8

I have some lambda functions in a VPC, some of them need Internet to work so I added a NAT instance (t2.micro) and the problem is that I have some functions sometimes work and sometimes timeout. For example a function that call FB API 80% of the time work and 20% timeout. Another function is using boto3 to create a spot instance 50% of the time timeout and the logs give me.

2018-07-16T06:35:55.909Z 421f98dd-88c2-11e8-913a-63c8d6f276f3 Task timed out after 100.10 seconds

Whenever I redeploy my serverless project I face this problem.

I increased the timeout limit and the memory but I have the same problem I'm sure that there is access to Internet but some of the lambda functions timeout.

What do you think the problem is ? Thanks

Bacem Mehri
  • 111
  • 2
  • 5
  • So, your problem is that it hits the Lambda Timeout limit, is that correct? Have you investigated what is taking the time in the function? For example, is it calling an external service and waiting for a response? Or is it doing lots of compute that is consuming the time? If you were to experiment by raising the timeout to 5 minutes, do they all complete correctly? Do you _need_ the functions to connect to the VPC, because an alternative is to _not_ connect them to the VPC and then they can access the Internet directly without a NAT instance. – John Rotenstein Jul 17 '18 at 12:06
  • 5
    This can also occur if you configure the Lambda function to run in VPC *and* on multiple subnets *and* one of the subnets has an incorrectly configured route table. – Michael - sqlbot Jul 18 '18 at 00:06
  • @Michael-sqlbot thanks a lot that was my mistake – Bacem Mehri Jul 18 '18 at 02:00
  • My problem was the same as @BacemMehri. Maybe Michael's comment could be promoted to the answer – ivarec May 05 '19 at 17:18
  • Thanks to @Michael-sqlbot - I think we found our timeout/error issue which wasn't that our subnet's route-table was config'd wrong, but that we only had 1 NAT subnet on the lambda. We added 2 more by following this gist and now we can hammer it without timeout. https://gist.github.com/reggi/dc5f2620b7b4f515e68e46255ac042a7 – k00k Dec 05 '19 at 00:27

1 Answers1

16

I've had this where I am using the Lambda in a VPC (and therefor have a NAT Gateway and Internet Gateway in place).

I had inadvertently selected all subnets (including the public one) for the Lambda to run in, whereas it will only have access to the internet from the private subnets.

Deselect the public subnet and save and you should solve your problem.

Here's a link to the knowledgebase article I used - https://aws.amazon.com/premiumsupport/knowledge-center/internet-access-lambda-function/

Liam
  • 5,033
  • 2
  • 30
  • 39