问题描述

在赋予所有调用功能的权利之后.我的Lambda函数无法调用另一个函数.每当我遇到超时问题时，都会出现30 seconds timeout问题.看来lambda无法获得另一个lambda函数

我的Lambda位于相同的区域，相同的策略，相同的安全组中..VPC在这两个Lambda中也相同.现在唯一不同的是lambda函数

以下是角色权限

1)创建了AWSLambdaExecute和AWSLambdaBasicExecutionRole

2)创建了一个要调用的lambda函数 Lambda_TEST

exports.handler = function(event, context) {
  console.log('Lambda TEST Received event:', JSON.stringify(event, null, 2));
  context.succeed(event);
};

3)这是另一个函数.

var AWS = require('aws-sdk');
AWS.config.region = 'us-east-1';
var lambda = new AWS.Lambda();

exports.handler = function(event, context) {
 var params = {
   FunctionName: 'Lambda_TEST', // the lambda function we are going to invoke
   InvocationType: 'RequestResponse',
   LogType: 'Tail',
   Payload: '{ "name" : "Arpit" }'
 };

  lambda.invoke(params, function(err, data) {
   if (err) {
    context.fail(err);
   } else {
   context.succeed('Lambda_TEST said '+ data.Payload);
  }
 })
};

引用来自:此链接

注意

我将由 executor 表示执行第二个lambda的lambda.

为什么超时?

由于执行器被锁定"在VPC后面-所有Internet通信都被阻止.

这会导致所有http(s)呼叫超时，因为它们请求数据包永远不会到达目的地.

这就是为什么aws-sdk执行的所有操作都会导致超时的原因.

简单解决方案

如果执行者没有必须放在VPC中-只需将其放入其中，则lambda在没有.

当lambda调用VPC中的资源时，需要将lambda定位在VPC中.

实际解决方案

根据以上所述，可以得出结论，位于VPC内的任何资源都无法访问Internet-不正确-只需进行少量配置即可.

1. 创建一个VPC.
2. 创建2个子网，让其中一个表示为 private ，第二个表示为 public (这些术语在后面说明，请继续阅读)./li>
3. 创建 Internet网关-这是将VPC连接到Internet的虚拟路由器.
4. 创建一个 NAT网关-选择 public 子网并为其创建一个新的elastic IP(此IP在您的VPC本地)-该组件将通过管道与internet-gateway进行通信.

5. 创建2个路由表-其中一个名为 public ，第二个为 private .

   1. 在 public 路由表中，转到 Routes 并添加新路由:
   1. 在专用路由表中，转到 Routes 并添加新路由:

   • 专用子网是其路由表中的子网-到internet-gateway的路由没有.

   • 一个 public 子网是一个在其路由表中的子网-在那里存在到internet-gateway

   的路由

我们在这里有什么?

我们创建了这样的内容:

这可以使专用子网中的资源调出Internet.您可以在此处找到更多文档... >

After giving all the rights to invoke function. My Lambda function is not able to invoke another function . Every time I am getting timeout having 30 seconds timeout issue. It looks like lambda is not able to get another lambda function

My lambdas are in same region, same policy, same security group .. Also VPC are same in both lambdas. The only thing is different now is lambda functions

Here are the role rights

1) created AWSLambdaExecute and AWSLambdaBasicExecutionRole

2) Created one lambda function which is to be calledLambda_TEST

exports.handler = function(event, context) {
  console.log('Lambda TEST Received event:', JSON.stringify(event, null, 2));
  context.succeed(event);
};

3) Here is a another function from where it is called .

var AWS = require('aws-sdk');
AWS.config.region = 'us-east-1';
var lambda = new AWS.Lambda();

exports.handler = function(event, context) {
 var params = {
   FunctionName: 'Lambda_TEST', // the lambda function we are going to invoke
   InvocationType: 'RequestResponse',
   LogType: 'Tail',
   Payload: '{ "name" : "Arpit" }'
 };

  lambda.invoke(params, function(err, data) {
   if (err) {
    context.fail(err);
   } else {
   context.succeed('Lambda_TEST said '+ data.Payload);
  }
 })
};

Reference taken from : This link

Note

I will denote by executor the lambda that executes the second lambda.

Why Timeout?

Since the executor is "locked" behind a VPC - all internet communications are blocked.

That results in any http(s) calls to be timed out as they request packet never gets to the destination.

That is why all actions done by aws-sdk result in a timeout.

Simple Solution

If the executor does not have to be in a VPC - just put it out of it, a lambda can work as well without a VPC.

Locating the lambda in a VPC is required when the lambda calls resources inside the VPC.

Real Solution

From the above said, it follows that any resource located inside a VPC cannot access the internet - that is not correct - just few configurations need to be made.

1. Create a VPC.
2. Create 2 Subnets, let one be denoted as private and the second public (these terms are explained ahead, keep reading).
3. Create an Internet Gateway - this is a virtual router that connects a VPC to the internet.
4. Create a NAT Gateway - pick the public subnet and create a new elastic IP for it (this IP is local to your VPC) - this component will pipe communications to the internet-gateway.

5. Create 2 Routing Tables - one named public and the second private.

   1. In the public routing table, go to Routes and add a new route:
   1. In the private routing table, go to Routes and add a new route:

   • A private subnet is a subnet that in its routing table - there is no route to an internet-gateway.

   • A public subnet is a subnet that in its routing table - there exists a route to an internet-gateway

What we had here?

We created something like this:

This, what allows resources in private subnets to call out the internet.You can find more documentation here.

这篇关于AWS Lambda调用不调用另一个Lambda函数-Node.js的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！