Installation requirements

Before you order Gemini on Google Distributed Cloud connected API, you must meet the installation requirements described in this document. For additional information, see Getting Support.

Certified hardware

Before you order Gemini on GDC connected API, you must procure certified hardware matching the exact configuration described in this section. This configuration is for a single Google-certified machine.

Item Dell SKU Quantity
PowerEdge XE9680, DSS RESTRICTED 210-BHYV 1
2.5 Chassis 379-BDTF 1
Trusted Platform Module 2.0 V3 461-AAIG 1
XE9680 6U Chassis with 8 GPU 8 x 2.5 NVMe Only 321-BIEK 1
Intel Xeon Platinum 8592+ 1.9G, 64C/128T, 20GT/s, 320M Cache, Turbo, HT (350W) DDR5-5600 338-CPBP 1
Intel Xeon Platinum 8592+ 1.9G, 64C/128T, 20GT/s, 320M Cache, Turbo, HT (350W) DDR5-5600 338-CPBP 1
Additional Processor Selected 379-BDCO 1
Riser Config 2 330-BCHH 1
Heatsink for 2 CPU Configuration 412-BBCN 1
Performance Optimized 370-AAIP 1
5600MT/s RDIMMs 370-BBRX 1
C30, No RAID for NVME chassis 780-BCDO 1
No Controller 405-AACD 1
Performance BIOS Settings 384-BBBL 1
UEFI BIOS Boot Mode with GPT Partition 800-BBDM 1
Very High Performance Fan x6 750-ADGJ 1
3+3 FTR (GPU Power Brake Enabled), Hot-Plug PSU, 2800W MM HLAC (200-240Vac) Titanium, C22 Connector 450-AMMN 1
XE9680 System Motherboard, MX, MLK 338-CPWL 1
PowerEdge 2U LCD Bezel 325-BETK 1
NVIDIA HGX H200 8-GPU SXM 141GB 700W GPUs Assembly 490-BKHF 1
BOSS-N1 controller card + with 2 FIPS M.2 960GB (RAID 1) 403-BCVH 1
XE9680 BOSS Cable 470-AFNO 1
No OCP 3.0 mezzanine NIC card 412-AASK 1
No Operating System, No Utility Partition 611-BBBG 1
iDRAC9, Datacenter 16G 528-CTID 1
iDRAC Secure Enterprise Key Manager License 2.0 634-BZIL 1
Secured Component Verification 528-COYT 1
iDRAC,Factory Generated Password 379-BCSF 1
iDRAC Service Module (ISM), NOT Installed 379-BCQX 1
iDRAC Group Manager, Disabled 379-BCQY 1
XE9680 Rack Rail Cable Management Arm 770-BEPB 1
XE9680 Sliding Ready Rail (B28) 770-BEPC 1
PowerEdge XE9680, Shipping 340-DDBX 1
PowerEdge XE9680 CE Marking, No CCC Marking 389-EFKE 1
XE9680 Shipping Material 343-BBXC 1
Enterprise Program Management Support 973-3700 1
Basic Next Business Day 36 Months 709-BFTF 1
RESTRICTED:ProSupport One Data Center and Next Business Day Onsite Service Vol Low Ext, 24 Month(s) 199-BTKS 1
RESTRICTED:ProSupport One Data Center and Next Business Day Onsite Service Vol Low Init, 36 Month(s) 199-BTKT 1
Keep Your Hard Drive For Enterprise, 60 Month(s) 711-BCXN 1
ProDeploy Plus PowerEdge XE Series 5U6U 683-BDSB 1
Infrastructure Deployment Selected 701-6538 1
128GB RDIMM, 5600MT/s, Quad Rank 370-BBQY 16
800G Data Center NVMe Mixed Use AG Drive U2 Gen4 with carrier 400-BRPJ 1
C20 to C21, PDU Style, 16 AMP, 8 Feet, Power Cord 450-AGXK 6
Broadcom 5720 Dual Port 1GbE LOM 540-BDKD 1
Mellanox ConnectX-6 DX Dual Port 100GbE QSFP56 Network Adapter, Full Height 540-BCXO 2

Size and weight

Each Google-certified machine is 6U in height and has the following dimensions:

  • Height: 263.2 mm (10.36")
  • Width: 482.0 mm (18.97")
  • Depth: 1008.77 mm (39.71") including front bezel

Each Google-certified machine weights 113.3 kg (249.78 lbs).

Power and cooling

Each Google-certified machine has the following electrical specifications:

  • Voltage: 100V to 240V AC, 50/60Hz
  • Power: 11,000W maximum

Your facility must have adequate cooling to support one (1) Google-certified machine for each deployment of Gemini on GDC connected API.

Networking

This section describes the networking requirements for deploying Gemini on GDC connected API.

Network connectivity

Figure 1 illustrates Gemini on GDC connected API networking.

Figure 1. Gemini on GDC connected API on Distributed Cloud connected networking.
Figure 1. Gemini on GDC connected API on Distributed Cloud connected networking.

You must meet the following network connectivity requirements to deploy Gemini on GDC connected API:

  • Prepare a Top-of-Rack (ToR) switch that supports Quad Small Form-factor Pluggable (QFSP) 100 gigabit optical connectivity.

