Manage MATLAB Production Server (BYOL)

After you deploy a MATLAB® Production Server™ bring your own license (BYOL) environment in Azure®, use the MATLAB Production Server cloud console, which is a web-based interface to configure and manage the server in the cloud.

Connect and Login to Cloud Console

You can connect to the cloud console only after the deployment successfully creates your resource group in Azure. This workflow assumes that your solution uses public IP addresses.

Note

The Internet Explorer® web browser is not supported for interacting with the cloud console.

  1. In the Azure portal, click Resource groups.

  2. Select the resource group you created for this deployment.

  3. Select the resource labeled servermachine-public-ip. This resource contains the public IP address of the MATLAB Production Server cloud console.

  4. Copy the IP address from the IP address field.

  5. In your browser, connect to the cloud console using the IP address. For example, https://11.22.135.137.

  6. Use the administrator user name and password that you specified in Cloud Console Login step of the deployment process to log in.

View Information About Server Instances

To view information about the server instance virtual machines (VMs) deployed on Azure, click Home in the cloud console navigation menu.

Upload MATLAB Application

You can run an application on MATLAB Production Server that is created usingMATLAB Compiler SDK™. Upload the application using the cloud console.

  1. On the cloud console navigation menu, click Applications.

  2. Click +Upload Application.

  3. Click Browse CTF File, select the file, and click Upload.

For information on how to upload multiple applications, see Upload MATLAB Applications.

For information on how to create an application, see Create a Deployable Archive for MATLAB Production Server.

View HTTPS Server Endpoint

The Azure application gateway in the MATLAB Production Server (BYOL) deployment provides an HTTPS endpoint URL to make requests to the server. The HTTPS Server Endpoint in the Home tab in the cloud console specifies the HTTPS endpoint. Use this endpoint to execute MATLAB functions deployed to the server. For example, if the HTTPS server endpoint for your server is https://mpst4ezclcdtlcay.eastus.cloudapp.azure.com, to use the MATLAB Production Server RESTful API to execute a MATLAB function mymagic located in a deployed application myapp, use the URL https://mpst4ezclcdtlcay.eastus.cloudapp.azure.com/myapp/mymagic.

For more information on working with the self-signed SSL certificate and managing cookies set by the application gateway, see Execute MATLAB Functions on MATLAB Production Server (BYOL).

Edit Server Configuration

You can edit the MATLAB Production Server configuration properties.

  1. On the cloud console navigation menu, select Administration > Server Configuration.

  2. Find the server property you want to change and enter the appropriate value. To assign a value to a property that has been commented out, remove the hash symbol and assign a value.

Following are some examples of server configuration properties.

  • To allow requests from specific domains, set the cors-allowed-origins property.

    --cors-allowed-origins http://www.w3.org, https://www.apache.org

  • To set the number of MATLAB Production Server workers to 4, set the num-workers property.

    --num-workers 4

    Note

    When setting the num-workers property, carefully consider your cluster setup. Each VM in the cluster runs an instance of MATLAB Production Server and each instance runs multiple MATLAB Production Server workers. Using 1 core per MATLAB Production Server worker is recommended. For example, if the server size is set to Standard_D4s_v3 Server, which specifies 4 cores, set num-workers be no more than 4 workers per instance.

Edit the Azure Cache for Redis Configuration

MATLAB Production Server uses Redis™ for data persistence. Persistence allows caching of data between calls to MATLAB code running on a server instance.

To use the Azure Cache for Redis from your deployment, you must specify certain parameters in the configuration. To edit the Azure cache for Redis configuration, in the cloud console navigation menu, select Administration > Persistence Configuration.

Specify the cache configuration in JSON format as follows.

{
  "Connections": {
    "<connection_name>": {
      "Provider": "Redis",
      "Host": "<hostname>",
      "Port": <port_number>,
      "Key": <access_key>
    }
  }
}

ValueDescription
<connection_name>

Specify a name for the connection to the persistence service. Use this name in MATLAB code to pass data to the cache.

