Before you order Distributed Cloud Edge hardware, you must meet the installation requirements described on this page.
Before ordering, your network administrator must work with Google to plan the hardware configuration for the Distributed Cloud Edge installation.
Based on your business requirements, your network administrator must determine and provide the following information:
- Number of racks
- Number of requested CPUs
- Amount of requested memory
- Amount of requested storage
- Number of requested network links and their bandwidth
- Power supply type (AC or DC)
Distributed Cloud Edge requires Premium Support. If you're not a Premium Support customer you must purchase Premium Support to use Distributed Cloud Edge.
Google Cloud information
When ordering, you must provide the following Google Cloud information to Google, if applicable:
- Your Google Cloud organization ID
- Whether you want Google to provision your Distributed Cloud Edge machines as part of an existing Google Cloud project or create a new Google Cloud project
- If provisioning within an existing Cloud project, the ID of the target Cloud project
- Desired number of Distributed Cloud Edge zones
To verify that your delivery path and installation site can accommodate the Distributed Cloud Edge hardware, Google might ask you for photographs and drawings that accurately depict both, or perform a pre-delivery survey of your site.
The delivery path must be free from obstructions and have a grade below 3%. You must provide access to an elevator if the installation site is not on the same floor as your loading dock or building entrance.
All doorways, hallways, and elevators must support the gross weight and dimensions of the crated Distributed Cloud Edge hardware.
You must provide Google service technicians access throughout the delivery path up to and including the installation site.
The Distributed Cloud Edge hardware rack comes in a crate with the following dimensions:
|Dimension||Value (imperial)||Value (metric)|
|Height||87 inches||221 cm|
|Depth||60 inches||152 cm|
|Width||40 inches||102 cm|
The Distributed Cloud Edge hardware rack has the following dimensions:
|Dimension||Value (imperial)||Value (metric)|
|Height||80 inches||203 cm|
|Depth||48 inches||122 cm|
|Width||24 inches||61 cm|
If your local jurisdiction or facility requires you to brace the Distributed Cloud Edge rack, you may need special bracing hardware. The Distributed Cloud Edge rack ships anchored to its crate with brackets that you can re-use to attach the rack to your floor. However, these brackets might not meet your local bracing requirements.
The gross weight of the Distributed Cloud Edge rack is as follows:
|Rack fill||Gross weight|
|Typical||900 lbs (408 kg)|
|Maximum||1300 lbs (590 kg)|
The delivery path, including any elevators, and the installation site must safely support this weight while in full compliance with local building codes.
The Distributed Cloud Edge rack requires single-phase or three-phase alternating current power at 50Hz or 60Hz, or -48V direct current Telco-style positive-ground power. You must specify the desired power supply type when ordering the hardware.
You must supply power to the installation site in accordance with your local building codes, including the following work:
- Installing cabling conduits
- Running the required cabling
- Connecting the cabling to your electrical panel
- Turning on the power
All electrical work must be performed by a certified electrician.
You must supply the following number of independent power lines to ensure high availability, based on the variant you want to deploy:
|AC power||Two (2) independent power lines with a dedicated ground connection|
|DC power||Four (4) independent supply lines with dedicated returns and a dedicated ground connection|
All power receptacles must be located at most 6 feet (1.8m) from the installation site.
AC power specifications
For AC power, all power supply lines must meet one of the following specifications:
|Single-phase||208V/30A, 50/60Hz per line||NEMA L6-30P|
|Three-phase||208V/30A, 50/60Hz per line||NEMA L21-30 3PH|
|Three-phase||208V/60A, 50/60Hz per line||IEC 60309 460C9W|
DC power specifications
For DC power, all power supply lines must be positive-ground Telco-style lines that meet the following specifications:
|Supply||-48V/125A per line||Two-hole 3/8-inch-on-1-inch-centers compression lug|
|Return||-48V/125A per line||Two-hole 3/8-inch-on-1-inch-centers compression lug|
|Ground||-48V/600A, dedicated||Single-hole 1/4-inch compression lug|
The power draw of a Distributed Cloud Edge hardware rack ranges between 3,000W and 4,000W based on CPU load and other factors, with peak consumption momentarily reaching 4,400W at power-up.
For either variant, each of the independent power lines must have an independent uninterruptible power supply (UPS) capable of powering the Distributed Cloud Edge hardware continuously for a minimum of four hours.
In addition to UPS backup, you must also provide emergency electrical generator backup of sufficient capacity to both charge the UPS units and power the Distributed Cloud Edge hardware for a minimum of four hours. The Distributed Cloud Edge hardware must be connected to the UPS units, and the UPS units must then connect to the generator backup.
The Distributed Cloud Edge hardware rack is air-cooled and requires a climate-controlled environment to operate. Your installation site must provide adequate cooling to keep the Distributed Cloud Edge hardware operational.
Your installation site must provide the following ambient environment:
|Environmental factor||Required range|
|Temperature||Between 61°F (16°C) and 75°F (24°C)|
|Humidity||Between 40% and 60%, non-condensing|
The rack produces up to 13,650 BTUs of heat per hour and uses forced air to remove it from the installed hardware. The front of the rack acts as a cold air intake and the back of the rack as a hot air exhaust. You must provide 4 feet (1.2m) of open space at both the front and back of the rack to allow for sufficient airflow.
If your installation site is not a typical data center, you must provide dimensional drawings of the installation site before ordering to ensure that the rack can be safely installed and powered up.
