Distributed Cloud Edge installation requirements

Before you order Distributed Cloud Edge hardware, you must meet the installation requirements described on this page.

Hardware configuration

Before ordering, your network administrator must work with Google to plan the hardware configuration for the Distributed Cloud Edge installation.

Based on your business requirements, your network administrator must determine and provide the following information:

  • Number of racks
  • Number of requested CPUs
  • Amount of requested memory
  • Amount of requested storage
  • Number of requested network links and their bandwidth
  • Power supply type (AC or DC)

Premium Support

Distributed Cloud Edge requires Premium Support. If you're not a Premium Support customer you must purchase Premium Support to use Distributed Cloud Edge.

Google Cloud information

When ordering, you must provide the following Google Cloud information to Google, if applicable:

  • Your Google Cloud organization ID
  • Whether you want Google to provision your Distributed Cloud Edge machines as part of an existing Google Cloud project or create a new Google Cloud project
  • If provisioning within an existing Cloud project, the ID of the target Cloud project
  • Desired number of Distributed Cloud Edge zones

Installation site

To verify that your delivery path and installation site can accommodate the Distributed Cloud Edge hardware, Google might ask you for photographs and drawings that accurately depict both, or perform a pre-delivery survey of your site.

The delivery path must be free from obstructions and have a grade below 3%. You must provide access to an elevator if the installation site is not on the same floor as your loading dock or building entrance.

All doorways, hallways, and elevators must support the gross weight and dimensions of the crated Distributed Cloud Edge hardware.

You must provide Google service technicians access throughout the delivery path up to and including the installation site.

Space

The Distributed Cloud Edge hardware rack comes in a crate with the following dimensions:

Dimension Value (imperial) Value (metric)
Height 87 inches 221 cm
Depth 60 inches 152 cm
Width 40 inches 102 cm

The Distributed Cloud Edge hardware rack has the following dimensions:

Dimension Value (imperial) Value (metric)
Height 80 inches 203 cm
Depth 48 inches 122 cm
Width 24 inches 61 cm

Seismic bracing

If your local jurisdiction or facility requires you to brace the Distributed Cloud Edge rack, you may need special bracing hardware. The Distributed Cloud Edge rack ships anchored to its crate with brackets that you can re-use to attach the rack to your floor. However, these brackets might not meet your local bracing requirements.

Weight

The gross weight of the Distributed Cloud Edge rack is as follows:

Rack fill Gross weight
Typical 900 lbs (408 kg)
Maximum 1300 lbs (590 kg)

The delivery path, including any elevators, and the installation site must safely support this weight while in full compliance with local building codes.

Power

The Distributed Cloud Edge rack requires single-phase or three-phase alternating current power at 50Hz or 60Hz, or -48V direct current Telco-style positive-ground power. You must specify the desired power supply type when ordering the hardware.

You must supply power to the installation site in accordance with your local building codes, including the following work:

  • Installing cabling conduits
  • Running the required cabling
  • Connecting the cabling to your electrical panel
  • Turning on the power

All electrical work must be performed by a certified electrician.

Line specifications

You must supply the following number of independent power lines to ensure high availability, based on the variant you want to deploy:

Variant Line requirement
AC power Two (2) independent power lines with a dedicated ground connection
DC power Four (4) independent supply lines with dedicated returns and a dedicated ground connection

All power receptacles must be located at most 6 feet (1.8m) from the installation site.

AC power specifications

For AC power, all power supply lines must meet one of the following specifications:

Phase Rating Connector
Single-phase 208V/30A, 50/60Hz per line NEMA L6-30P
Three-phase 208V/30A, 50/60Hz per line NEMA L21-30 3PH
Three-phase 208V/60A, 50/60Hz per line IEC 60309 460C9W

DC power specifications

For DC power, all power supply lines must be positive-ground Telco-style lines that meet the following specifications:

Line type Rating Connector
Supply -48V/125A per line Two-hole 3/8-inch-on-1-inch-centers compression lug
Return -48V/125A per line Two-hole 3/8-inch-on-1-inch-centers compression lug
Ground -48V/600A, dedicated Single-hole 1/4-inch compression lug

Power draw

The power draw of a Distributed Cloud Edge hardware rack ranges between 3,000W and 4,000W based on CPU load and other factors, with peak consumption momentarily reaching 4,400W at power-up.

Backup power

For either variant, each of the independent power lines must have an independent uninterruptible power supply (UPS) capable of powering the Distributed Cloud Edge hardware continuously for a minimum of four hours.

In addition to UPS backup, you must also provide emergency electrical generator backup of sufficient capacity to both charge the UPS units and power the Distributed Cloud Edge hardware for a minimum of four hours. The Distributed Cloud Edge hardware must be connected to the UPS units, and the UPS units must then connect to the generator backup.

Cooling

The Distributed Cloud Edge hardware rack is air-cooled and requires a climate-controlled environment to operate. Your installation site must provide adequate cooling to keep the Distributed Cloud Edge hardware operational.

Your installation site must provide the following ambient environment:

Environmental factor Required range
Temperature Between 61°F (16°C) and 75°F (24°C)
Humidity Between 40% and 60%, non-condensing

The rack produces up to 13,650 BTUs of heat per hour and uses forced air to remove it from the installed hardware. The front of the rack acts as a cold air intake and the back of the rack as a hot air exhaust. You must provide 4 feet (1.2m) of open space at both the front and back of the rack to allow for sufficient airflow.

