marble.ccs.ornl.gov
to:
# Associate with the service we created
kind: Service
name: minio-standalone-service
port:
# Needs to match name of port in the service file
targetPort: 9000-tcp
tls:
# Terminate TLS at the router, before sending to service. Preferred method of securing a route.
termination: edge
```
Simple diagram of networking relationship and the deployment wrapping the pod(s):
```
Deployment
----------
https://minio-standalone.apps.marble.ccs.ornl.gov/minio/ ---> Route --> Service --> | Pod(s) |
----------
```
At the end, once we install our minio-standalone application, we will have the above and be able to access the app via the URL.
### The Network Policy
Network Policies are specifications of how groups of pods are allowed to communicate with each other and other network endpoints. A pod is selected in Network Policy based on a label, defining rules for network traffic, specific to that pod.
In this example, we create a Network Policy for our minio-standalone applicaiton. Here is the [network-policy.yaml](https://code.ornl.gov/ryu/slate_helm_examples/-/blob/prout-dev/charts/minio-standalone/templates/network-policy.yaml) file:
