Monitoring AWS Lambda
To view metrics that are related to AWS Lambda in the Instana UI, you need to install and configure the Instana AWS agent, which is the Instana host agent that runs in a specialized AWS mode.
To view Lambda traces in the Instana UI, you need to add an Instana Lambda tracer to your AWS Lambda function.
Monitoring AWS Lambda requires installing the Instana AWS agent in the AWS environment and integrating the Instana Lambda tracers with AWS Lambda functions.
The Instana AWS agent is installed once per AWS account and region, and it monitors all the AWS Lambda functions in that account and region, along with other AWS services. For more information, see Monitoring Amazon Web Services (AWS) with Amazon Web Services (AWS) agent. This sensor collects infrastructure metrics for your AWS Lambda functions. You also need to add an Instana Lambda tracer to your AWS Lambda function to collect traces from the function. Depending on the Lambda function runtime, the tracer is installed as a layer in the AWS Lambda function or instrumented manually.
- Supported runtimes
- Configuring AWS Lambda monitoring
- Viewing Lambda function configurations, metrics, versions, and triggers
- Enabling alerts for cold starting or timeouts
- Using Lambda extension
- Performance and runtime considerations for Lambda monitoring
Supported runtimes
AWS agent
The AWS agent for Lambda monitoring collects version details and metrics for all your Lambda functions, irrespective of the runtime.
AWS Lambda native tracing
AWS Lambda native tracing is available for the following runtimes:
- Go 1.x using Go 1.8 or later
- Java 1.8 and later
- Node.js 18.x, 16.x, 14.x, 12.x, and 10.x
- Python 3.9 and 3.8
- Ruby 2.7
- .NET 6 and later
Configuring AWS Lambda monitoring
To monitor AWS Lambda functions with Instana, complete the following steps:
- Configure the AWS agent for Lambda monitoring.
- Install the Instana Lambda tracer in your Lambda function.
- Optional: Configure extra settings for the Instana Lambda tracers.
Configuring the AWS agent for Lambda monitoring
To configure the AWS agent, complete the following steps:
For more information, see Configuring the AWS agent for Lambda monitoring.
Installing Instana Lambda tracers in AWS Lambda functions
To capture tracing data (request-level data) and send to the Instana backend, you need to install runtime-specific Instana Lambda tracers in AWS Lambda functions. To install Instana Lambda tracers in AWS Lambda functions, see the installation instructions for the following runtimes:
Optional: Configuring extra settings for the Instana Lambda tracers
You can configure the optional environment variables that are generally supported in native Lambda tracing as outlined in the following table:
Do not set the INSTANA_DISABLE_CA_CHECK
variable to true
unless you use Instana on premises and are unable to operate the Instana backend with a certificate with a known root certificate authority
(CA). If you enable this variable, your Lambda is vulnerable to Man in the Middle (MITM) attacks for this connection.
Environment variables | Description |
---|---|
INSTANA_TIMEOUT |
Set timeout for the HTTP requests that report data to the Instana backend. |
INSTANA_ENDPOINT_PROXY |
Set this variable to http://my-proxy.tld or http://user:password@my-proxy.tld to route the reporting of data to the Instana backend over an HTTP or HTTPS proxy (supported in Node.js, not in Python). |
INSTANA_EXTRA_HTTP_HEADERS |
Set this variable to a semicolon-separated list of HTTP header names (for trigger types API gateway with Lambda proxy integration or application load balancer) to capture HTTP headers. |
INSTANA_SERVICE_NAME |
Define the custom service name. |
INSTANA_LOG_LEVEL |
Set the log level for the Instana package. Possible values are debug , info , warn , and error (default: info ). |
INSTANA_DEBUG |
Set this variable to any value to set the log level to debug . |
INSTANA_DISABLE_CA_CHECK |
Set this variable to true to disable verifying the server certificate against the list of certificate authorities (CA) included in the Lambda runtime when it connects to the Instana backend. (Available for @instana/aws-lambda@1.93.0/ layer
version 25 and later) |
Viewing Lambda function configurations, metrics, versions, and triggers
You can view all the information about your Lambda functions through Instana.
To view the HTTP attributes, triggers, and metrics and version details for Lambda functions, complete the following steps:
- In the sidebar of the Instana UI, select Infrastructure.
- Click a specific monitored Lambda function.
You can see a host dashboard with all the collected metrics and Lambda versions. For more information, see Lambda configurations, metrics, versions, and triggers.
Enabling alerts for cold starting or timeouts
You can configure Smart Alerts for excessive cold starts or timeouts on your Lambda functions.
Runtime | Cold start | Timeouts | Comment |
---|---|---|---|
Go | ✅ | ✅ |
|
Node.js | ✅ | ✅ | Timeout detection is disabled by default. To enable timeout detection, see Additional environment variables. |
.NET or .NET Core | ✅ | ❌ |
|
Java | ❌ | ❌ |
|
Python | ❌ | ❌ |
|
Ruby | ❌ | ❌ |
|
To configure a Smart Alert, go to the Application perspective documentation that contains the Lambda functions you want an alert on, and then add a Smart Alert:
- From the navigation panel in the Instana UI, click Applications.
- Select your application.
- Click Add Smart Alert.
- Click Switch to Advanced Mode.
- In the Select Services/Endpoints field in the Scope section, add one of the following filters:
Cloud Function As A Service > Cold Start is true
Cloud Function As A Service > Suspected Timeout is true
- In the Selected blueprint field in the Trigger section, select Throughput.
- In the threshold section, select a threshold value that fits your use case. Use 1 to include every occurrence or a higher value to have the rule violated on a particular number of cold starts or timeouts.
- Use the Time Threshold settings to fine-tune the alerting behavior.
Using Lambda extension
NodeJS layer version 71 and later include a Lambda extension.
This extension can improve performance of monitored Lambda functions by separating the process of sending data to the Instana backend from other Lambda function processes. To take advantage of these performance improvements, upgrade the Instana layer to a version that includes the extension.
Internally, the extension works with the language library to buffer and proxy all the requests to the Instana backend. Under normal operation, the extension does not extend the lifetime of the Lambda function. The lifetime is extended only during the following instances:
- A shutdown request to ensure all data that is held in the buffer to the backend is cleared.
- A situation when the Lambda function fails and stops sending spans. Wait for 3 seconds to see whether the root span is sent before you wait for the next invocation.
To disable the use of the extension, set the INSTANA_DISABLE_LAMBDA_EXTENSION
variable to TRUE
in your function's environment.
Performance and runtime considerations for Lambda monitoring
Artifact size
Adding Instana's Lambda monitoring increases the size of your deployed Lambda function. The additional size depends on the language-specific layer or library. To get the size of a particular Instana Lambda layer version, use the following shell commands:
aws lambda get-layer-version --layer-name <layer_arn> --version-number <target_version> | jq .Content.Location | xargs -L 1 curl --output layer.zip
unzip -l layer.zip
Performance impact
When you monitor a Lambda function with Instana, the performance impact is primarily driven by the time that is taken for the Lambda function to communicate with the Instana backend. At the end of each execution, the Instana-provided library makes a blocking call to either Instana AWS Lambda extension or your Instana tenant unit to report the result of the execution.
For functions that use the Lambda extension, this process takes place in the background and allows the monitored function to return its response as soon as the monitored code is ready.
For functions that are not using the Lambda extension, this process allows the reporting of the result of the execution only if the data is sent to your tenant unit.