Hardware lifecycle overview

This page provides a high-level overview of the end-to-end journey of your Google Distributed Cloud connected hardware, from the initial order to a fully functional deployment on your premises.

The process is divided into three phases:

1. Ordering
2. Delivery and physical installation
3. Bring-up and configuration

Ordering

In the ordering phase, you plan your deployment, define your requirements, and place your order.

1. Plan your configuration: Work with your network administrator and Google representatives to determine your hardware and network requirements.

   • Choose a procurement model, which can be sourced from Google or a Google-certified systems integrator (SI).
   • Select a G1 or G2 server hardware variant based on your workload requirements.
   • Plan your space, power, and cooling requirements.
   • Allocate necessary IP address blocks for machine management, Kubernetes nodes, and control plane virtual IP addresses (VIPs). Ensure that your IP address allocations are accurate. You cannot change these network configurations after the hardware is deployed.

2. Validate connectivity: Run the network connectivity validation tool on your local network to ensure that it meets all requirements for Domain Name System (DNS), Network Time Protocol (NTP), firewalls, and bandwidth.

3. Place the order: Use the Google Cloud console or the GDC Hardware Management API to submit your order in your target project. The order includes contact information, site details, hardware configuration, and network configuration.

4. Order review and contract: A Google representative reviews your order, helps finalize the configuration, and works with you to sign the contract. After the order is accepted, the order state changes to ACCEPTED.

For more information, see Order hardware.

Delivery and physical installation

In this phase, Google or a Google-certified systems integrator prepares and delivers the hardware and installs it at your site.

1. Hardware building: Google or the systems integrator builds and preconfigures the physical machines based on your order details. The order state transitions to BUILDING.

2. Shipping: The hardware is shipped to your site. The order state transitions to SHIPPING.

3. On-site installation:

   • A field technician from Google or the systems integrator arrives at your site.
   • The technician mounts the hardware in your rack or sets up the chassis.
   • Your network administrator works with the technician to connect the hardware to the power source and your local network, specifically the top-of-rack switches.
   • The technician activates the hardware. The order state transitions to INSTALLING. Ensure that your upstream Border Gateway Protocol (BGP) sessions and firewalls are configured before the technician starts activation, or the process will fail to complete.

4. Verification: After the hardware is installed and connected, the machines boot up and establish a secure VPN connection to Google Cloud.

   • Verify that the machines are registered and visible in the Edge Zones menu in the Google Cloud console.
   • Alternatively, use the gcloud edge-cloud container machines list command to verify their status.

After verification is complete, the order state transitions to COMPLETED.

Bring-up and configuration

In this phase, your cluster administrator configures the software environment, creates clusters, and prepares the platform for workloads.

1. Set up the Google Cloud project:

   • Enable the required Google Cloud APIs, such as edgecontainer.googleapis.com, edgenetwork.googleapis.com, and gkehub.googleapis.com.
   • Create Google service accounts for specific functions, such as image pulling and external secrets.

2. Create a cluster: Use the gcloud edge-cloud container clusters create command to provision a cluster on the deployed machines. It can take an hour or more to download and install the necessary software.

3. Configure networking: Initialize the zone network and create VLAN subnetworks as required for your workloads. Distributed Cloud connected restricts direct access to the pod network. To enable communication with your local network, attach your workloads, especially virtual machines, to these L2 VLAN subnetworks.

4. Configure access:

   • Configure cluster access. Google recommends that you use Connect gateway as the primary access method to leverage Identity and Access Management. You can also configure local credentials for local administration.
   • Configure Kubernetes Role-Based Access Control (RBAC) to grant access to other administrators or developers.

5. Configure platform services: Google provides and manages the lifecycle of the system operators for storage, secrets, and GitOps. Configure these services for your use:

   • Storage: To enable persistent storage, apply your Symcloud Storage license, which you obtain from Google Cloud Marketplace. You only apply the license. Google manages the underlying storage operator and storage pools.
   • Secrets: Set up External Secrets Operator to sync secrets from Secret Manager.
   • GitOps: Configure Config Sync to manage cluster state and deploy workloads from a Git repository.

The platform is now ready. You can deploy workloads, including containers and virtual machines, to the cluster.

Summary of responsibilities

Action	Primary responsibility	Collaborators
Planning and ordering	Customer network administrator	Google sales and engineering
Hardware provisioning	Google or the systems integrator	None
Delivery and physical installation	Field technician	Customer network administrator and site contact
Google Cloud project configuration	Customer cluster administrator	None
Cluster creation and bring-up	Customer cluster administrator	None
Workload deployment	Customer application owner	Customer cluster administrator

What's next

• Installation requirements
• Order hardware
• Create and manage clusters