This section provides guidelines for configuring your VPC to work with Cloud Center. With EC2-VPC, instances run in a virtual private cloud (VPC) that is logically isolated to only one AWS account. MATLAB® Parallel Server™ for Amazon EC2® supports configurations with the Headnode and workers in the same subnet. You need Public IP addressing and internet access.
Create a VPC and subnet, if you do not have them already. You can create a simple VPC as follows:
Assign Classless Inter-Domain Routing (CIDR) block sizes that support a minimum of at least the number of IP addresses required for the maximum number of cluster machines you wish to create, plus 5. Amazon reserves the first four (4) IP addresses and the last one (1) IP address of every subnet for IP networking purposes. For example, if you wish to run at least 254 cluster machines, your CIDR block size must be at least /23. This allows for a maximum of 507 hosts after subtracting the five reserved for Amazon use. The table below illustrates some options. Also, your network engineering group can help you determine the CIDR blocks needed for your VPC and subnets.
|Maximum number of cluster machines desired||Suitable CIDR block|
Set the Enable DNS hostnames option to Yes to ensure that instances receive a DNS hostname. For more information, see Using DNS with Your VPC.
An internet gateway allows your instances to communicate with the internet. An internet gateway should be attached to your VPC.
The route tables control VPC networking. You must define a route to enable traffic destined for an IP address outside the VPC (0.0.0.0/0) to flow from the subnet to the Internet gateway.
The client machine must be able to make outgoing connections to any DNS name in the domain mathworks.com and in amazonaws.com on port 443 (https), or have a properly configured SSL capable proxy server that can contact those domains.
The client machine must be able to make outgoing connections to the cluster machines in the amazonaws.com domain directly on ports 27355 and 14350 to 14351 + 4*N, where N is the maximum number of workers on a single machine. For example, if there were 8 workers per machine, you should ensure that ports 14350 to 14383 can be contacted.
Note that ability to "make outgoing connections" means that the client machine must be able to instantiate a socket to the cluster. At a TCP level, this means that the initial SYN packet for the TCP/IP communication comes from the client. Most NAT and general firewalls allow this type of communication, but if you have more stringent rules, you might need to enable such outgoing communication.
You must connect the client and the cluster running in the cloud via "always
connected" TCP communications. Should a network device between the client computer and
the cluster reset the TCP stream, then any open interactive
parpool sessions will be shut down.
You must configure Cloud Center Cluster Access to allow connections from your computer's external IP address. In most local networks, policies in place mean that the public Internet address of the computer, as seen from other places on the Internet, differs from the local address. Contact your administrator or visit https://whatismyipaddress.com to determine the public Internet address of your computer.
Problems and Symptoms
Potential Causes and Solutions
Cluster startup fails due to timeout and no Cluster Start Messages are visible
Client is unable to connect to the cluster