The Hyperplane ENI is a managed network resource that the Lambda service controls, allowing multiple execution environments to securely access resources inside of VPCs in your account. Instead of the previous solution of mapping network interfaces in your VPC directly to Lambda execution environments, network interfaces in your VPC are mapped to the Hyperplane ENI and the functions connect using it.
According to the latest AWS documentation, the default Elastic network interfaces (ENI) is 250 per VPC. As you know after the launch of the improved VPC networking for Lambda, Lambda functions configured in a VPC are designed to use HyperPlane ENI.
Please note that Hyperplane ENIs are tied to a security group:subnet combination in your account. Functions in the same account that share the same security group:subnet pairing use the same network interfaces. If a combination is shared across multiple functions in your account, we reuse the same network interface across functions.
Some architectural recommendation using HyperPlane ENIs in Lambda function are:
1. Look into reusing these ENI endpoints per function. We only will reuse ENIs if your function has the exact same security requirements (same security groups) as another function within the same subnet.
2. Ensure the old versions of functions are cleaning up such that they aren’t letting unused ENIs be provisioned.
3. Look into splitting across different VPCs to scale your system.
No Comments