Before starting, you need the following:
- A MATLAB® Production Server™ license that meets the following conditions:
- Linked to a MathWorks Account.
- Concurrent license type. To check your license type, see MathWorks License Center.
- Configured to use a network license manager on the virtual network. By default, the deployment of MATLAB Production Server includes a network license manager, but you can also use an existing license manager. In either case, activate or move the license after deployment. For details, see Configure MATLAB Production Server License for Use on the Cloud.
- An Amazon Web Services™ (AWS) account.
- A Key Pair for your AWS account in the US East (N. Virginia), US West (Oregon), EU (Ireland) or Asia Pacific (Tokyo) region. For more information, see Amazon EC2 Key Pairs.
You are responsible for the cost of the AWS services used when you create cloud resources using this guide. Resource settings, such as instance type, affect the cost of deployment. For cost estimates, see the pricing pages for each AWS service you will be using. Prices are subject to change.
The following guide will help you automate the process of running MATLAB
Production Server on the Amazon Web Services (AWS) Cloud. The automation is
accomplished using an AWS CloudFormation template. The template is a JSON
file that defines the resources required to deploy and manage MATLAB Production
Server on AWS. Once deployed, you can manage the server using the
MATLAB Production Server dashboard—a web-based interface to
configure and manage server instances on the cloud. For more information, see Manage MATLAB Production Server Using the Dashboard.
For information about the architecture of this solution, see Architecture and Resources. For information about AWS templates, see Working with AWS CloudFormation Templates.
The default MATLAB Production Server deployment template uses the Network License Manager for MATLAB reference architecture to manage MATLAB Production Server licenses. The template for using an exisitng VPC for the deployment provides an option to either deploy the Network License Manager or use your own license server. For more information about the Network License Manager for MATLAB reference architecture, see Network License Manager for MATLAB on Amazon Web Services.
- If you do not have an AWS account, create one at https://aws.amazon.com by following the on-screen instructions.
- In the top navigation, select the region where you want to deploy MATLAB Production Server. You must select one of these supported regions:
- US-East (N. Virginia)
- US-West (Oregon)
- Europe (Ireland)
- Asia Pacific (Tokyo)
- Create a key pair in that region. The key pair is necessary because it is the only way to connect to the instance as an administrator.
- If necessary, request a service limit increase for the Amazon EC2 instance type or VPCs. You might need to do this if you already have existing deployments that use that instance type or you think you might exceed the default limit with this deployment.
Click the Launch Stack button to deploy resources on AWS. This will open the AWS Management Console in your web browser.
| Release | Windows Server 2019 or Ubuntu 22.04 VM |
|---|---|
| MATLAB R2022b |  |
For other releases, see How do I launch a template that uses a previous MATLAB release?
-
Provide values for parameters in the Create Stack page:
Parameter Name Value Stack name Choose a name for the stack. After the deployment finishes, this name is displayed in the AWS console. Example: Boston
Server Number of Server VMs Choose the number of AWS instances to start for the server. Example: 6
For example, if you have a 24-worker MATLAB Production Server license and select
m5.xlarge(4 cores) as the Number of server VMs, you need 6 worker nodes to fully use the workers in your license.You can always underprovision the number instances, in which case you may end up using fewer workers than you are licensed for.
Server VM Type Choose the AWS instance type to use for the server instances. All AWS instance types are supported. For more information, see Amazon EC2 Instance Types. Example: m5.xlarge
Server VM Operating System Choose between Windows (Windows Server) and Linux (Ubuntu) to use for the server instances. Create Redis ElastiCache Choose whether you want to create a Redis ElastiCache service. Creating this service enables you to use the persistence functionality of the server. Persistence provides a mechanism to cache data between calls to MATLAB code running on a server instance. Deploy License Server Specify whether you want to deploy the Network License Manager for MATLAB. This parameter is available only if you use the deployment template for an existing VPC. You can deploy a license server only if your solution uses public IP addresses. If your solution uses private IP addresses, you must separately deploy a license server in a public subnet.
Dashboard Login Username for MATLAB Production Server Dashboard Specify the administrator username for logging in to the MATLAB Production Server Dashboard. Password for MATLAB Production Server and License Server Specify the password to use for logging in to MATLAB Production Server Dashboard and Network License Manager for MATLAB Dashboard. Confirm Password MATLAB Production Server and License Server Reenter the password to use for logging in to the MATLAB Production Server Dashboard and Network License Manager for MATLAB Dashboard. Network Name of Existing Key Pair Select the name of an existing EC2 Key Pair to allow access to all the VMs in the stack. For information about creating an Amazon EC2 key pair, see Amazon EC2 Key Pairs. Example: boston-keypair
Allow Connections from IP Address Specify the IP address range that is allowed to connect to the dashboard that manages the server. The format for this field is IP Address/Mask. Example: 10.0.0.1/32
- This is the public IP address, which can be found by searching for "what is my ip address" on the web. The mask determines the number of IP addresses to include.
- A mask of 32 is a single IP address.
