Hexaly Cloud¶
Hexaly Cloud is a service enabling users to delegate the resolution process of a problem to a dedicated machine in the cloud. With minimal configuration, users can use this feature with the LSP language and with all supported bindings: C++, Java, C# and Python.
When using Hexaly Cloud, the solver will automatically connect to the cloud service at startup and a dedicated remote worker will be created to solve the user’s problem. All modeling features are executed locally and it is only when the model is closed that the problem’s data is sent to the remote machine, compressed and encrypted, to be preprocessed and solved. After the resolution process has ended, all solution data is sent back to the client and is made available to the user through the APIs.
Every LocalSolver feature is supported except for external functions. Callbacks are executed on the client side and the current solution is sent to the client every time a callback needs to be run. If the connection is lost while solving a problem, the remote worker stops the resolution but if any callbacks were registered, the client retains the last received solution. Note, however, that callbacks cause a delay in communications that may affect performances.
The cloud service is subject to a specific license type restricted by a limited number of computation hours before the license expires. For security reasons and to avoid consuming this credit carelessly, the time limit for any job cannot exceed 6 hours. If necessary however, this limit can be lifted on demand.
Cloud licenses are also bound to a specific machine configuration that will be used to setup the remote workers allocated to a job. Unlike a regular license, a cloud license is not linked to the hardware signature of a user’s computer which means it can be shared across multiple devices.
Get started¶
In order to use this feature, the only configuration users need to supply is a
CLOUD_KEY and a CLOUD_SECRET replacing the usual LICENSE_KEY. Cloud
keys can be retrieved from the user’s account page on our website and as with a
regular license, they can be provided to the solver in a number of ways:
With the help of a license file in the correct folder,
Or via the
setLicenseContentmethods available in the various APIs.
The installation instructions for each platform detail the alternative license locations that can be used. The content of the license must be of the form:
CLOUD_KEY = <MY-CLOUD-KEY>
CLOUD_SECRET = <MY-CLOUD-SECRET>
And that’s it! With a cloud key supplied, the solver will automatically attempt a connection to the cloud service, check the license validity and start using a remote worker to solve the problem at hand.
Users can consult their account page to review the license details such as the remaining number of hours allotted or the machine configuration used to setup the remote workers.
The history of past and current sessions is also available on the website and shows all configuration details along with complete console logs of the resolutions.
Architecture and security¶
On startup, the LocalSolver client initiates a secure HTTPS websocket connection with one of the region controllers responsible for managing the workers that will execute user programs. The controller boots up a worker and handles all subsequent communications between the client and the created worker.
Both controllers and workers are hosted on the Amazon Web Services (AWS) and the allocated workers are EC2 virtual machines guaranteed to be isolated and dedicated to the end user. The controller and the worker communicate through a virtual private network and all communications between the client, the controller and the worker are encrypted with TLS 1.3.
For better response times, several AWS regions are supported:
Europe (Paris):
https://eu-west-3.cloud.localsolver.comUS East (N. Virginia):
https://us-east-1.cloud.localsolver.comUS West (N. California):
https://us-west-1.cloud.localsolver.comSouth America (São Paulo):
https://sa-east-1.cloud.localsolver.comAsia-Pacific (Tokyo):
https://ap-northeast-1.cloud.localsolver.com
Other regions can be opened on request.
By default, the LocalSolver client connects to the URL
https://cloud.localsolver.com on port 443 which redirects to the closest
region thanks to anycast. Users should thus keep the port open for this URL.
Note
If you need to configure a firewall to allow outbound traffic to region controllers, make sure you do not use hardcoded IP addresses. Use DNS resolution instead, since our IP addresses can change at any-time.
Advanced configuration¶
Additional configuration can be supplied through the license content or the
license file. It is possible, for example, to specify the preferred AWS region
by setting the property CLOUD_URL to the appropriate domain name:
CLOUD_URL = https://sa-east-1.cloud.localsolver.com
While running, the LocalSolver client periodically checks the connection status
with the cloud service. If no response is received from the service for a
certain amount of time, the connection is considered lost and a timeout
exception is raised. Users can configure the maximum time to wait in seconds
thanks to the property TIMEOUT:
TIMEOUT = 5
The default value is 5 seconds.
Proxy configuration¶
By default, LocalSolver will try to connect to the cloud service through the proxy configured on the user system. The proxy URL that should be used is determined from the following sources:
The license file if the properties
HTTP_PROXYorHTTPS_PROXYare present.The environment variables
http_proxyorhttps_proxyif they are set (LocalSolver also supports their uppercase variantsHTTP_PROXYandHTTPS_PROXY).The system configuration on Windows and MacOS. This includes the evaluation of PAC files retrieved either from a static URL or with the WPAD protocol.
LocalSolver uses the HTTP CONNECT method to establish the communication
tunnel and does not support any kind of authentication.
Caution
LocalSolver does not support proxies that require a TLS/SSL connection but the proxy must be able to communicate with the cloud service over HTTPS.
To disable proxy support altogether, the property DISABLE_PROXY can be set
to true in the license file. This will disable automatic proxy detection as well
as static configuration.