  • Allocate a minimum of one QFSP 100 gigabit optical port on the ToR switch per Google-certified machine; however, Google recommends allocating two QFSP 100G optical ports per machine for high availability. Each of these ports requires QSFP-100G-SR4-S cabling.

  • If allocating two ports per machine, connect both ToR switch ports to the same Mellanox CX-6 network adapter on each machine.

  • An internet connection with a minimum bandwidth of 1 Gbps downstream and 100 Mbps upstream.

Make the following network connections for each Google-certified machine:

  • Connect one or both of the QFSP 100 gigabit ports on the Mellanox CX-6 network adapter on the machine to your ToR switch. These ports handle the high-speed traffic for the Gemini on GDC connected API and the Distributed Cloud connected software.

  • Connect the integrated Dell Remote Access Controller (iDRAC) port on the machine to a separate Layer 2 switch. This is required for machine management.

  • Connect the management switch and ToR switch at Layer 2.

Network configuration

Configure your local network as follows to deploy Gemini on GDC connected API:

  • Allocate a dedicated untagged VLAN configured with a Maximum Transmission Unit (MTU) size of 1500 bytes.
  • Allocate a private /26 IPv4 CIDR address block for workload connectivity.
  • Configure northbound connectivity for the VLAN using BGP peering; advertise the assigned /26 CIDR block to the upstream network.
  • Provision the VLAN with a default route to the upstream network and the internet.
  • A Dynamic Host Configuration Protocol (DHCP) server that can assign IPv4 addresses to the Google-certified machines for bootstrapping. The addresses in this DHCP block must be the last /29 section of the workload connectivity IPv4 CIDR address block.

ToR switch configuration

Configure your ToR switch as follows:

  • Enable DHCPv4 and DNS support on the port(s) allocated to Gemini on GDC connected API machines.
  • Configure a private /26 IPv4 CIDR block on the dedicated, untagged VLAN with an MTU of 1500 bytes.
  • Allocate the first IPv4 address in the CIDR block as the network gateway.
  • Ensure the rest of the IPv4 addresses in the CIDR block are free; Gemini on GDC connected API allocates them automatically for system functions, services, and local model endpoints.

DHCP server configuration

Configure the DHCP server for Gemini on GDC connected API machines as follows:

  • The DHCP server must be reachable from all ToR switch ports connected to Gemini on GDC connected API machines.
  • Reserve the last /29 segment of the /26 IPv4 CIDR block you've allocated to Gemini on GDC connected API machines for DHCP assignments and configure the DHCP server to use this /29 segment as a DHCP address pool.

Firewall configuration

Configure your local firewall to allow Gemini on GDC connected API traffic as follows:

Name Source IP address Destination anycast IP address Protocol Port
GDC connected management (TCP), attestation service, recitation check service, model downloads GDCc Zone CIDR (/26) Google IP ranges TCP 443
GDC connected management (UDP) GDCc Zone CIDR (/26) Google IP ranges UDP 443
Domain Name Service (DNS) GDCc Zone CIDR (/26) Google DNS: 8.8.8.8, 8.8.4.4 UDP 53
Network Time Protocol (NTP) GDCc Zone CIDR (/26) Google NTP: 216.239.35.{0,4,8,12} UDP 123
Intel TDX remote attestation GDCc Zone CIDR (/26) 4.255.75.174/32 TCP 443

Intel TDX remote attestation API key

To enable attestation of the confidential virtual machines that serve your Gemini on GDC connected API endpoints, you must obtain an Intel TDX remote attestation API key and provide it to Google. To obtain the API key, complete the steps in this section.

  1. Go to the Intel® Provisioning Certification Service for ECDSA Attestation page.

  2. In the Get PCK Certificates section, click Subscribe.

  3. Follow the displayed instructions to create an account and establish an Intel® SGX Provisioning Certification Service subscription.

  4. In the Your subscriptions section of your account, find and note down the primary API key for your Intel® SGX Provisioning Certification Service subscription.

Information to provide to Google

Provide the following information to Google:

  1. Contact information for a person responsible for procuring and deploying the Google-certified machines.

  2. The /26 IPv4 CIDR block you've allocated for your Google-certified machines.

  3. The primary and secondary API keys for your Intel® SGX Provisioning Certification Service subscription.

  4. The service tags for your Gemini on GDC connected API machines. For instructions, see Locating the Express Service Code and Service Tag.

  5. The Physical Security IDentifiers (PSIDs) of non-boot disk drives in the Google-certified machines.

  6. The project ID of the Google Cloud project that hosts your Distributed Cloud connected zone for Gemini on GDC connected API.

Validate the certified hardware

Before scheduling a visit from a Google technician, you must validate your certified hardware as follows:

  1. Obtain the hardware validation script from your Google representative.

  2. Install or live-boot Ubuntu Linux on the certified machine.

  3. Run the hardware validation script on the certified machine.

  4. Provide the output of the script to your Google representative.

What's next

To bring your Gemini on GDC connected API deployment online, do the following:

  1. Receive and install the Gemini on GDC connected API certified hardware in your target location.

  2. Configure your Gemini on GDC connected API environment as described earlier in this document.

  3. Validate the certified hardware as described earlier in this document.

  4. Coordinate with your Google representative to schedule a visit from a Google technician.

  5. Complete the Google technician visit to install and configure the Gemini on GDC connected API software.

  6. Complete the steps in Create and manage endpoints.