Configure AWS VPC for Cloud Center

This section provides guidelines for configuring your virtual private cloud (VPC) to work with Cloud Center. With Amazon^® Web Services (AWS^®), instances run in a VPC that is logically isolated to only one AWS account. For more information, see Getting Started With Amazon VPC.

You can use the default VPC provided with your AWS account. If you want to create another VPC, see Create a VPC on the AWS documentation website.

MATLAB^® Parallel Server™ for AWS supports configurations with the headnode and workers in the same subnet. Your VPC and Subnet need Public IP addressing and internet access.

Schematic of the connection between a Client Machine and MATLAB Parallel Server on AWS.

Connecting a Desktop Computer (Client Machine) to MATLAB Parallel Server Running on AWS

The client machine must be able to make outgoing connections to any DNS name in the domains mathworks.com and amazonaws.com on port 443 (https), or have a properly configured SSL capable proxy server that can contact those domains.
To access a MATLAB Parallel Server cluster from your client MATLAB, you must configure the firewall on the client to allow these outgoing connections.
TCP 27350 to 27358+4*N – For connecting to the job manager on the cluster headnode and connecting to the worker nodes for parallel pools. Calculate the required ports based on N, the maximum number of workers on any single node across the entire cluster.
TCP 443 – HTTPS access to (at least) *.mathworks and *.amazonaws.com.
TCP 22 – SSH access to cluster nodes.
You must connect the client and the cluster running in the cloud via "always connected" TCP communications. Should a network device between the client computer and the cluster reset the TCP stream, then any open interactive parpool sessions will be shut down.
If you do not enable Auto-Manage Cluster Access, you must configure Cloud Center Cluster Access to allow connections from your computer's external IP address. In most local networks, policies in place mean that the public Internet address of the computer, as seen from other places on the Internet, differs from the local address. Contact your administrator or visit https://whatismyipaddress.com to determine the public Internet address of your computer.

Troubleshooting

Problems and Symptoms	Potential Causes and Solutions
Cluster startup fails due to timeout and no Cluster Start Messages are visible	Verify the network access control list (ACL) associated with the cluster’s subnet allows all required inbound and outbound traffic. For more information regarding Network ACLs, see Amazon VPC User Guide. Verify the cluster’s VPC has an Internet gateway attached to enable cluster instances to communicate with the Internet. For more information on configuring an Internet gateway for your VPC, see Amazon VPC Internet Gateway. Verify that the cluster’s subnet route table enables traffic to be routed to the Internet. In a public subnet, this is ensured via a route to an Internet gateway. For information on configuring VPC route tables, see Amazon VPC Route Table. Verify that cluster instances are able to resolve the Fully Qualified Domain Names (FQDN) of all cluster instances. Ensure that the Dynamic Host Configuration Protocol (DHCP) Options Sets associated with the cluster’s VPC are configured correctly. For more information about configuring DHCP Options Sets, see Amazon VPC DHCP Options.
Client is unable to connect to the cluster	Ensure that the connectivity checker completes all tests successfully. Ensure that your network firewall allows outbound HTTP and HTTPS traffic to MathWorks and Amazon Web Services domains. Ensure that your network firewall allows outbound traffic on all required ports. Ensure that the cluster profile validation succeeds. This tool verifies connectivity from the client to the cluster instances. Ensure that your client machine's IP address is registered on the cluster access page in Cloud Center. See Manage Cluster Access for more details. Verify that the cluster is on-line.

Problems and Symptoms

Potential Causes and Solutions

Cluster startup fails due to timeout and no Cluster Start Messages are visible

Verify the network access control list (ACL) associated with the cluster’s subnet allows all required inbound and outbound traffic. For more information regarding Network ACLs, see Amazon VPC User Guide.
Verify the cluster’s VPC has an Internet gateway attached to enable cluster instances to communicate with the Internet. For more information on configuring an Internet gateway for your VPC, see Amazon VPC Internet Gateway.
Verify that the cluster’s subnet route table enables traffic to be routed to the Internet. In a public subnet, this is ensured via a route to an Internet gateway. For information on configuring VPC route tables, see Amazon VPC Route Table.
Verify that cluster instances are able to resolve the Fully Qualified Domain Names (FQDN) of all cluster instances. Ensure that the Dynamic Host Configuration Protocol (DHCP) Options Sets associated with the cluster’s VPC are configured correctly. For more information about configuring DHCP Options Sets, see Amazon VPC DHCP Options.

Client is unable to connect to the cluster

Ensure that the connectivity checker completes all tests successfully.
- Ensure that your network firewall allows outbound HTTP and HTTPS traffic to MathWorks and Amazon Web Services domains.
- Ensure that your network firewall allows outbound traffic on all required ports.
Ensure that the cluster profile validation succeeds. This tool verifies connectivity from the client to the cluster instances.
Ensure that your client machine's IP address is registered on the cluster access page in Cloud Center. See Manage Cluster Access for more details.
Verify that the cluster is on-line.

Configure AWS VPC for Cloud Center

Connecting a Desktop Computer (Client Machine) to MATLAB Parallel Server Running on AWS

Troubleshooting

See Also

Topics