Bare metal cluster - Physical network architecture


So I’m new to Rancher and Kubernetes, i have managed to setup a rancher/kubernetes cluster on a few bare metal hosts. Those hosts have dual network cards: eth0 (192.168.1.X), eth1 (192.168.99.Y)
I managed to deploy a service and publish it using Ingress.

My concern is : with this (default) setup i manage the cluster with both 192.168.1.X and 192.168.99.Y and i access the deployed service the same way.

What i want to achieve is dedicating eth0 for rancher/kubernetes management operations and eth1 for publishing applications. The management network (192.168.1.X) is physically isolated (and possibly airgapped) from the 192.168.99.Y network (public network). That makes very much sense to me from a security point of view.

So the question is how to do this ? I cannot find the beginning of an answer on internet, so I am starting to wonder if that even makes sense according to the Rancher/Kubernetes philosophy.
Now i’m really lost !