Invoke Lambda functions in Envoy proxy
The Lambda Envoy extension configures outbound traffic on upstream dependencies allowing mesh services to properly invoke AWS Lambda functions. Lambda functions appear in the catalog as any other Consul service.
You can only enable the Lambda extension through service-defaults
. This is because the Consul uses the service-defaults
configuration entry name as the catalog name for the Lambda functions.
Specification
The Lambda Envoy extension has the following arguments:
Arguments | Description |
---|---|
ARN | Specifies the AWS ARN for the service’s Lambda. |
InvocationMode | Determines if Consul configures the Lambda to be invoked using the synchronous or asynchronous invocation mode. |
PayloadPassthrough | Determines if the body Envoy receives is converted to JSON or directly passed to Lambda. |
Be aware that unlike manual lambda registration, region is inferred from the ARN when specified through an Envoy extension.
Workflow
There are two steps to configure the Lambda Envoy extension:
- Configure EnvoyExtensions through
service-defaults
. - Apply the configuration entry.
Configure EnvoyExtensions
To use the Lambda Envoy extension, you must configure and apply a service-defaults
configuration entry. Consul uses the name of the entry as the Consul service name for the Lambdas in the catalog. Downstream services also use the name to invoke the Lambda.
The following example configures the Lambda Envoy extension to create a service named lambda
in the mesh that can invoke the associated Lambda function.
lambda-envoy-extension.hcl
Kind = "service-defaults"
Name = "lambdaInvokingApp"
Protocol = "http"
EnvoyExtensions {
Name = "builtin/aws/lambda"
Arguments = {
ARN = "arn:aws:lambda:us-west-2:111111111111:function:lambda-1234"
}
}
lambda-envoy-extension.json
{
"kind": "service-defaults",
"name": "lambdaInvokingApp",
"protocol": "http",
"envoy_extensions": [{
"name": "builtin/aws/lambda",
"arguments": {
"arn": "arn:aws:lambda:us-west-2:111111111111:function:lambda-1234"
}
}]
}
lambda-envoy-extension.yaml
apiVersion: consul.hashicorp.com/v1alpha1
kind: ServiceDefaults
metadata:
name: lambda
spec:
protocol: http
envoyExtensions:
name = "builtin/aws/lambda"
arguments:
arn: arn:aws:lambda:us-west-2:111111111111:function:lambda-1234
For a full list of parameters for EnvoyExtensions
, refer to the service-defaults and proxy-defaults configuration entries reference documentation.
Note: You can only enable the Lambda extension through service-defaults
.
Refer to Configuration specification section to find a full list of arguments for the Lambda Envoy extension.
Apply the configuration entry
Apply the service-defaults
configuration entry.
$ consul config write lambda-envoy-extension.hcl
$ consul config write lambda-envoy-extension.json
$ kubectl apply lambda-envoy-extension.yaml
Examples
In the following example, the Lambda Envoy extension adds a single Lambda function running in two regions into the mesh. Then, you can use the lambda
service name to invoke it, as if it was any other service in the mesh.
lambda-envoy-extension.json
Kind = "service-defaults"
Name = "lambda"
Protocol = "http"
EnvoyExtensions {
Name = "builtin/aws/lambda"
Arguments = {
payloadPassthrough: false
arn: arn:aws:lambda:us-west-2:111111111111:function:lambda-1234
}
}
EnvoyExtensions {
Name = "builtin/aws/lambda"
Arguments = {
payloadPassthrough: false
arn: arn:aws:lambda:us-east-1:111111111111:function:lambda-1234
}
}