Download Kubernetes

Kubernetes ships binaries for each component as well as a standard set of client applications to bootstrap or interact with a cluster. Components like the API server are capable of running within container images inside of a cluster. Those components are also shipped in container images as part of the official release process. All binaries as well as container images are available for multiple operating systems as well as hardware architectures.

Container Images

All Kubernetes container images are deployed to the k8s.gcr.io container registry.

FEATURE STATE: Kubernetes v1.24 [alpha]

For Kubernetes v1.24, the following container images are signed using cosign signatures:

Container Image Supported Architectures
k8s.gcr.io/kube-apiserver:v1.24.0 amd64, arm, arm64, ppc64le, s390x
k8s.gcr.io/kube-controller-manager:v1.24.0 amd64, arm, arm64, ppc64le, s390x
k8s.gcr.io/kube-proxy:v1.24.0 amd64, arm, arm64, ppc64le, s390x
k8s.gcr.io/kube-scheduler:v1.24.0 amd64, arm, arm64, ppc64le, s390x
k8s.gcr.io/conformance:v1.24.0 amd64, arm, arm64, ppc64le, s390x

All container images are available for multiple architectures, whereas the container runtime should choose the correct one based on the underlying platform. It is also possible to pull a dedicated architecture by suffixing the container image name, for example k8s.gcr.io/kube-apiserver-arm64:v1.24.0. All those derivations are signed in the same way as the multi-architecture manifest lists.

The Kubernetes project publishes a list of signed Kubernetes container images in SBoM (Software Bill of Materials) format. You can fetch that list using:

curl -Ls "https://sbom.k8s.io/$(curl -Ls https://dl.k8s.io/release/latest.txt)/release"  | awk '/PackageName: k8s.gcr.io\// {print $2}'

For Kubernetes v1.24, the only kind of code artifact that you can verify integrity for is a container image, using the experimental signing support.

To manually verify signed container images of Kubernetes core components, refer to Verify Signed Container Images.

Binaries

Find links to download Kubernetes components (and their checksums) in the CHANGELOG files.

Alternately, use downloadkubernetes.com to filter by version and architecture.

kubectl

The Kubernetes command-line tool, kubectl, allows you to run commands against Kubernetes clusters.

You can use kubectl to deploy applications, inspect and manage cluster resources, and view logs. For more information including a complete list of kubectl operations, see the kubectl reference documentation.

kubectl is installable on a variety of Linux platforms, macOS and Windows. Find your preferred operating system below.

Last modified April 13, 2022 at 10:37 AM PST: Tweak wording about which container images are signed (77df67062)