nvflare.app_opt.xgboost.recipes.histogram module
- class XGBHorizontalRecipe(name: str, min_clients: int, num_rounds: int, early_stopping_rounds: int = 2, use_gpus: bool = False, secure: bool = False, client_ranks: dict | None = None, xgb_params: dict | None = None, data_loader_id: str = 'dataloader', metrics_writer_id: str = 'metrics_writer', per_site_config: dict[str, dict] | None = None)[source]
Bases:
RecipeXGBoost Horizontal Federated Learning Recipe.
Recipe parameters, including
xgb_paramsand nestedper_site_configvalues, must never contain actual secrets. Read secrets from site environment variables or mounted files; references are supported only where documented innvflare.recipe.secrets.This recipe implements horizontal federated XGBoost using histogram-based algorithms. In horizontal federated learning, each client has different samples with the same features. The histogram-based approach enables efficient gradient boosting by computing histograms of gradients and hessians collaboratively across clients.
- Parameters:
name (str) – Name of the federated job.
min_clients (int) – The minimum number of clients for the job.
num_rounds (int) – Number of boosting rounds.
early_stopping_rounds (int, optional) – Early stopping rounds. Default is 2.
use_gpus (bool, optional) – Whether to use GPUs for training. Default is False.
secure (bool, optional) – Enable secure training with Homomorphic Encryption (HE). Default is False. Requires encryption plugins to be installed and configured. When secure=True, client_ranks must be provided.
client_ranks (dict, optional) – Mapping of client names to ranks for secure training. Required when secure=True. Maps each client name to a unique rank (0-indexed). Example: {“site-1”: 0, “site-2”: 1, “site-3”: 2}.
xgb_params (dict, optional) – XGBoost parameters passed to xgboost.train(). If None, uses default params. Default params: max_depth=8, eta=0.1, objective=’binary:logistic’, eval_metric=’auc’, tree_method=’hist’, nthread=16.
data_loader_id (str, optional) – ID of the data loader component. Default is ‘dataloader’.
metrics_writer_id (str, optional) – ID of the metrics writer component. Default is ‘metrics_writer’.
per_site_config (dict, optional) – Deprecated constructor form of per-site configuration. New code should call
set_per_site_config(recipe, config)immediately after construction.
Example
from nvflare.app_opt.xgboost.recipes import XGBHorizontalRecipe from nvflare.app_opt.xgboost.histogram_based_v2.csv_data_loader import CSVDataLoader from nvflare.recipe import SimEnv, set_per_site_config # Build per-site configuration with data loaders per_site_config = { "site-1": {"data_loader": CSVDataLoader(folder="/tmp/data/horizontal_xgb_data")}, "site-2": {"data_loader": CSVDataLoader(folder="/tmp/data/horizontal_xgb_data")}, } # Create recipe recipe = XGBHorizontalRecipe( name="xgb_higgs_horizontal", min_clients=2, num_rounds=100, xgb_params={ "max_depth": 8, "eta": 0.1, "objective": "binary:logistic", "eval_metric": "auc", }, ) set_per_site_config(recipe, per_site_config) # Run simulation with explicit client list clients = list(per_site_config.keys()) env = SimEnv(clients=clients) run = recipe.execute(env)
Note
Data loaders must be configured with
set_per_site_configbefore export or execution.TensorBoard tracking is automatically configured for the server and configured sites.
Executor and metrics components are automatically added to each configured site.
This is base class of a recipe. Recipes are implemented by jobs. A concrete recipe must provide the job for recipe implementation.
- Security contract – no secrets in recipe parameters:
Recipe parameters (
train_args,task_args,eval_args,per_site_config, config overrides, dicts passed toadd_client_config/add_server_config, exec params, etc.) can be written in clear text into generated job configuration. These parameters and their nested values must never contain actual passwords, API keys, tokens, private keys, or other credentials. Instead, read secrets from site environment variables or mounted secret files inside your code, or pass a placeholder created withnvflare.recipe.secrets.secret_ref()ornvflare.recipe.secrets.secret_file_ref()at a supported runtime boundary. Seenvflare.recipe.secretsfor the supported parameter locations.Before export or run, recipes scan their parameters with heuristics and emit
nvflare.recipe.secrets.PotentialSecretWarningwhen a value looks like an actual secret. The scan is best-effort: absence of a warning does not prove a parameter is safe to share.
- Parameters:
job – the job that implements the recipe.