This topic describes how you can use your NodePort with Supply Chain Security Tools (SCST) - Store.
NoteThe recommended service type is Ingress. NodePort is only recommended when the cluster does not support Ingress or the cluster does not support the LoadBalancer service type.
NodePort
is not supported for a multicluster setup, as certificates cannot be modified.
You must use port forwarding when using the NodePort
configuration.
Configure port-forwarding for the service so that the curl command can access SCST - Store. You can configure port-forwarding in a separate terminal window or in the background.
From a separate terminal window, run:
kubectl port-forward service/metadata-store-app 8443:8443 -n metadata-store
Alternatively, run the following command in the background:
kubectl port-forward service/metadata-store-app 8443:8443 -n metadata-store &
/etc/hosts
file for port-forwardingUse the following script to add a new local entry to /etc/hosts
:
METADATA_STORE_PORT=$(kubectl get service/metadata-store-app --namespace metadata-store -o jsonpath="{.spec.ports[0].port}")
METADATA_STORE_DOMAIN="metadata-store-app.metadata-store.svc.cluster.local"
# delete any previously added entry
sudo sed -i '' "/$METADATA_STORE_DOMAIN/d" /etc/hosts
echo "127.0.0.1 $METADATA_STORE_DOMAIN" | sudo tee -a /etc/hosts > /dev/null