If your installation site is not a typical data center, you must provide dimensional drawings of the installation site before ordering to ensure that the rack can be safely installed and powered up.

Networking

The Distributed Cloud Edge hardware rack requires four independent QSFP28-100GBASE-LR4 fiber connections to your local network. You must specify your network requirements, such as IP address ranges and firewall configuration when ordering Distributed Cloud Edge hardware.

Before ordering, your network administrator must work with Google to plan the network configuration for the Distributed Cloud Edge installation.

The following diagram depicts a typical Distributed Cloud Edge configuration:

Distributed Cloud Edge components
Distributed Cloud Edge components

For more information about the components shown in this diagram, see Distributed Cloud Edge hardware.

Address block allocation

Distributed Cloud Edge requires that you allocate the following address blocks on your local network:

Network component Allocation requirement
Peering link to your local network Four public or private /31 CIDR blocks. You can provide four /31 CIDR blocks, a VLAN ID, and two BGP ASNs that cover these four address blocks. One ASN for your local routers that peer with Distributed Cloud Edge ToR switches and one ASN for the Distributed Cloud Edge switches.
ToR switch management subnetwork At least one /30 CIDR block, either public or RFC 1918.
Distributed Cloud Edge machine management subnetwork At least one /27 CIDR block, either public or RFC 1918.
Distributed Cloud Edge Nodes subnetwork At least one /27 CIDR block, either public or RFC 1918.

When ordering Distributed Cloud Edge, your network administrator must provide the above CIDR block allocation information. These values cannot be changed after Distributed Cloud Edge has been deployed.

Node, machine management, and ToR switch CIDR blocks must be routable subnetworks on your local network. They can be private RFC 1918-range subnetworks or public networks. You must configure the appropriate BGP sessions on your peering edge routers to accept routes for the Distributed Cloud Edge Nodes subnetwork, the Distributed Cloud Edge Machine management subnetwork, and the lower two /32 IP addresses of the ToR switch management subnetwork.

The CIDR blocks are allocated per Distributed Cloud Edge rack. When you create a Distributed Cloud Edge Cluster, Distributed Cloud Edge automatically assigns Nodes within that Cluster to addresses within the specified Node CIDR based on their capabilities and availability.

In a multi-rack Distributed Cloud Edge installation, you must specify unique CIDR blocks for each Distributed Cloud Edge rack, and each rack is connected to your network separately.

If you plan to expand your Distributed Cloud Edge installation with additional machines, you must account for the additional addresses this will require in your initial Distributed Cloud Edge order. You must also account for overhead addresses, such as gateway addresses and floating addresses used by VPN connections between your workloads and Google Cloud. Work with your Google Cloud sales representative to determine the optimum Node CIDR block allocations based on your business requirements.

When your Distributed Cloud Edge installation is up and running, you also need to allocate network addresses for your Distributed Cloud Edge Pods and Services as described in Distributed Cloud Edge Pod and Service network address allocation.

Firewall configuration

Distributed Cloud Edge requires that you configure your firewall to allow the following types of network traffic:

  • Distributed Cloud Edge management and Cluster control plane traffic
  • Distributed Cloud Edge workload traffic

Distributed Cloud Edge management and Cluster control plane traffic

Distributed Cloud Edge requires that you open the following ports on your local network. Distributed Cloud Edge requires these ports for outbound connections to Google over the internet for management and Cluster control plane traffic. You must use a stateful firewall that tracks this outbound traffic and allows the corresponding returning inbound traffic through to Distributed Cloud Edge.

Function Originating subnetwork Protocol Ports
Domain Name System (DNS) ToR switch management, Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes TCP, UDP 53
Network Time Protocol (NTP) ToR switch management, Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes UDP 123
Terminal Access Controller Access Control System (TACACS) for switch authentication ToR switch management TCP 3535
Management VPN ToR switch management, Distributed Cloud Edge machine management UDP 443
Bootstrap and Management API ToR switch management, Distributed Cloud Edge machine management TCP 443
Remote Kubernetes control plane Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes TCP 6443
Kubernetes Konnectivity proxy Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes TCP 8132, 8133, 8134
Monitoring service Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes TCP 443
Logging service Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes TCP 443
Cloud VPN and Virtual Private Cloud data plane Distributed Cloud Edge Nodes UDP (ESP, IKE) 500, 4500

Distributed Cloud Edge workload traffic

Your network administrator must also configure additional firewall rules to allow traffic to and from the workloads deployed on your Distributed Cloud Edge Clusters.

If you deploy Distributed Cloud Edge behind a NAT gateway and you have additional firewalling configured on your WAN gateways that filter or block inbound UDP traffic, the Cloud VPN connectivity required by Distributed Cloud Edge might be affected. In such cases, you must allow inbound Cloud VPN UDP traffic from the Cloud VPN IP address ranges.

For example, you need to allow inbound UDP traffic from source IP ranges 35.242.0.0/17, 35.220.0.0/17, and 34.157.0.0/16 with the source port matching 500 or 4500 (IKE/ESP). If your firewall solution requires a more exact configuration, set the destination IP address range to match the IP address range of the Distributed Cloud Edge Nodes subnetwork. If your firewall is upstream of your NAT gateway, set the destination IP address range to the NAT gateway's public IP address.

On-site maintenance

Google remotely monitors the Distributed Cloud Edge hardware. If you encounter an issue, contact Support to file a ticket. If Google detects a hardware failure, we will schedule a visit to your installation site. A Google-certified technician will work with you to coordinate the visit and make the required repairs.

What's next