AWS Lambda vs. Amazon EC2: Which One Should You Choose?
By: NAKIVO Team
Amazon is one of the leaders in providing diverse cloud services, boasting several dozen and counting. Amazon EC2 is one of the most popular Amazon services, and is the main part of Amazon Cloud computing platform that was presented in 2006. Amazon EC2 is widely used nowadays, but the popularity of another Amazon service called Lambda (introduced in 2014) is also growing. Today’s blog post compares AWS Lambda and EC2 platforms to help you make the right choice for your environment.
What Is AWS EC2?
AWS EC2 (Amazon Web Services Elastic Compute Cloud) is a service that allows for using virtual machines called EC2 instances in the cloud and providing scalability. You can change the amount of disk space, CPU performance, memory etc. whenever you need. You can select the base image with the necessary pre-installed operating system (OS) such as Linux or Windows and then configure most OS settings as well as installing custom applications. You have the root access for your Amazon EC2 instances and can create additional users. Manage everything you need and fully control your EC2 instances including rebooting and shutting down the instance. The category of AWS EC2 web service is known as Infrastructure as a Service. AWS EC2 can be used for cloud hosting – you can deploy servers as virtual machines (instances) in the cloud.
What Is AWS Lambda?
An event after which your application is executed can be uploading a file to the Amazon S3 bucket, making changes in DynamoDB tables, getting an HTTP request to the API Gateway service, etc. After configuring a function to run when an event occurs, your application will be executed automatically after each new event.
As for classification, Lambda is an implementation of Function as a Service (FaaS) by Amazon. On the table below, you can see the level of management for each service type starting from using physical servers and compare them. The lowest levels (required user management) are marked with a green color and the upper levels (provided provider management) are marked with a blue color. Thus, when using physical servers, you can manage hardware and all upper levels. When using Infrastructure as a service (IaaS) such as AWS EC2, you can manage operating systems on provided virtual machines (EC2 instances). On the Platform as a Service (PaaS) level, you can run your application that must be compiled before running. When using Function as a Service (FaaS) such as AWS Lambda, you don’t need to compile your application – just insert your code in the interface provided by MSP (managed service provider). SaaS (Software as a Service), that is mentioned for comparison in the table, allows you only to use ready-made applications (applications made by vendors) in the cloud by using a thin client or a web browser.
AWS EC2 vs Lambda: Use Cases
AWS EC2 has a wide range of use cases since almost everything can be configured when using this service. The most common use cases of AWS EC2 are:
- Hosting web sites
- Developing and testing applications or complex environments
- High performance computing
- Disaster recovery
General use cases of AWS Lambda:
- Automating tasks
- Processing objects uploaded to Amazon S3
- Real-time log analyzing
- Real-time filtering and transforming data
Let’s consider a particular example. Imagine that your web site uses an Amazon S3 bucket to store web-site content including pictures, videos, audio files, etc. When a new image or video file is uploaded, you need to create a preview image for your web page that is used as a link to a full size image or video file. Creating preview images manually can be a boring and time-consuming task. In this case, you can create a Lambda function that can automatically resize the image based on the uploaded picture, rename that image, and store the target image in the appropriate directory. You can configure the Lambda function to be executed right after the event of uploading the original image file to the Amazon S3 bucket used by your web site.
AWS EC2 vs Lambda: Working Principle
EC2. As you may recall, when using AWS EC2, you operate with virtual machines (VMs) known as EC2 instances. You can add virtual hardware (virtual disks, network interfaces, processors, memory) to an EC2 instance, as well as start, stop, and reboot a VM instance. EC2 instances can work with two storage types – Elastic Block Storage (EBS) and S3 buckets. You can use a pre-configured image with an installed operating system and create your customized Amazon Machine Image (AMI). The EC2 cloud service provides automatic scaling and load balancing. EC2 instances can work in conjunction with most other Amazon web services, such as S3, ECS, Route53, Cloudwatch, etc.
Lambda. When using AWS Lambda, your application (Lambda function) is running in a container that is seamless for you. The container contains code and libraries. Resources are provided by Amazon in accordance with application needs, and scaling is automatic and seamless. You cannot control neither a container running your application nor an EC2 instance on which the container is running (you don’t know anything about them because the underlying infrastructure is unavailable for Amazon Lambda users). Refer to the table above.
AWS Lambda can be considered as a framework of EC2 Container Service (ECS) that uses containers to run a piece of code that represents your application. The life cycle of each container is short. The running Lambda function doesn’t save its state. If you want to save results, they should be kept in some data storage, for example, in an Amazon S3 bucket. It is possible to configure a virtual network for a Lambda function, for example, for connecting to Amazon RDS (Amazon Relational Database Service). Lambda consists of multiple parts: layers, function environment, and a handler. Triggers are Lambda activators. Lambda is one function that is executed by queries from triggers.
The complete list of available triggers:
- API Gateway
- AWS IoT
- Alexa Skills Kit
- Alexa Smart Home
- Application Load Balancer
- CloudWatch Events
- CloudWatch Logs
- Cognito Sync Trigger
API Gateway is a special service that allows developers to connect diverse non-AWS applications to AWS applications and other resources.
