使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

Is it possible to speed up deletion of a VPC attached lambda, within a CloudFormation stack?

0

When deploying a stack (with CDK) containing a lambda attached to a VPC, then destroying the stack, it takes around 45 minutes to delete a lambda attached to a VPC.

I believe this is because the elastic network interface associated with the lambda takes this long to remove, but as I am only testing deployment the eni should not be in use.

Is this a known issue and can anything be done to improve the experience around this?

主题
无服务器计算管理与治理
标签
AWS LambdaAWS CloudFormation
语言
English
Drew-PUSH
已提问 1 年前1088 查看次数
1 回答
0

I haven't timed this lately but I know prior to the improved Lambda VPC networking using AWS Hyperplane rolled out 2019/2020, it could take several hours for an ENI to be cleaned up and deleted. Supposedly it's improved now ... I guess 45 mins is an improvement! :)

One workaround I heard of with CloudFormation was using a Custom Resource to force deletion of the ENI. Something to watch out for with this is that ENIs are shared across Lambda execution environments with the same security group & subnet combination, so best to use a unique security group per Function to avoid deleting an ENI in use by someone else.

专家
skinsman
已回答 1 年前
  • Drew-PUSH
    1 年前

    The strange thing is I am creating the security group as part of the same stack and the ENI is only used for the single lambda, so I don't see why the ENI needs to be kept for so long after deletion.

    I think I had seen something similar with the custom resource, so I might give this a try. Though deleting the ENI early via the AWS Console doesn't seem to be possible, even after CloudFormation has deleted the lambda...

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容