- If you need a range of IP addresses, use a CIDR calculator.
- To determine which address is appropriate, contact your IT administrator.
Make Solution Available over Internet Choose 'Yes' if you want your solution to use public IP addresses. ARN of SSL Certificate Provide the Amazon Resource Name (ARN) of an existing certificate in the AWS Certificate Manager. This certificate enables secure HTTPS communication to the HTTPS server endpoint. For information on creating and uploading a self-signed certificate, see Create and sign an X509 certificate and Import SSL Certificate. Example: arn:aws:acm:us-east-1:12345:certificate/123456789012
Note: Make sure you select US East (N.Virginia), EU (Ireland) or Asia Pacific (Tokyo) as your region from the navigation panel on top. Currently, US East, EU (Ireland), and Asia Pacific (Tokyo) are the only supported regions.
-
Review or edit your stack details. You must select the acknowledgements to create IAM resources. Otherwise, the deployment produces a
Requires capabilities : [CAPABILITY_IAM]error and fails to create resources.When you are satisfied with your stack configuration, click Create stack. AWS starts creating the resources for your server environment and opens you to the Events tab for the stack.
Note: Resource creation can take up to 20 minutes. After resource creation, it can take up to 15 minutes for the resources to be active.
- On the Events tab for your stack, wait for the status to reach CREATE_COMPLETE.
- On the Outputs tab, in the row for the
MatlabProductionServerLicenseServerkey, click the corresponding URL listed under Value to open the Network License Manager for MATLAB Dashboard login page. - Log in to the Network License Manager for MATLAB Dashboard.
- The username is manager.
- For the password, enter the password that you entered in the Dashboard Login section while creating the stack.
- Upload your MATLAB Production Server license by following the instructions in the dashboard.
Note: The Internet Explorer web browser is not supported for interacting with the dashboard.
- On the Outputs tab for your stack, in the row for the
MatlabProductionServerDashboardURLkey, click the corresponding URL listed under Value. This URL is the HTTPS endpoint to the MATLAB Production Server Dashboard and brings you to the dashboard login page. - Log in using the administrator username and password that you specified in the Dashboard Login section while creating the stack. For more information on how to use the dashboard, see Manage MATLAB Production Server Using the Dashboard.
You are now ready to use MATLAB Production Server on AWS.
To run applications on MATLAB Production Server, you need to create applications using MATLAB Compiler SDK. For more information, see Create Deployable Archive for MATLAB Production Server.
Once you finish using your stack, to avoid incurring further cost, it is recommended that you delete all resources.
If you are using an existing license server, and have added the security group of the server VMs to the security group of the license server, you must delete the inbound rules before you delete the stack.
- In the AWS management console, select the stack that you deployed.
- On the details page your stack, click the Resources tab.
- In the Logical ID named
SecurityGroup, click the corresponding URL listed under Physical ID to open the security group details. - On the Inbound Rules tab, click Edit Inbound Rules.
- For each rule that has the Source tag set to
matlab-production-server-cloud-stack-elb-1-sg, click Delete Rule. - Click Save Rules.
To delete the stack, do the following:
- Log in to the AWS Console.
- Go to the AWS Cloud Formation page and select the stack that you created.
- Click Delete.
If you do not want to delete the entire deployment but want to minimize the cost, you can bring the number of instances in the Auto Scaling Group down to 0 and then scale it back up when the need arises.
The Network License Manager for MATLAB reference architecture manages the MATLAB Production Server license file. The deployment templates for the MATLAB Production Server reference architecture provide an option to deploy the license manager. You can also use an existing license manager that is located in the same VPC and security group as the MATLAB Production Server instances. For more information about the Network License Manager for MATLAB reference architecture, see Network License Manager for MATLAB.
NOTE: For a new license manager deployed with MATLAB Production Server, the license manager MAC address is available only after the deployment to the cloud is complete. For information on deploying the solution, see Deployment Steps.
To get the MAC address of the license manager:
- Log in to the Network License Manager for MATLAB Dashboard. For a license manager deployed with the MATLAB Production Server deployment, use the following credentials:
Username: manager
Password: Enter the password that you specified during the deployment process. - Click Administration and then License.
- Copy the license server MAC address displayed at the top.
Deploying this reference architecture creates several resources in your resource group.
Architecture on AWS
| Resource Type | Number of Resources | Description |
|---|---|---|
| AWS EC2 Instance | 2 | This resource consists of two virtual machines (VMs):
|
| Auto Scaling Group | 1 | Manages the number of identical VMs to be deployed. Each VM runs an instance of MATLAB Production Server which in turn runs multiple MATLAB workers. |
| Load Balancer | 2 | Provides routing and load balancing services to MATLAB Production Server instances. The MATLAB Production Server Dashboard retrieves the HTTPS endpoint for making requests to the server from the load balancer resource. |
| S3 Bucket | 1 | S3 storage bucket created during the creation of the stack. This resource stores the applications deployed to the reference architecture. |
| Virtual Private Cluster (VPC) | 1 | Enables resources to communicate with each other. |
| Redis ElastiCache | 1 | Enables caching of data between calls to MATLAB code running on a server instance. |
| CloudWatch | 1 | Enables viewing of logs. |
Use the following template to launch the reference architecture within an existing VPC and subnet. The templates provide an option to deploy the Network License Manager for MATLAB to manage MATLAB Production Server licenses. The license manager must be in the same VPC and security group as MATLAB Production Server.
