I am a beginner in AWS development and I had a question regarding accessing amazon aurora from lambda.
I have read that all instances of Amazon Aurora needs to be created inside a VPC. However, it seems that Lambda will incure massive latency for setting up elastic network interface (ENI) everytime it tried to access resources which is inside a VPC
https://medium.freecodecamp.org/lambda-vpc-cold-starts-a-latency-killer-5408323278dd
Since this could increase the cold start time by around 10s , is there a way to avoid this ENI setup latency while using Lambda to access Amazon RDS?
No. There is currently no "good" way to reliably prevent the coldstart.
(1) Yes, keeping the lambda function warm can help reduce the problem, but it will still be present.
(2) The only way would be if you run your rds "outside" a VPC (i.e. make it publicly available) and secure it using security groups. But this is a really bad idea for a lot of reasons (lambda ip addresses change so you need to leave the rds instance wide open for any attacker, violates aws best practices, etc).
AWS lambda + rds is currently not suitable if you need responsiveness. That's why Amazon is pushing the use of dynamodb with lambda so much (since that uses https).
Tldr if you need responsiveness + security stay away from lambda + rds.
What you need to do is make sure your lambda role has the AWSLambdaVPCAccessExecutionRole policy attached to it.
Your ENI is created on cold start. Avoid the cold start by creating another lambda to invoke your current lambda on a schedule to keep it warm.
Related
Like the title asks, im wondering if the only way of connecting to my aws hosted rds through aws lambda function in java is through a jdbc connection?
Does the aws sdk provide a way of doing this, querying the data and returning results without the need for jdbc?
I've looked through the aws api documentation but nothing is jumping out at me in terms of making a connection through the aws sdk alone, it seems to provide functions on more admin type tasks. .
The reason I ask is in the interest of speed, the jdbc connection takes a few seconds for a connection, but thought if the aws sdk could connect it may be quicker?
Depending on the kind of database you use there are different options.
If you want to reduce the connection latency, you could look into using RDS proxy, which will act as a reverse-proxy in from of the database instances and has a couple of connections ready for you to use.
It's also optimized to let you quickly establish connections through JDBC to it.
If you use Aurora Serverless, you might be able to use the Data API, which uses the AWS SDK to make requests to the database over HTTP. You can find more information on that in the docs: Using the Data API for Aurora Serverless.
You can also always use connection pooling in your lambda functions, which will at least make warm lambdas more performant but doesn't help you with cold starts.
I want my lambda function to access the database aurora serverless mysql. After some research, I found that we need to keep the lambda under the same VPC as aurora serverless. But keeping lambda in VPC leads to increase the cold start and also in order to access the internet we need to use NAT gateway which leads to additional cost. Since our application is small we cannot afford additional cost. Is there any other way we can access the aurora serverless database without keeping the lambda function in vpc?
maybe for the small application you can reduce the security level and run you serverless Aurora in the default VPC with the default security group. I mean to make the public access to the database with the login/password security gate only. Yes, it is less secure but your billing will be small.
I do not see another way.
Aurora Serverless has a feature called Data API. This allows you to access the database over http from outside the VPC or from anywhere on the Internet.
So, your database can be in a private VPC and your Lambda can be outside the VPC.
However, at the time of writing this, Data API has a high latency. Simple requests can take up to 200 ms to complete.
Im new to aws.
I am going to develop a REST full app which is going host on aws.
I decided to use
Amazon S3 for static contents
Amazon Cognito User Pool for Authentication
Amazon DynamoDB as db
I am confused on where my app is going to be hosted. I have 2 ideas for that.
AWS Lambda Function + api gateway
Can I implement entire app on it ?
Elastic Beanstalk
Can i integrate all the above aws services with it ?
(Backend on .net core web api 2.0)
Please guid me
As the experience of working with cloud, after 1y 6m I can give a proper answer for my own question.
Yes.
There is a possibility to use API Gateway + Lambda for the entire app as the back end. But you have to manage your most of the app logic from the front end. On there you have to get a risk because the source code can be viewed by the public.
Keeping your all business logic in the client code is not a good practice. And keeping all the logic in the Lambda also not easy or cost effective. The reason is when you making a real world app, you will need thousands of functions. To do one task, you will have to call many functions (Then its a function run time). So it will be very expensive.
Best solution is hosting the backend on Elastic Beanstalk and front end on S3. If you have any heavy task ? then you can make Lambda functions for that.
Lambda is best for CPU bounded functions. But not to have all the application logic on it.
Since you might not be interested in managing the underlying system, you should opt for AWS Lambda + API Gateway.
I am looking forward to work in a Amazon Lambda with Node.js
They call it server less, So is it a better way to host our code then traditional hosting servers ?
I am open for the suggestions, thanks in advance!!
It is called serverless as you dont manage and maintain the underlying server and the runtime.
Basically you write your code in one of the supported languages, say node.js, and then configure events that will trigger your code.
Example in case of AWS, the events can be a API GW call, a SQS message, a SNS notification etc.
So it can be better depending on what you are planning on doing.
Do note that there are certain limits that AWS imposes by default on accounts for AWS Lambda.
Also there can be slight startup penalty for a Lambda.
A plus point of Lambda vs Hosting your code in EC2 is that with Lambda you dont get charged if your code is not used/triggered.
However, do note that for functions that have heavy usage it might be better to
host your own EC2.
Most important a Lambda has to be stateless.
Considering all the above factors you can take a call on whether AWS Lambda and Serverless Architecture fits your needs.
I've already got an RDS instance configured and running, but currently we're still running on our old web host. We'd like to decrease latency by hosting the code within AWS.
Two concerns:
1) Future scalability
2) Redundancy ... not a huge concern but AWS does occasionally go down.
Has anyone had this problem where they just need to cheaply run what is essentially a database interface via a language such as PHP/Ruby, in 2 regions? (with one as a failover)
Does Amazon offer something that automatically manages resources, that's also cost effective?
Amazon's Elastic Beanstalk service supports both PHP and Ruby apps natively, and allows you to scale your app servers automatically.
In a second region, run a slave RDS instance off of your master (easy to set up in RDS) and have another beanstalk setup there ready as a failover.