Installation requirements

Before you order Gemini on Google Distributed Cloud connected API, you must meet the installation requirements described in this document. For additional information, see Getting Support.

Certified hardware

Before you order Gemini on GDC connected API, you must procure certified hardware matching the exact configuration described in this section. This configuration is for a single Google-certified machine.

Item Dell SKU Qty
PowerEdge XE9680, DSS RESTRICTED 210-BHYV 1
2.5 Chassis 379-BDTF 1
Trusted Platform Module 2.0 V5 461-AAIG 1
XE9680 6U Chassis with 8 GPU 8 x 2.5 NVMe Only 321-BIEK 1
Intel Xeon Platinum 8592+ 1.9G, 64C/128T, 20GT/s, 320M Cache, Turbo, HT (350W) DDR5-5600 338-CPBP 2
Additional Processor Selected 379-BDCO 1
Riser Config 2 330-BCHH 1
Heatsink for 2 CPU Configuration 412-BBCN 1
Performance Optimized 370-AAIP 1
5600MT/s RDIMMs 370-BBRX 1
128GB RDIMM, 5600MT/s, Dual Rank x4, 32Gb BASE 370-BCSR 16
C30, No RAID for NVME chassis 780-BCDO 1
No Controller 405-AACD 1
15.36TB Enterprise NVMe Read Intensive Opal Drive U.2 Gen4 with carrier, FIPs,Kioxia CM7-R, DSS RESTRICTED 345-BLPR 8
Performance BIOS Settings 384-BBBL 1
UEFI BIOS Boot Mode with GPT Partition 800-BBDM 1
Very High Performance Fan x6 750-ADGJ 1
3+3 FTR (GPU Power Brake Enabled), Hot-Plug PSU, 2800W MM HLAC (200-240Vac) Titanium, C22 Connector 450-AMMN 1
C20 to C21, PDU Style, 16 AMP, 8 Feet, Power Cord 450-AGXK 6
XE9680 System Motherboard, MX, MLK 338-CPWL 1
PowerEdge 2U LCD Bezel 325-BGHR 1
NVIDIA HGX H200 8-GPU SXM 141GB 700W GPUs Assembly 490-BKHF 1
Broadcom 5720 Dual Port 1GbE LOM 540-BDKD 1
Mellanox ConnectX-6 DX Dual Port 100GbE QSFP56 Network Adapter, Full Height 540-BCXO 2
BOSS-N1 controller card + with 2 FIPS M.2 960GB (RAID 1) Micron 7400 SEDs NVMe 403-BCVH 1
XE9680 BOSS Cable 470-AFNO 1
Broadcom 57414 Dual Port 10/25GbE SFP28, OCP NIC 3.0 540-BCOC 1
No Operating System, No Utility Partition 611-BBBG 1
iDRAC9, Datacenter 16G 528-CTID 1
iDRAC Secure Enterprise Key Manager License 2.0 634-BZIL 1
Secured Component Verification 528-COYT 1
iDRAC,Factory Generated Password 379-BCSF 1
iDRAC Service Module (ISM), NOT Installed 379-BCQX 1
iDRAC Group Manager, Disabled 379-BCQY 1
XE9680 Rack Rail Cable Management Arm 770-BEPB 1
XE9680 Sliding Ready Rail (B28) 770-BEPC 1
PowerEdge XE9680, Shipping 340-DDBX 1
PowerEdge XE9680 CE Marking, No CCC Marking 389-EFKE 1
XE9680 Shipping Material 343-BBXC 1
NOT NAC eligible 5A002.a 340-DMRF 1
Enterprise Program Management Support 973-3700 1
Heavy device requires lift-assist cart for onsite service; otherwise, delays or extra fees may apply 718-9227 1
Basic Next Business Day 36 Months 709-BFTF 1
RESTRICTED:ProSupport One Data Center and Next Business Day Onsite Service Vol Low Init, 36 Month(s) 199-BTKT 1
Keep Your Hard Drive For Enterprise, 36 Month(s) 711-BCXN 1
ProDeploy Plus PowerEdge XE Series 5U6U 683-BDSB 1

Size and weight

Each Google-certified machine is 6U in height and has the following dimensions:

  • Height: 263.2 mm (10.36")
  • Width: 482.0 mm (18.97")
  • Depth: 1008.77 mm (39.71") including front bezel

Each Google-certified machine weights 113.3 kg (249.78 lbs).

