• BCM Kubernetes Cluster API (CAPI) Infrastructure Provider Update

    Overview Base Command Manager (BCM) supports Cluster API for deploying Kubernetes clusters. This feature was introduced in BCM 10 and is documented in containerization manual chapter 8. Problem: Upstream changes in the Cluster API project and discontinued maintenance of the CAPI infrastructure provider (Bring Your Own Host) broke Cluster API…

  • Fix: KubernetesCertsExpiration – JSONDecodeError: Expecting value: line 1 column 1 (char 0)

    How to Patch KubernetesCertsExpiration health check in BCM <= 10.25.03 This is the regression that is present in BCM 10.25.03 (and possibly 10.24.11). The KubernetesCertsExpiration health check script runs on Kubernetes control-plane nodes to keep track of expiring certificates. root@bcmhead1:~# cmsh [bcmhead1]% device use node001 [bcmhead1->device[node001]]% latesthealthdata   Measurable                  Parameter…

  • Configuring Kubernetes control-plane in BCM 10+

    1. Prerequisites This KB article is written with BCM 10.25.06 in mind, but will work with all versions of BCM 10 (and BCM 11) 1.1. Downloading the helper script These downloads will not be necessary if the version of BCM is either >= 10.25.06 or >= 11.25.05. # BCM 10+…

  • Etcd membership reconfiguration in BCM 10+

    1. Prerequisites The following article was written with Bright Cluster Manager 10 and 11 in mind but should work the same for version 9.2 as well. For BCM 9.0 and 9.1, please refer to the old instructions in this version of the KB article: https://kb.brightcomputing.com/knowledge-base/etcd-membership-reconfiguration-in-bright-9-0/ The minimum required version of…

  • CVE-2025-1974 – Patch for: Critical Ingress NGINX Controller vulnerabilities

    1. CVEs information Please refer to https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html for more information about the list CVE’s. CVE-2025-24513 CVE-2025-24514 CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 This KB article provides instructions for BCM 10 (section 2) and BCM 9.2 (section 3) where the Ingress controller is deployed through a manifest by BCM. Updating this component in Kubernetes…

  • Etcd Backup and Restore with BCM 10.0

    Prerequisites The following article was written with Bright Cluster Manager version 10 (10.23.09 or newer) in mind. We assume we have shared storage available as a mount in /cm/shared, we will create a target directory there for our Etcd backups. The backup part of this KB article (Section 2) is…

  • Required security upgrade for NVIDIA GPU Operator

    A security issue has been found in nvidia-container-toolkit. Since the NVIDIA GPU Operator has the ability to take care of installing this toolkit on the Kubernetes hosts that require this provisioning for proper integration of GPUs with Kubernetes, this security issue might affect the GPU operator as well. This feature…

  • Required security upgrade for nvidia-container-toolkit

    A security issue has been found in nvidia-container-toolkit. All nodes that have this package installed need to have the package updated. On BCM clusters, the package can be either called cm-nvidia-container-toolkit or nvidia-container-toolkit. The (cm-)nvidia-container-toolkit packages must be updated on the head nodes and in all relevant software images. 1….

  • Kubernetes 1.30.5 setup on BCM 10.24.09 Airgapped

    1. Prerequisites and Requirements We will setup the following: Kubernetes version: v1.30.5 Base Command Manager (BCM) version: 10.24.09 On Linux OS: Ubuntu 22.04, Ubuntu 24.04, Rocky Linux 9u3 or RHEL 9u3. On an air-gapped cluster (no internet access at all) The first instructions are to be executed on a host with…