<hostname> and <port_number>

Specify the host name and port number for the Azure Cache for Redis from the Azure portal. The port number has to be a non-SSL port. To retrieve the host name and port number, follow these steps.

  • Log in to your Azure portal and select the resource group associated with the deployment.

  • Select the Azure Cache for Redis resource within the resource group. This resource usually has the name vmss<uniqueID>redis.

  • Select Overview and copy the values listed under Host name and under Ports.

You can also use an Azure Cache for Redis that you create outside of this deployment. The steps to retrieve the host name and port number are the same.

<access_key>

If you use Azure Cache for Redis for persistence, you must specify an access key. To retrieve an access key to connect to an Azure cache for Redis resource, follow these steps.

  • Log in to your Azure portal and select the resource group associated with this deployment.

  • Select the Azure Cache for Redis resource within the resource group. This resource usually has the name vmss<uniqueID>redis.

  • Select Access Keys from the left pane.

  • In the resulting pane, copy the access key string listed under Primary.

Creating a persistence service takes 3 minutes on a Windows® VM. For more information on using a data cache, see Use a Data Cache to Persist Data.

Get the License Server MAC Address

You can get the license server MAC address only after deploying the solution to the cloud. You need a fixed MAC address to get a license file from the MathWorks® License Center.

  1. In the cloud console navigation menu, select Administration > License.

  2. Copy the license server MAC address displayed at the top.

Upload License File

You can upload the license file only after provisioning the cloud resources. You can use MATLAB Production Server on Azure only after you upload a license file.

  1. In the cloud console navigation menu, select Administration > License.

  2. Click Browse License File and select your license file.

  3. Click Upload.

Upload an SSL Certificate

You can change the self-signed SSL certificate to the HTTPS endpoint that lets you connect to the cloud console. The server automatically restarts after uploading a certificate. You need to log out and log back in. When you upload a new certificate, you lose all pending requests.

  1. In the cloud console navigation menu, select Administration > HTTPS Certificate.

  2. Click Browse Certificate and select a certificate file. The solution supports PFX files only.

  3. Enter the certificate password in the Certificate Password field.

  4. Click Upload.

Set Up Authentication Using Azure Active Directory

MATLAB Production Server uses Azure Active Directory® (Azure AD) to provide an identity to each user. To use Azure AD, you must specify the following:

  • Access control configuration file

  • Access control policy file

  1. In the cloud console navigation menu, select Administration > Azure AD.

  2. Enter the details of each file and click Save and Apply Configuration.

  3. Edit Server Configuration and enable the option access-control-provider.

Sample code for the access control configuration file follows.

{
  "tenantId": "54ss4lk1-8428-7256-5fvh-d5785gfhkjh6",
  "serverAppId": "j21n12bg-3758-3r78-v25j-35yj4c47vhmt",
  "jwksUri": "https://login.microsoftonline.com/common/discovery/keys",
  "issuerBaseUri": "https://sts.windows.net/",
  "jwksTimeOut": 120
}

Sample code for the access control policy file follows.

{
  "version": "1.0.0",
  "policy" : [
    {
      "id": "policy1",
      "description": "MPS Access Control policy for XYZ Corp.",
      "rule": [
        {
          "id": "rule1",
          "description": "group A can execute ctf magic",
          "subject": { "groups": ["aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa"] },
          "resource": { "ctf": ["magic"] },
          "action": ["execute"]
        },
        {
          "id": "rule2",
          "description": "group A and group B can execute ctf monteCarlo and fastFourier",
          "subject": { "groups": ["aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb"]  },
          "resource": { "ctf": ["monteCarlo", "fastFourier"] },
          "action": ["execute"]
        },
        {
          "id": "rule3",
          "description": "QE group C can execute any ctf starts with test",
          "subject": { "groups": ["cccccccc-cccc-cccc-cccc-cccccccccccc"] },
          "resource": { "ctf": ["test*"] },
          "action": ["execute"] 
        }
      ]
    }
  ]
}

For more information, see Access Control.

Related Topics