Before you order Gemini on Google Distributed Cloud connected API, you must meet the installation requirements described in this document. For additional information, see Getting Support.
Certified hardware
Before you order Gemini on GDC connected API, you must procure certified hardware matching the exact configuration described in this section. This configuration is for a single Google-certified machine.
Item | Dell SKU | Quantity |
---|---|---|
PowerEdge XE9680, DSS RESTRICTED | 210-BHYV | 1 |
2.5 Chassis | 379-BDTF | 1 |
Trusted Platform Module 2.0 V3 | 461-AAIG | 1 |
XE9680 6U Chassis with 8 GPU 8 x 2.5 NVMe Only | 321-BIEK | 1 |
Intel Xeon Platinum 8592+ 1.9G, 64C/128T, 20GT/s, 320M Cache, Turbo, HT (350W) DDR5-5600 | 338-CPBP | 1 |
Intel Xeon Platinum 8592+ 1.9G, 64C/128T, 20GT/s, 320M Cache, Turbo, HT (350W) DDR5-5600 | 338-CPBP | 1 |
Additional Processor Selected | 379-BDCO | 1 |
Riser Config 2 | 330-BCHH | 1 |
Heatsink for 2 CPU Configuration | 412-BBCN | 1 |
Performance Optimized | 370-AAIP | 1 |
5600MT/s RDIMMs | 370-BBRX | 1 |
C30, No RAID for NVME chassis | 780-BCDO | 1 |
No Controller | 405-AACD | 1 |
Performance BIOS Settings | 384-BBBL | 1 |
UEFI BIOS Boot Mode with GPT Partition | 800-BBDM | 1 |
Very High Performance Fan x6 | 750-ADGJ | 1 |
3+3 FTR (GPU Power Brake Enabled), Hot-Plug PSU, 2800W MM HLAC (200-240Vac) Titanium, C22 Connector | 450-AMMN | 1 |
XE9680 System Motherboard, MX, MLK | 338-CPWL | 1 |
PowerEdge 2U LCD Bezel | 325-BETK | 1 |
NVIDIA HGX H200 8-GPU SXM 141GB 700W GPUs Assembly | 490-BKHF | 1 |
BOSS-N1 controller card + with 2 FIPS M.2 960GB (RAID 1) | 403-BCVH | 1 |
XE9680 BOSS Cable | 470-AFNO | 1 |
No OCP 3.0 mezzanine NIC card | 412-AASK | 1 |
No Operating System, No Utility Partition | 611-BBBG | 1 |
iDRAC9, Datacenter 16G | 528-CTID | 1 |
iDRAC Secure Enterprise Key Manager License 2.0 | 634-BZIL | 1 |
Secured Component Verification | 528-COYT | 1 |
iDRAC,Factory Generated Password | 379-BCSF | 1 |
iDRAC Service Module (ISM), NOT Installed | 379-BCQX | 1 |
iDRAC Group Manager, Disabled | 379-BCQY | 1 |
XE9680 Rack Rail Cable Management Arm | 770-BEPB | 1 |
XE9680 Sliding Ready Rail (B28) | 770-BEPC | 1 |
PowerEdge XE9680, Shipping | 340-DDBX | 1 |
PowerEdge XE9680 CE Marking, No CCC Marking | 389-EFKE | 1 |
XE9680 Shipping Material | 343-BBXC | 1 |
Enterprise Program Management Support | 973-3700 | 1 |
Basic Next Business Day 36 Months | 709-BFTF | 1 |
RESTRICTED:ProSupport One Data Center and Next Business Day Onsite Service Vol Low Ext, 24 Month(s) | 199-BTKS | 1 |
RESTRICTED:ProSupport One Data Center and Next Business Day Onsite Service Vol Low Init, 36 Month(s) | 199-BTKT | 1 |
Keep Your Hard Drive For Enterprise, 60 Month(s) | 711-BCXN | 1 |
ProDeploy Plus PowerEdge XE Series 5U6U | 683-BDSB | 1 |
Infrastructure Deployment Selected | 701-6538 | 1 |
128GB RDIMM, 5600MT/s, Quad Rank | 370-BBQY | 16 |
800G Data Center NVMe Mixed Use AG Drive U2 Gen4 with carrier | 400-BRPJ | 1 |
C20 to C21, PDU Style, 16 AMP, 8 Feet, Power Cord | 450-AGXK | 6 |
Broadcom 5720 Dual Port 1GbE LOM | 540-BDKD | 1 |
Mellanox ConnectX-6 DX Dual Port 100GbE QSFP56 Network Adapter, Full Height | 540-BCXO | 2 |
Size and weight
Each Google-certified machine is 6U in height and has the following dimensions:
- Height: 263.2 mm (10.36")
- Width: 482.0 mm (18.97")
- Depth: 1008.77 mm (39.71") including front bezel
Each Google-certified machine weights 113.3 kg (249.78 lbs).
Power and cooling
Each Google-certified machine has the following electrical specifications:
- Voltage: 100V to 240V AC, 50/60Hz
- Power: 11,000W maximum
Your facility must have adequate cooling to support one (1) Google-certified machine for each deployment of Gemini on GDC connected API.
Networking
This section describes the networking requirements for deploying Gemini on GDC connected API.
Network connectivity
Figure 1 illustrates Gemini on GDC connected API networking.
You must meet the following network connectivity requirements to deploy Gemini on GDC connected API:
Prepare a Top-of-Rack (ToR) switch that supports Quad Small Form-factor Pluggable (QFSP) 100 gigabit optical connectivity.
