Google Distributed Cloud for bare metal downloads

This page provides commands to download and verify the following artifacts for Google Distributed Cloud (software only) for bare metal, formerly known as Google Distributed Cloud:

  • bmctl command-line tool.
  • Google Distributed Cloud offline container images package.

This page is for Admins and architects and Operators who manage the lifecycle of the underlying tech infrastructure. To learn more about common roles and example tasks that we reference in Google Cloud content, see Common GKE Enterprise user roles and tasks.

Sign in

Sign in with any Google Account:

gcloud auth login

Download bmctl

bmctl is the command-line tool for Google Distributed Cloud that simplifies cluster creation and management. For more information about what you can do with bmctl, see bmctl tool.

From your Linux admin workstation, use the following commands to download bmctl and make it executable:

gcloud storage cp gs://anthos-baremetal-release/bmctl/VERSION/linux-amd64/bmctl .

chmod +x ./bmctl

Replace VERSION with the version of Google Distributed Cloud you want to install or upgrade your clusters to. Here's the list of the latest patch versions for supported minor versions:

  • 1.30.200-gke.101
  • 1.29.700-gke.113
  • 1.28.1100-gke.94

For a list of all available versions, see Version history.

Verify bmctl using openssl

Verify the bmctl binary against the public key using openssl, where VERSION is the file's version:

  1. If you haven't already, write the pubic key to a file, public.key:

    cat << EOF > public.key
    -----BEGIN PUBLIC KEY-----
    MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWZrGCUaJJr1H8a36sG4UUoXvlXvZ
    wQfk16sxprI2gOJ2vFFggdq3ixF2h4qNBt0kI7ciDhgpwS8t+/960IsIgw==
    -----END PUBLIC KEY-----
    EOF
    
  2. Download the digital signature file for the specific version of bmctl that you downloaded:

    gcloud storage cp gs://anthos-baremetal-release/bmctl/VERSION/linux-amd64/bmctl.1.sig .
    
  3. Use OpenSSL to verify the signature:

    openssl dgst -verify public.key -signature ./bmctl.1.sig ./bmctl
    

    Expected output of this command is Verified OK.

Download the images package

You only need the images package if you plan on setting up a registry mirror. The package provides all of the container images used by Google Distributed Cloud for the specified version. Make sure the package you download is the same version as the bmctl download.

From your Linux admin workstation, run the following command to download the package:

gcloud storage cp gs://anthos-baremetal-release/bmctl/VERSION/linux-amd64/bmpackages_VERSION.tar.xz .

Verify the images package using openssl

Verify the images package binary against the public key using openssl, where VERSION is the file's version:

  1. If you haven't already, write the pubic key to a file, public.key:

    cat << EOF > public.key
    -----BEGIN PUBLIC KEY-----
    MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWZrGCUaJJr1H8a36sG4UUoXvlXvZ
    wQfk16sxprI2gOJ2vFFggdq3ixF2h4qNBt0kI7ciDhgpwS8t+/960IsIgw==
    -----END PUBLIC KEY-----
    EOF
    
  2. Download the digital signature file for the specific version of bmctl that you downloaded:

    gcloud storage cp gs://anthos-baremetal-release/bmctl/VERSION/linux-amd64/bmpackages_VERSION.tar.xz.1.sig .
    
  3. Use OpenSSL to verify the signature:

    openssl dgst -verify public.key -signature \
        ./bmpackages_VERSION.tar.xz.1.sig \
        ./bmpackages_VERSION.tar.xz
    

    Expected output of this command is Verified OK.