With the amount of inter-VLAN routing expected ("docker", "entertainment"), I would assume throughput expectations close to 1 GBit/s wirespeed, which means you need a quite beefy router to deal with that (x86_64 comes to mind, e.g Tips for getting cheap used x86-based firewall with full Gbit NAT (a PC Engines APU) if you are in the US with baytrail-d/ ivy-bridge or newer).
rtl838x however peaks out around 15-20 MBit/s total, it's a switch (L2), not a router (L3). These are quite different use cases, L2 switching just needs a 'stupid' but massively parallel switch fabric, L3 routing needs (a lot of) CPU power to make decisions dynamically.
https://openwrt.org/toh/watchguard/firebox-m300 could kind of provide both features, to some extent.