0

I'm running the following in AWS Lambda, inside my handler function:

URL url = new URL("www.sfsuperiorcourt.org");
URLConnection connection = url.openConnection();
connection.setConnectTimeout(2000);
connection.connect();

This is inside a handler function. When running it locally, it's fine, and connects immediately, and I'm able to retrieve the contents. On Lambda, it fails with java.net.SocketTimeoutException: connect timed out. If I don't set a timeout on the connection, Lambda itself times out after 10s. This happens consistently, and on my local machine, it consistently succeeds, so I'm sure it's not a problem with the site I'm connecting to.

I'm able to do IP address resolution successfully on Lambda, so that's not the problem. Seems entirely related to opening the socket.

Maybe my role needs permission to open a socket? Any other obvious things like that? Any known way to debug the TCP layer?

philo
  • 3,580
  • 3
  • 29
  • 40
  • 1
    Usually when we see this, it's VPC related, but you've indicated that can't be the case. One thing, address resolution may prove nothing about connectivity. The DNS resolver implementation inside EC2 and Lambda runs with special status in the network infrastructure and is immune to almost all misconfigurations imaginable. There is nothing in the role or permission-related to sockets. Don't be so sure it isn't the site -- the source address will be one from the Lambda public pool, so behavior of the site based on that source IP is a total wildcard. Try a different site. – Michael - sqlbot Oct 03 '16 at 05:05
  • It is indeed something on the target site. Switching to my personal site worked fine. Thanks for the tip. I was so stuck thinking it was a local problem! – philo Oct 03 '16 at 05:53
  • Can you post the lambda configuration? – johni Oct 03 '16 at 08:32
  • Sorry, I don't know how to do that. But I don't think it would be interesting. It's just a default setup. And we exonerated my config as the source of the problem. – philo Oct 05 '16 at 23:22

1 Answers1

1

If you set up your lambda in a VPC, and you do not need it in that VPC, just have the lambda in no VPC at all.

Otherwise, read my answer here.

Community
  • 1
  • 1
johni
  • 5,342
  • 6
  • 42
  • 70