AWS Lambda: Docker container support

One of the most outstanding features brought by AWS for lambda is an AWS Lambda — Container Image Support

Why is that?

Simply because it allows migrating a lot of applications to AWS Lambda.
Before this, packaging dependencies and programming language support was quite a pain for developers new to serverless. On top, running these apps outside the Lambda was hardly possible without some heavy lifting

So, can we use any docker image inside our Lambda workloads?

This is because Lambda functions are being started and invoked in a very specific way, so all these docker images/containers need a special element called Lambda Runtime API in order to work

Multiple approaches to get started with docker container for Lambda :

Summary of constraints :

  • Docker Registry: only ECR (Elastic Container Registry)
    Other registries like DockerHub, GCR, ACR and etc are not yet supported at this time.
  • Container images size - 10 GB
    (Well…more than enough for most modern apps)
  • Mandatory to use base images with built-in Lambda Runtime API or own customized docker images implementing Lambda Runtime Interface Clients

How to build a docker image for Lambda and use it in a function:

app.js — lambda handler code with simple Hello world response
Dockerfile with build steps for NodeJS using AWS provide a base image
package.json — sample file (no dependencies)

Building NodeJS Docker image for AWS Lambda :

Clone the repo and build the docker image :

cd aws-lambda-container-support

docker build -t aws-container-nodejs-hello .

Verify that code works :

docker run -p 9000:8080 aws-container-nodejs-hello

Run a test curl request :

curl -XPOST “http://localhost:9000/2015-03-31/functions/function/invocations" -d ‘{}’

You should receive a JSON response back with Hello World text inside the body

Tagging and pushing docker image to ECR

aws ecr create-repository — repository-name aws-container-nodejs-hello — image-scanning-configuration scanOnPush=true

Re-tag local image with ECR repo name

docker tag aws-container — nodejs-hello:latest <aws_account_id>.dkr.ecr.<region>

Login to ECR

aws ecr get-login-password | docker login — username AWS — password-stdin <aws_account_id>.dkr.ecr.<region>

Push image to ECR

docker push <aws_account_id>.dkr.ecr.<region>

After the image is in ECR we can select it during Lamda function creation

Creating a Lambda function

Image for post
Image for post

Selecting container Image

Image for post
Image for post
Image for post
Image for post

Testing via Sample event
Click on the button next to Actions > Configure test events

Image for post
Image for post

Adding a dummy test event :
- create a new test event
- type event name & leave dummy JSON (we are not using any parameters from this JSON, we are using this event to invoke a function manually for verification purposes. Kind of a simulation )
- Click on Create

Image for post
Image for post

You can invoke it via click “Test” button

Image for post
Image for post

After this, you should get a gree screen

Image for post
Image for post

Exposing externally/make public Lambda function via API gateway

Image for post
Image for post

You can find an url/endpoint in “API Endpoint” section of API Gateway Trigger :

If you browse to API endpoint URL, you should be able to see string “Response from NodeJS container"

Links :

Github for this article :

Written by


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store