I'm looking for some guidances to setup a resilient network (handle possible crash of a switch for ex) between 3 machines using 2 switches and a router. On this network there will be multiple VLANS with different priorities ((o separate a metadata network from data and management networks).

The 3 machines have 2x10GbE ports connected to 2 CRS312-4C+8XG-RM switches. Each switch is for now connected to a CCR2004-1G-12S+2XS router:
What would be the best way to setup tyhe router. Should I link the switches all together? Which strategy to use? If I put 2x10G lnki between SFP+ ports of the switches, should i keep for each swicth a link to the router, or can i link only one switch to the router?

Which router do you have?? Which switches do you have?
Assuming orange devices will never be allowed to talk to blue devices

I am using 2 CRS312-4C+8XG-RM switches. The router is a CCR2004-1G-12S+2XS.

Well That's actually a good question. Orange and blue are for now defining the 2 different NIC. But maybe they can be bounded either in an active-backup strategy or using a LAG or something?

Mikrotik do not support bonding / LAG across multiple switches, if you connect the pair of interfaces on a server to different switches then only layer 2 option is spanning tree. As you have a single point of failure with a single router anyway adding switch failover may introduce additional potential fault modes and become less reliable - spanning tree can go into complete meltdown if the CPU in any of the devices is excessively busy or otherwise stops responding / sending BPDU packets, for example.

Mikrotik do not support bonding / LAG across multiple switches, if you connect the pair of interfaces on a server to different switches then only layer 2 option is spanning tree. As you have a single point of failure with a single router anyway adding switch failover may introduce additional potential fault modes and become less reliable - spanning tree can go into complete meltdown if the CPU in any of the devices is excessively busy or otherwise stops responding / sending BPDU packets, for example.

If I hear you I should add another router? What would be the topology in such case? Also maybe i should use another switch in between? Or what would be the other options to get HA?

As you only have a single ISP feed having multiple routers will not give you HA for external traffic, it could provide resilience between internal networks using VRRP but you have to take care with things such as DHCP and firewall rules as there is no synchronisation of IP pool use and connection tracking.