Connect to ElastiCache cluster from AWS Lambda function

52
votes

Is it possible to connect from an AWS Lambda function to a Redis ElastiCache cluster?

I can't figure out if it's a configuration problem or it's simply not possible.

PS: I made a test from an EC2 instance and I can connect to the Redis node. Also the Lambda function and the Redis node are in the same region.

UPDATE (09 Oct 2015):

Amazon announced VPC for AWS Lambda functions. Details here

This means we can now access any resource in AWS behind VPC security group, including ElastiCache and RDS machines.

UPDATE (11 Feb 2016): Amazon launched VPC for AWS Lambda.

https://aws.amazon.com/about-aws/whats-new/2016/02/access-resources-within-a-vpc-using-aws-lambda/

5
amazon-web-servicesamazon-elasticacheaws-lambda
There is no technical restrictions to connect from Lambda to an external service. If you are using third party libraries, you must include them in your ZIP file and these libraries must be able to run on Linux. Can you give a code sample and the error message ? Your question has not enough element included to help youSébastien Stormacq
I know Lambda can connect to external services. The question is if ElastiCache allows Lambda functions to connect to its clusters.Mircea Soaica
If your security groups are setup correctly, there is no difference from Elastic Cache point of view. This is just a plain TCP connection - there is no difference in connection coming from Lambda or any other serviceSébastien Stormacq
From docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/… : "All ElastiCache clusters can only be accessed from an Amazon EC2 instance."Rohit Chatterjee
VPC for AWS Lambda announced for "end of 2015" but not released. Now well into 2016 and still no ElasticCache.David Betts

5 Answers

19
votes

As of Feb 2016, AWS allows using lambda functions to connect to Elasticache. Refer to Access Resources within a VPC using AWS Lambda. Here is a link how it works - Tutorial: Configuring a Lambda Function to Access Amazon ElastiCache in an Amazon VPC

4
votes

Setting up an HTTP Proxy or iptables wouldn't work for the following reasons:

Redis calls are not HTTP and will not be handled by HTTP proxies. iptables (or any port forwarding for that matter) will either won't accept a domain name as destination or is highly inefficient due to DNS resolution required every time.

The best and convenient method is to install twemproxy in an EC2 machine and route your requests through it. As a bonus, you suddenly have deployed a fantastic sharding strategy as well.

2
votes

I have tried connecting lambda to memcached elasticache and it works fine. Redis should also be doable.

Couple of things to keep in mind:

  1. Lambda and Elasticache has to be in the same VPC.
  2. When lambda is run in VPC, it won't have access to internet (so access to public APIs won't work). NATGateway is required for this.
1
votes

I was experiencing the same issue. I did not find a direct solution but instead used a Lambda function to connect to an EC2 server using socket.io which was pretty easy and emit an event to that EC2 server.

When the EC2 server received the event it performed the necessary Redis task ( database cleanup after image thumbnail generation ).

Hope this helps! If anyone finds out how to connect to ElastiCache from Lambda directly I'd still love to know!

0
votes

You can use (Redislabs) managed cloud solution which can be connected without VPC.

There will be no VPC cold starts with cloud solution, but there will be a latency overhead because the call to managed redis is made over internet. The additional latency is around 20 ms when lambda and redis are deployed in the same region. This is manageable for my use case and I don't need to worry about VPC.