Allocate a minimum of one QFSP 100 gigabit optical port on the ToR switch per Google-certified machine; however, Google recommends allocating two QFSP 100G optical ports per machine for high availability. Each of these ports requires QSFP-100G-SR4-S cabling.
If allocating two ports per machine, connect both ToR switch ports to the same Mellanox CX-6 network adapter on each machine.
An internet connection with a minimum bandwidth of 1 Gbps downstream and 100 Mbps upstream.
Make the following network connections for each Google-certified machine:
Connect one or both of the QFSP 100 gigabit ports on the Mellanox CX-6 network adapter on the machine to your ToR switch. These ports handle the high-speed traffic for the Gemini on GDC connected API and the Distributed Cloud connected software.
Connect the integrated Dell Remote Access Controller (iDRAC) port on the machine to a separate Layer 2 switch. This is required for machine management.
Connect the management switch and ToR switch at Layer 2.
Network configuration
Configure your local network as follows to deploy Gemini on GDC connected API:
- Allocate a dedicated untagged VLAN configured with a Maximum Transmission Unit (MTU) size of 1500 bytes.
- Allocate a private /26 IPv4 CIDR address block for workload connectivity.
- Configure northbound connectivity for the VLAN using BGP peering; advertise the assigned /26 CIDR block to the upstream network.
- Provision the VLAN with a default route to the upstream network and the internet.
- A Dynamic Host Configuration Protocol (DHCP) server that can assign IPv4 addresses to the Google-certified machines for bootstrapping. The addresses in this DHCP block must be the last /29 section of the workload connectivity IPv4 CIDR address block.
ToR switch configuration
Configure your ToR switch as follows:
- Enable DHCPv4 and DNS support on the port(s) allocated to Gemini on GDC connected API machines.
- Configure a private /26 IPv4 CIDR block on the dedicated, untagged VLAN with an MTU of 1500 bytes.
- Allocate the first IPv4 address in the CIDR block as the network gateway.
- Ensure the rest of the IPv4 addresses in the CIDR block are free; Gemini on GDC connected API allocates them automatically for system functions, services, and local model endpoints.
DHCP server configuration
Configure the DHCP server for Gemini on GDC connected API machines as follows:
- The DHCP server must be reachable from all ToR switch ports connected to Gemini on GDC connected API machines.
- Reserve the last /29 segment of the /26 IPv4 CIDR block you've allocated to Gemini on GDC connected API machines for DHCP assignments and configure the DHCP server to use this /29 segment as a DHCP address pool.
Firewall configuration
Configure your local firewall to allow Gemini on GDC connected API traffic as follows:
Name | Source IP address | Destination anycast IP address | Protocol | Port |
---|---|---|---|---|
GDC connected management (TCP), attestation service, recitation check service, model downloads | GDCc Zone CIDR (/26) | Google IP ranges | TCP | 443 |
GDC connected management (UDP) | GDCc Zone CIDR (/26) | Google IP ranges | UDP | 443 |
Domain Name Service (DNS) | GDCc Zone CIDR (/26) | Google DNS: 8.8.8.8 , 8.8.4.4 |
UDP | 53 |
Network Time Protocol (NTP) | GDCc Zone CIDR (/26) | Google NTP: 216.239.35.{0,4,8,12} |
UDP | 123 |
Intel TDX remote attestation | GDCc Zone CIDR (/26) | 4.255.75.174/32 |
TCP | 443 |
Intel TDX remote attestation API key
To enable attestation of the confidential virtual machines that serve your Gemini on GDC connected API endpoints, you must obtain an Intel TDX remote attestation API key and provide it to Google. To obtain the API key, complete the steps in this section.
Go to the Intel® Provisioning Certification Service for ECDSA Attestation page.
In the Get PCK Certificates section, click Subscribe.
Follow the displayed instructions to create an account and establish an Intel® SGX Provisioning Certification Service subscription.
In the Your subscriptions section of your account, find and note down the primary API key for your Intel® SGX Provisioning Certification Service subscription.
Information to provide to Google
Provide the following information to Google:
Contact information for a person responsible for procuring and deploying the Google-certified machines.
The /26 IPv4 CIDR block you've allocated for your Google-certified machines.
The primary and secondary API keys for your Intel® SGX Provisioning Certification Service subscription.
The service tags for your Gemini on GDC connected API machines. For instructions, see Locating the Express Service Code and Service Tag.
The Physical Security IDentifiers (PSIDs) of non-boot disk drives in the Google-certified machines.
The project ID of the Google Cloud project that hosts your Distributed Cloud connected zone for Gemini on GDC connected API.
Validate the certified hardware
Before scheduling a visit from a Google technician, you must validate your certified hardware as follows:
Obtain the hardware validation script from your Google representative.
Install or live-boot Ubuntu Linux on the certified machine.
Run the hardware validation script on the certified machine.
Provide the output of the script to your Google representative.
What's next
To bring your Gemini on GDC connected API deployment online, do the following:
Receive and install the Gemini on GDC connected API certified hardware in your target location.
Configure your Gemini on GDC connected API environment as described earlier in this document.
Validate the certified hardware as described earlier in this document.
Coordinate with your Google representative to schedule a visit from a Google technician.
Complete the Google technician visit to install and configure the Gemini on GDC connected API software.
Complete the steps in Create and manage endpoints.