The Distributed Cloud Edge hardware rack requires four independent QSFP28-100GBASE-LR4 fiber connections to your local network. You must specify your network requirements, such as IP address ranges and firewall configuration when ordering Distributed Cloud Edge hardware.
Before ordering, your network administrator must work with Google to plan the network configuration for the Distributed Cloud Edge installation.
The following diagram depicts a typical Distributed Cloud Edge configuration:
For more information about the components shown in this diagram, see Distributed Cloud Edge hardware.
Address block allocation
Distributed Cloud Edge requires that you allocate the following address blocks on your local network:
|Network component||Allocation requirement|
|Peering link to your local network||Four public or private /31 CIDR blocks. You can provide four /31 CIDR blocks, a VLAN ID, and two BGP ASNs that cover these four address blocks. One ASN for your local routers that peer with Distributed Cloud Edge ToR switches and one ASN for the Distributed Cloud Edge switches.|
|ToR switch management subnetwork||At least one /30 CIDR block, either public or RFC 1918.|
|Distributed Cloud Edge machine management subnetwork||At least one /27 CIDR block, either public or RFC 1918.|
|Distributed Cloud Edge Nodes subnetwork||At least one /27 CIDR block, either public or RFC 1918.|
When ordering Distributed Cloud Edge, your network administrator must provide the above CIDR block allocation information. These values cannot be changed after Distributed Cloud Edge has been deployed.
Node, machine management, and ToR switch CIDR blocks must be routable subnetworks on your local network. They can be private RFC 1918-range subnetworks or public networks. You must configure the appropriate BGP sessions on your peering edge routers to accept routes for the Distributed Cloud Edge Nodes subnetwork, the Distributed Cloud Edge Machine management subnetwork, and the lower two /32 IP addresses of the ToR switch management subnetwork.
The CIDR blocks are allocated per Distributed Cloud Edge rack. When you create a Distributed Cloud Edge Cluster, Distributed Cloud Edge automatically assigns Nodes within that Cluster to addresses within the specified Node CIDR based on their capabilities and availability.
In a multi-rack Distributed Cloud Edge installation, you must specify unique CIDR blocks for each Distributed Cloud Edge rack, and each rack is connected to your network separately.
If you plan to expand your Distributed Cloud Edge installation with additional machines, you must account for the additional addresses this will require in your initial Distributed Cloud Edge order. You must also account for overhead addresses, such as gateway addresses and floating addresses used by VPN connections between your workloads and Google Cloud. Work with your Google Cloud sales representative to determine the optimum Node CIDR block allocations based on your business requirements.
When your Distributed Cloud Edge installation is up and running, you also need to allocate network addresses for your Distributed Cloud Edge Pods and Services as described in Distributed Cloud Edge Pod and Service network address allocation.
Distributed Cloud Edge requires that you configure your firewall to allow the following types of network traffic:
- Distributed Cloud Edge management and Cluster control plane traffic
- Distributed Cloud Edge workload traffic
Distributed Cloud Edge management and Cluster control plane traffic
Distributed Cloud Edge requires that you open the following ports on your local network. Distributed Cloud Edge requires these ports for outbound connections to Google over the internet for management and Cluster control plane traffic. You must use a stateful firewall that tracks this outbound traffic and allows the corresponding returning inbound traffic through to Distributed Cloud Edge.
|Domain Name System (DNS)||ToR switch management, Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes||TCP, UDP||53|
|Network Time Protocol (NTP)||ToR switch management, Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes||UDP||123|
|Terminal Access Controller Access Control System (TACACS) for switch authentication||ToR switch management||TCP||3535|
|Management VPN||ToR switch management, Distributed Cloud Edge machine management||UDP||443|
|Bootstrap and Management API||ToR switch management, Distributed Cloud Edge machine management||TCP||443|
|Remote Kubernetes control plane||Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes||TCP||6443|
|Kubernetes Konnectivity proxy||Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes||TCP||8132, 8133, 8134|
|Monitoring service||Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes||TCP||443|
|Logging service||Distributed Cloud Edge machine management, Distributed Cloud Edge Nodes||TCP||443|
|Cloud VPN and Virtual Private Cloud data plane||Distributed Cloud Edge Nodes||UDP (ESP, IKE)||500, 4500|
Distributed Cloud Edge workload traffic
Your network administrator must also configure additional firewall rules to allow traffic to and from the workloads deployed on your Distributed Cloud Edge Clusters.
If you deploy Distributed Cloud Edge behind a NAT gateway and you have additional firewalling configured on your WAN gateways that filter or block inbound UDP traffic, the Cloud VPN connectivity required by Distributed Cloud Edge might be affected. In such cases, you must allow inbound Cloud VPN UDP traffic from the Cloud VPN IP address ranges.
For example, you need to allow inbound UDP traffic from source IP ranges
188.8.131.52/16 with the source port matching
4500 (IKE/ESP). If your firewall solution
requires a more exact configuration, set the destination IP address range to match the IP address range of
the Distributed Cloud Edge Nodes subnetwork. If your firewall is upstream of your NAT gateway,
set the destination IP address range to the NAT gateway's public IP address.
Google remotely monitors the Distributed Cloud Edge hardware. If you encounter an issue, contact Support to file a ticket. If Google detects a hardware failure, we will schedule a visit to your installation site. A Google-certified technician will work with you to coordinate the visit and make the required repairs.
- Order Distributed Cloud Edge
- How Distributed Cloud Edge works
- Deploy workloads on Google Distributed Cloud Edge
- Security best practices
- Availability best practices
- Network Function operator