| Release | Windows Server 2019 or Ubuntu 22.04 VM |
|---|---|
| R2022b | |
In addition to the parameters specified in the section Configure Stack, to use your existing VPC, specify these template parameters:
| Parameter | Value |
|---|---|
| Existing VPC ID | ID of your existing VPC. |
| IP address range of existing VPC | IP address range from the existing VPC. To find the IP address range:
|
| Subnet 1 ID | ID of an existing subnet that will host the dashboard and other resources. |
| Subnet 2 ID | ID of an existing subnet that will host the application load balancer. |
- If Subnet 1 and Subnet 2 are public, then you must connect the EC2 VPC endpoint and the AutoScaling VPC endpoint to the VPC.
- If Subnet 1 and Subnet 2 are private, then you must either deploy a NAT gateway in the VPC, or connect all of these endpoints to the VPC:
- EC2 VPC endpoint
- AutoScaling VPC endpoint
- S3 VPC endpoint
- CloudFormation endpoint
For more information about creating endpoints, see the AWS documentation.
You also need to open these ports in your VPC:
| Port | Description |
|---|---|
443 |
Required for communicating with the dashboard and the MATLAB execution endpoint. |
8000, 8002, 9910 |
Required for communication between the dashboard and workers within the VPC. These ports do not need to be open to the Internet. |
27000, 50115 |
Required for communication between the Network License Manager and the workers. |
22, 3389 |
Required for Remote Desktop functionality. This can be used for troubleshooting and debugging. |
To use an existing license server, select No for the Deploy License Server step of the deployment. You must also add the security group of the server VMs to the security group of the license server.
- In the AWS management console, select the stack that you deployed.
- In the stack details page, click Resources.
- In the Logical ID named
SecurityGroup, click the corresponding URL listed under Physical ID to open the security group details. - Click the Inbound Rules tab, and then click Edit Inbound Rules.
- Click Add Rule.
- In the Type dropdown, select
All TCP. - Under Source, search and add the
MatlabProductionServerCloudStackElb1Sgsecurity group. - Click Save Rules.
You must also add the private IP address of the license server to the License Server property in the Settings tab of the dashboard.
You can find the IP address of the license server from the AWS management console.
- In the AWS management console, navigate to the EC2 dashboard.
- Select the license server instance.
- In the instance details, copy the value of Private IPs. For example: 172.30.1.126
- Add the private IP to the
License Serverproperty. For example:27000@172.30.1.126
| Release | Windows Server / Ubuntu |
|---|---|
| MATLAB R2022a | |
| MATLAB R2021b | |
| MATLAB R2021a | |
| MATLAB R2020b | |
| MATLAB R2020a | |
For more information, see previous releases.
| Release | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime | MATLAB Runtime |
|---|---|---|---|---|---|---|---|---|---|---|---|
| MATLAB R2020a | R2017b | R2018a | R2018b | R2019a | R2019b | R2020a | |||||
| MATLAB R2020b | R2018a | R2018b | R2019a | R2019b | R2020a | R2020b | |||||
| MATLAB R2021a | R2018b | R2019a | R2019b | R2020a | R2020b | R2021a | |||||
| MATLAB R2021b | R2019a | R2019b | R2020a | R2020b | R2021a | R2021b | |||||
| MATLAB R2022a | R2019b | R2020a | R2020b | R2021a | R2021b | R2022a | |||||
| MATLAB R2022b | R2020a | R2020b | R2021a | R2021b | R2022a | R2022b |
Why do requests to the server fail with errors such as “untrusted certificate” or “security exception”?
These errors occur either when CORS is not enabled on the server or when the server endpoint uses a self-signed certificate.
If you are making an AJAX request to the server, make sure that CORS is enabled in the server configuration. You can enable CORS by editing the property CORS Allowed Origins property in the Settings tab of the dashboard.
Also, some HTTP libraries and JavaScript AJAX calls will reject a request originating from a server that uses a self-signed certificate. You may need to manually override the default security behavior of the client application. Alternatively, you can add a new HTTPS endpoint to the application gateway. For more information, see Change SSL Certificate.
The deployment template allows you to enter only one range of IP addresses that can access the dashboard. After the deployment is complete, you can allow additional IP ranges access to the dashboard. For details, see Update security group rules in the AWS documentation.
The name of the security group to update is matlab-production-server-cloud-stack-elb-1-sg. Edit inbound rules to add additional IP address ranges in CIDR format for the HTTPS type.
Provide suggestions for additional features or capabilities using the following link: https://www.mathworks.com/solutions/cloud.html
If you require assistance or have a request for additional features or capabilities, please contact MathWorks Technical Support.