Power and cooling

Each Google-certified machine has the following electrical specifications:

  • Voltage: 100V to 240V AC, 50/60Hz
  • Power: 11,000W maximum

Your facility must have adequate cooling to support one (1) Google-certified machine for each deployment of Gemini on GDC connected API.

Networking

This section describes the networking requirements for deploying Gemini on GDC connected API. In addition to the Gemini on GDC connected API Google-certified machine, you must supply your own local machine, such as a laptop, to use during turn-up only. This is the Turn-up machine in Figure 1.

Network connectivity

Figure 1 illustrates Gemini on GDC connected API networking.

Figure 1. Gemini on GDC connected API on Distributed Cloud connected networking.
Figure 1. Gemini on GDC connected API on Distributed Cloud connected networking.

You must meet the following network connectivity requirements to deploy Gemini on GDC connected API:

  • Prepare a Top-of-Rack (ToR) switch that supports Quad Small Form-factor Pluggable (QFSP) 100 gigabit optical connectivity.

  • Allocate a minimum of one QFSP 100 gigabit optical port on the ToR switch per Google-certified machine; however, Google recommends allocating two QFSP 100G optical ports per machine for high availability. Each of these ports requires QSFP-100G-SR4-S cabling.

  • If allocating two ports per machine, connect both ToR switch ports to the same Mellanox CX-6 network adapter on each machine.

  • An internet connection with a minimum bandwidth of 1 Gbps downstream and 100 Mbps upstream.

Make the following network connections for each Google-certified machine:

  • Connect one or both of the QFSP 100 gigabit ports on the Mellanox CX-6 network adapter on the machine to your ToR switch. These ports handle the high-speed traffic for the Gemini on GDC connected API and the Distributed Cloud connected software.

  • Connect the integrated Dell Remote Access Controller (iDRAC) port on the machine to a separate Layer 2 switch. This is required for machine management.

  • For turn-up only:

    • Assign an IP address to the iDRAC port that is not part of the target Distributed Cloud connected zone CIDR block.

    • Establish network connectivity between the iDRAC and the turn-up machine as shown in Figure 1.

Network configuration

Configure your local network as follows to deploy Gemini on GDC connected API:

  • Allocate a dedicated untagged VLAN configured with a Maximum Transmission Unit (MTU) size of 1500 bytes.
  • Allocate a private /26 IPv4 CIDR address block for workload connectivity.
  • Configure northbound connectivity for the VLAN using BGP peering; advertise the assigned /26 CIDR block to the upstream network.
  • Provision the VLAN with a default route to the upstream network and the internet.
  • A Dynamic Host Configuration Protocol (DHCP) server that can assign IPv4 addresses to the Google-certified machines for bootstrapping. The addresses in this DHCP block must be the last /29 section of the workload connectivity IPv4 CIDR address block.

ToR switch configuration

Configure your ToR switch as follows:

  • Enable DHCPv4 and DNS support on the port(s) allocated to Gemini on GDC connected API machines.
  • Configure a private /26 IPv4 CIDR block on the dedicated, untagged VLAN with an MTU of 1500 bytes.
  • Allocate the first IPv4 address in the CIDR block as the network gateway.
  • Ensure the rest of the IPv4 addresses in the CIDR block are free; Gemini on GDC connected API allocates them automatically for system functions, services, and local model endpoints.

DHCP server configuration

Configure the DHCP server for Gemini on GDC connected API machines as follows:

  • The DHCP server must be reachable from all ToR switch ports connected to Gemini on GDC connected API machines.
  • Reserve the last /29 segment of the /26 IPv4 CIDR block you've allocated to Gemini on GDC connected API machines for DHCP assignments and configure the DHCP server to use this /29 segment as a DHCP address pool.

Firewall configuration

Configure your local firewall to allow Gemini on GDC connected API traffic as follows:

Name Source IP address Destination anycast IP address Protocol Port
Bootstrap GDCc Zone CIDR (/26) 192.178.76.0/23 TCP 80
GDC connected management (TCP), attestation service, recitation check service, model downloads GDCc Zone CIDR (/26) 216.239.{32,34,36,38}.223, 192.178.76.0/23 TCP 443
GDC connected management (gRPC, HTTPS) GDCc Zone CIDR (/26) 192.178.76.0/23 TCP 444
GDC connected management (QUIC) GDCc Zone CIDR (/26) 192.178.18.0/23 UDP 443
Domain Name Service (DNS) GDCc Zone CIDR (/26) Google DNS: 8.8.8.8, 8.8.4.4 TCP, UDP 53
Network Time Protocol (NTP) GDCc Zone CIDR (/26) Google NTP: 216.239.35.{0,4,8,12} UDP 123
Intel TDX remote attestation GDCc Zone CIDR (/26) 4.255.75.174 TCP 443

Intel TDX remote attestation API key

To enable attestation of the confidential virtual machines that serve your Gemini on GDC connected API endpoints, you must obtain an Intel TDX remote attestation API key and provide it to Google. To obtain the API key, complete the steps in this section.

