使用 StackExchange.Redis 到 ElastiCache Redis 的 Lambda:RedisConnectionException - 没有连接 active/available 来为该操作提供服务
Lambda to ElastiCache Redis with StackExchange.Redis: RedisConnectionException - No connection is active/available to service this operation
我有一个 Lambda 函数 运行 连接一个 .NET Core 应用程序,我尝试使用 StackExchange.Redis 从中与 ElastiCache Redis 集群进行交互。
集群是单个节点。 Lambda 配置在与 ElastiCache Redis 集群相同的 VPC 和安全组中。安全组为端口 6379 的 VPC 中的所有子网设置了入站规则。所有这些子网都附加到 Lambda。
当我的代码尝试连接到 Redis 集群时,我不断收到以下错误:
{
"errorType": "RedisConnectionException",
"errorMessage": "No connection is active/available to service this operation: GET <REDACTED-KEY>; UnableToConnect on <REDACTED-PRIMARY-ENDPOINT-NAME>:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 5s ago, last-write: 5s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 5s ago, v: 2.2.50.36290, mc: 1/1/0, mgr: 10 of 10 available, clientName: 169, IOCP: (Busy=0,Free=1000,Min=2,Max=1000), WORKER: (Busy=0,Free=32767,Min=2,Max=32767), v: 2.2.50.36290",
"stackTrace": [
"at StackExchange.Redis.ConnectionMultiplexer.ThrowFailed[T](TaskCompletionSource`1 source, Exception unthrownException) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 2799",
"--- End of stack trace from previous location where exception was thrown ---",
"at <REDACTED-STACK-TRACE>"
"at lambda_method(Closure , Stream , Stream , LambdaContextInternal )"
],
"cause": {
"errorType": "RedisConnectionException",
"errorMessage": "UnableToConnect on <REDACTED-PRIMARY-ENDPOINT-NAME>:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 5s ago, last-write: 5s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 5s ago, v: 2.2.50.36290"
}
}
注意:abortConnect=false是在Redis配置上设置的
我已经尝试过的事情:
- 将
elasticache:* 操作添加到我的 Terraform IAM 策略以获得 Lambda 权限。完整政策:
data "aws_iam_policy_document" "iam_policy_document_mylambda" {
statement {
actions = [
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DescribeInstances",
"ec2:AttachNetworkInterface",
"elasticache:*",
"execute-api:ManageConnections"
]
resources = ["*"]
effect = "Allow"
}
}
- 将
resolveDns=true 添加到 Redis 配置中。 Redis 集群的 IP 地址显示在上面的错误中,而不是主要端点名称,我可以确认它在为 Lambda 配置的子网之一(eu-west-1a 上的子网)的 IP 范围内.
- 显式添加
ssl=false,因为在 Redis 集群上(暂时)禁用传输中加密。还尝试使用 GitHub 问题中提到的 ssl=true,sslProtocols=tls12,只是为了确定。
- 删除
abortConnect=false,然后失败并出现以下错误:
{
"errorType": "RedisConnectionException",
"errorMessage": "It was not possible to connect to the redis server(s). Error connecting right now. To allow this multiplexer to continue retrying until it's able to connect, use abortConnect=false in your connection string or AbortOnConnectFail=false; in your code.",
"stackTrace": [
"at StackExchange.Redis.ConnectionMultiplexer.ConnectImpl(ConfigurationOptions configuration, TextWriter log) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 1164",
"at StackExchange.Redis.ConnectionMultiplexer.Connect(ConfigurationOptions configuration, TextWriter log) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 1032",
"at ...",
"at lambda_method(Closure , Stream , Stream , LambdaContextInternal )"
]
}
我对此束手无策,每次在线搜索似乎都指向同一个方向;确保您的 Lambda 和 ElastiCache Redis 集群 运行 在同一个 VPC 和安全组中,并在 Redis 配置上设置 abortConnect=false,这对我的情况来说似乎不够。有人知道我还能尝试什么吗?
