Google Distributed Cloud air-gapped is a disconnected, sovereign, private cloud solution that enables customers to deploy traditional virtual machine (VM) workloads, container workloads, and consume Google-managed services like deep learning containers. Google Distributed Cloud (GDC) air-gapped appliance is a human-portable device that has Distributed Cloud deployed on it, for use outside of data centers, such as in the field or in other remote sites.
The device weighs about 100 lbs (~45.3 kg) and can be carried by two people. The device is not operational while it is moved from one location to the next. It might be moved on and off vehicles and might be subject to rougher treatment than in a data center. While the device is running, it might be in an uncontrolled environment subject to more temperature variations and dust than a data center, such as a tent or a repurposed building.
The device can run disconnected on an air-gapped customer network with access to other resources, or a local network without an uplink. It can also run connected to a network that is routable to a Distributed Cloud data center instance.
Differences between GDC air-gapped appliance and GDC air-gapped
There are several key differences between GDC air-gapped appliance and GDC air-gapped running in a data center.
Tenancy
Single tenancy is required as the appliance only has three nodes.
Storage
The nodes on the appliance operate as a hyperconverged system with each node providing compute and storage. There is no separate storage pool running a storage system as there is in GDC air-gapped. The appliance uses a different software-defined storage system than GDC air-gapped. The GDC air-gapped appliance storage system creates a storage pool with the disks in the compute nodes.
Networking
GDC air-gapped appliance devices have a different integration pattern with customer networks than data center devices. Data center devices are typically installed complete with a network configuration plan authored and implemented by networking professionals. GDC air-gapped appliance devices are typically brought to a location and plugged into an existing customer network. The network that the device is connected to changes as the device is moved from one location to another, which might impact both the host systems and guest workloads.
Hardware
GDC air-gapped appliance consists of a chassis that holds three blades and a switch. Customers must provide their own laptop to use as an admin workstation for installing the software and performing upgrades.
Software
GDC air-gapped appliance offers the following software and services:
Services
GDC air-gapped appliance provides the following services:
- Kubernetes Cluster Service for deploying containers
- Virtual machine hosting
- Machine learning using a Google-provided deep learning container
- Data analytics using a Google-provided Apache Spark container
Storage
GDC air-gapped appliance provides block and object storage with software-defined storage. Service-level integrations for containerized and virtual machine (VM) workloads are available.NTP server
GDC air-gapped appliance does not have a built-in NTP server, but customers can provide their own NTP server. The network switch can act as an NTP relay when there is an upstream NTP server. Customers can point the network NTP switch to a NTP server on the local network.
Data transfer and replication
GDC air-gapped appliance can transfer data to and from GDC air-gapped private clouds. As the devices are used in the field or remote locations, data might be required in the field while disconnected, and then transferred from the cloud to the device when connected.
User interface
GDC air-gapped appliance uses a similar user interface as GDC air-gapped, without the features that are not included in GDC air-gapped appliance.
Logging and observability
GDC air-gapped appliance keeps an audit log of system access events. This log does not require writing to special media such as write-once, read-many (WORM) compliant storage. The audit log manually syncs to GDC air-gapped when a connection is available and is stored in a common location with GDC air-gapped logs.
For broader logging and observability, raw system logs are available for the device logs and are accessible to administrators. Application Operators can use Kubernetes logging for their workloads.
Security and encryption
GDC air-gapped appliance includes a set of Yubikeys for disk encryption, shipped separately from the appliance. If the customer has a Hardware Security Module (HSM) available, the system supports storing keys in that HSM. This allows customer control of keys for encrypting data at rest.
Identity and access
GDC air-gapped appliance devices are delivered to the customer with an embedded Keycloak identity provider optionally installed with an administrator account. The credentials for this account have access to the root system credentials in a Kubernetes secret and are securely delivered to the customer. Users can also connect to a customer-provided external identity provider if available. Administrators can add additional users in Keycloak or their own identity provider and grant permissions in the GDC console.
HA and backup
GDC air-gapped appliance has limited high availability and redundancy for data storage.
Personas
The GDC air-gapped appliance architecture is hierarchical and consists of three tiers that map to the following personas:
- Infrastructure Operators install the system hardware and software and perform the initial configuration before delivering the device to customers.
- Platform Administrators finish the device setup and manage the system including authentication, networking, updates, and system configuration.
- Application Operators manage the workloads, applications, and projects using the same user interface as the Platform Administrator.
Personas are not roles but are collections of user roles mapped to specific permissions, which are assigned to individual users.
Support
The Cloud Support API might not be available for use with GDC air-gapped appliance. Consult your account manager for details.