  1. Go to the Intel® Provisioning Certification Service for ECDSA Attestation page.

  2. In the Get PCK Certificates section, click Subscribe.

  3. Follow the displayed instructions to create an account and establish an Intel® SGX Provisioning Certification Service subscription.

  4. In the Your subscriptions section of your account, find and note down the primary API key for your Intel® SGX Provisioning Certification Service subscription.

Information to provide to Google

Provide the following information to Google:

  1. Contact information for a person responsible for procuring and deploying the Google-certified machines.

  2. The /26 IPv4 CIDR block you've allocated for your Google-certified machines.

  3. The primary and secondary API keys for your Intel® SGX Provisioning Certification Service subscription.

  4. The service tags for your Gemini on GDC connected API machines. For instructions, see Locating the Express Service Code and Service Tag.

  5. The Physical Security IDentifiers (PSIDs) of non-boot disk drives in the Google-certified machines.

  6. The project ID of the Google Cloud project that hosts your Distributed Cloud connected zone for Gemini on GDC connected API.

Validate the certified hardware

Before scheduling a visit from a Google technician, you must validate your certified hardware as follows:

  1. Obtain the hardware validation Docker image from your Google representative.

  2. Install or live-boot Ubuntu Linux on the certified machine. This installation is used for pre-flight tasks only; Google replaces it with the Gemini on GDC connected API software once pre-flight is complete.

  3. Install the following packages:

  4. Load the hardware validator Docker image:

    docker load -i gdc_hw_validator.tar

  5. Specify the Distributed Cloud connected zone CIDR block:

    export IP_CIDR="ZONE_CIDR"

    Replace ZONE_CIDR with the zone's CIDR block.

  6. Run the hardware validation script on the certified machine as root:

    docker run --rm -t --privileged -v "$(pwd)":/output -v /sys/fs/cgroup:/sys/fs/cgroup:rw \ 
  --cgroupns=host --network=host -v /lib/modules:/lib/modules:ro -v /dev:/dev \ 
  -e IP_CIDR="$IP_CIDR" gdc_hw_validator

  7. Provide the JSON file generated by the script to your Google representative.

Enable the required APIs

You must enable the following APIs on your target Google Cloud project:

  • aiplatform.googleapis.com
  • anthos.googleapis.com
  • anthosaudit.googleapis.com
  • anthosgke.googleapis.com
  • cloudresourcemanager.googleapis.com
  • connectgateway.googleapis.com
  • compute.googleapis.com
  • container.googleapis.com
  • edgecontainer.googleapis.com
  • gdchardwaremanagement.googleapis.com
  • gkeconnect.googleapis.com
  • gkehub.googleapis.com
  • gkeonprem.googleapis.com
  • iam.googleapis.com
  • iamcredentials.googleapis.com
  • kubernetesmetadata.googleapis.com
  • logging.googleapis.com
  • monitoring.googleapis.com
  • multiclustermetering.googleapis.com
  • opsconfigmonitoring.googleapis.com
  • oslogin.googleapis.com
  • serviceusage.googleapis.com
  • stackdriver.googleapis.com
  • storage.googleapis.com
  • sts.googleapis.com

For information about enabling APIs, see Enabling services.

Set up a billing account

You must set up a billing account for your target Google Cloud project as described in Create a new self-serve Cloud Billing account.

What's next

To bring your Gemini on GDC connected API deployment online, do the following:

  1. Receive and install the Gemini on GDC connected API certified hardware in your target location.

  2. Configure your Gemini on GDC connected API environment as described earlier in this document.

  3. Validate the certified hardware as described earlier in this document.

  4. Coordinate with your Google representative to schedule a visit from a Google technician.

  5. Complete the Google technician visit to install and configure the Gemini on GDC connected API software.

  6. Complete the steps in Create and manage endpoints.