我明白了。问题出在我的基础架构上,而不是 StackExchange.Redis 如何连接到集群的问题。我必须为我的 Lambda 函数创建一个安全组,并将该安全组添加到我的 Redis Terraform 模块上的 allow_connections_from_security_groups,它依赖于 Gruntwork module,而不是将 Redis 安全组分配给我的 Lambda。
我有一个 Lambda 函数 运行 连接一个 .NET Core 应用程序,我尝试使用 StackExchange.Redis 从中与 ElastiCache Redis 集群进行交互。 集群是单个节点。 Lambda 配置在与 ElastiCache Redis 集群相同的 VPC 和安全组中。安全组为端口 6379 的 VPC 中的所有子网设置了入站规则。所有这些子网都附加到 Lambda。
当我的代码尝试连接到 Redis 集群时,我不断收到以下错误:
{
"errorType": "RedisConnectionException",
"errorMessage": "No connection is active/available to service this operation: GET <REDACTED-KEY>; UnableToConnect on <REDACTED-PRIMARY-ENDPOINT-NAME>:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 5s ago, last-write: 5s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 5s ago, v: 2.2.50.36290, mc: 1/1/0, mgr: 10 of 10 available, clientName: 169, IOCP: (Busy=0,Free=1000,Min=2,Max=1000), WORKER: (Busy=0,Free=32767,Min=2,Max=32767), v: 2.2.50.36290",
"stackTrace": [
"at StackExchange.Redis.ConnectionMultiplexer.ThrowFailed[T](TaskCompletionSource`1 source, Exception unthrownException) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 2799",
"--- End of stack trace from previous location where exception was thrown ---",
"at <REDACTED-STACK-TRACE>"
"at lambda_method(Closure , Stream , Stream , LambdaContextInternal )"
],
"cause": {
"errorType": "RedisConnectionException",
"errorMessage": "UnableToConnect on <REDACTED-PRIMARY-ENDPOINT-NAME>:6379/Interactive, Initializing/NotStarted, last: NONE, origin: BeginConnectAsync, outstanding: 0, last-read: 5s ago, last-write: 5s ago, keep-alive: 60s, state: Connecting, mgr: 10 of 10 available, last-heartbeat: never, global: 5s ago, v: 2.2.50.36290"
}
}
注意:abortConnect=false是在Redis配置上设置的
我已经尝试过的事情:
- 将
elasticache:*操作添加到我的 Terraform IAM 策略以获得 Lambda 权限。完整政策:
data "aws_iam_policy_document" "iam_policy_document_mylambda" {
statement {
actions = [
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DescribeInstances",
"ec2:AttachNetworkInterface",
"elasticache:*",
"execute-api:ManageConnections"
]
resources = ["*"]
effect = "Allow"
}
}
- 将
resolveDns=true添加到 Redis 配置中。 Redis 集群的 IP 地址显示在上面的错误中,而不是主要端点名称,我可以确认它在为 Lambda 配置的子网之一(eu-west-1a 上的子网)的 IP 范围内. - 显式添加
ssl=false,因为在 Redis 集群上(暂时)禁用传输中加密。还尝试使用 GitHub 问题中提到的ssl=true,sslProtocols=tls12,只是为了确定。 - 删除
abortConnect=false,然后失败并出现以下错误:
{
"errorType": "RedisConnectionException",
"errorMessage": "It was not possible to connect to the redis server(s). Error connecting right now. To allow this multiplexer to continue retrying until it's able to connect, use abortConnect=false in your connection string or AbortOnConnectFail=false; in your code.",
"stackTrace": [
"at StackExchange.Redis.ConnectionMultiplexer.ConnectImpl(ConfigurationOptions configuration, TextWriter log) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 1164",
"at StackExchange.Redis.ConnectionMultiplexer.Connect(ConfigurationOptions configuration, TextWriter log) in /_/src/StackExchange.Redis/ConnectionMultiplexer.cs:line 1032",
"at ...",
"at lambda_method(Closure , Stream , Stream , LambdaContextInternal )"
]
}
我对此束手无策,每次在线搜索似乎都指向同一个方向;确保您的 Lambda 和 ElastiCache Redis 集群 运行 在同一个 VPC 和安全组中,并在 Redis 配置上设置 abortConnect=false,这对我的情况来说似乎不够。有人知道我还能尝试什么吗?
我明白了。问题出在我的基础架构上,而不是 StackExchange.Redis 如何连接到集群的问题。我必须为我的 Lambda 函数创建一个安全组,并将该安全组添加到我的 Redis Terraform 模块上的 allow_connections_from_security_groups,它依赖于 Gruntwork module,而不是将 Redis 安全组分配给我的 Lambda。