AWS EC2 vs Lambda: Versions/Snapshots
EC2. A complex system of snapshots is available for EBS (Elastic Block Storage) volumes of AWS EC2 instances. You can create incremental snapshots and roll back to the needed state of an EC2 instance. Multi-volume snapshots can be used for critical workloads, for example, databases that use multiple EBS volumes.
Lambda. A convenient versioning system is supported for better management of Lambda functions. You can assign a version number to each uploaded copy of code and then add aliases that are pointed to the appropriate code version. Each version number starts from 1 and incrementally goes up. You can categorize Lambda functions to alpha, beta, and production, for example. The Amazon Resource Name is assigned to each Lambda function version when publishing and cannot be changed later.
AWS EC2 vs Lambda: Security
EC2. You should take care of your EC2 instances and all components inside the instances. You can manually configure a firewall for your EC2 instance – Amazon provides VPC (Virtual Private Cloud) Firewall to control traffic and ensure security for EC2 instances in the cloud. You can manually set up and configure antivirus software for your EC2 instances, create IAM roles, specify permissions, create security groups, etc. AWS Systems Manager Patch Manager allows you to install OS updates and security patches automatically. You can configure AWS to take a snapshot before installing a patch or update to prevent possible issues. Create key pairs to access EC2 instances if needed. You should pay more attention to security when using AWS EC2 compared to when using AWS Lambda.
Lambda. There are permissions to AWS services to which Lambda has access by default. The IAM role is used to define services that must be available for a Lambda function. For each Lambda, you should configure the IAM Role on behalf of which Lambda function will be launched. It means that after configuring the IAM role, you will be able to connect your Lambda function to the defined Amazon services without using keys or other authorizing parameters.
It is possible to configure encryption between a Lambda function and S3 as well as between an API gateway and Lambda with a KMS key. When you create a Lambda function, a default encryption key is created. However, the recommendation is to create your own KMS key.
Compared to EC2 instances, Lambda functions don’t require security updates and patches. Underlying containers and operating systems are updated automatically by Amazon. This is the advantage of using Lambda functions in terms of security.
AWS EC2 vs Lambda: Performance and Availability
EC2. After powering on an EC2 instance, the instance runs until you manually stop it or schedule a shutdown task. When an EC2 instance is running, an application is executed near instantly on that instance. You can run as many applications as you want simultaneously if performance of your EC2 instance allows that. Running applications on EC2 instances is a good solution when applications must be run regularly during the entire day.
Lambda. A Lambda function is always available but it is not running all the time. By default, the Lambda function is inactive. When a trigger linked to an event is activated, your application (Lambda function) is started. The maximum time for running the Lambda function (timeout) is limited to 900 seconds (15 minutes). Executing long-running applications in AWS Lambda is not a good idea, accordingly. If you need to run applications that require more than 900 seconds to complete successfully or applications that have a variable execution time, consider using AWS EC2. Another limit for a running Lambda function is the maximum amount of memory that is equal to 3008 MB.
1000 to 3000 Lambda instances can be executed simultaneously, depending on the region. Contact AWS support if you are interested in running more instances simultaneously.
A delay between sending a request and application execution is up to 100 milliseconds for AWS Lambda, unlike applications running on EC2 instances that don’t have such delay. 100ms is not a long time, but for some types of applications, this time can be critical. If your application must download some data from an Amazon S3 bucket, an additional 1 to 3 seconds may be needed before application execution. Keep in mind this delay time when planning to use AWS Lambda to run applications.
The cold startup time is a drawback of Lambda functions. Latency occurs when a function is not executed for a durable period of time, and time is needed to start a container and run the function in Amazon Cloud. Using AWS Lambda for running applications may be a good solution when you have uneven workloads, and applications must be run in different periods of the day with long pauses between application executions.
AWS Lambda vs EC2: Pricing Model
Both EC2 and Lambda cloud services use the pay-as-you-go principle. However, let’s consider details and differences.
EC2. You pay for the time when your AWS EC2 instance is running whether or not the function/application is executed. The price per hour depends on the CPU performance, amount of memory, video card performance, and storage capacity used by the EC2 instance. When you need your function/application to be always available due to a high number of regular requests, using AWS EC2 instances may be more rational financially.
Lambda. You pay for a number of application executions and the time needed to finish execution. The price for each second of running an application depends on the amount of memory provisioned for an application and is $0.00001667 per each Gigabyte-second. The time of application execution is counted from the application’s start to the return of the result or to stop after timeout. Time is rounded up to the nearest number that is multiple of 100ms. When you need on-demand availability, the price for using AWS Lambda to run functions/applications may be better.
AWS EC2 is a service that represents the traditional cloud infrastructure (IaaS) and allows you to run EC2 instances as VMs, configure environments, and run custom applications.
AWS Lambda is the implementation of Function as a Service by Amazon that allows you to run your application without having to worry about underlying infrastructure. AWS Lambda provides you a serverless architecture and allows you to run a piece of code in the cloud after an event trigger is activated. When using AWS Lambda, you have a scalable, small, inexpensive function with version control. You can focus on writing code, not on configuring infrastructure.
If you have calculated that there is a lot of idle time of your application on an EC2 instance that is always running, consider using AWS Lambda with which you don’t need to pay for idle time if there are no requests to run an application. If there is a high number of regular requests to run your application, it may be better to deploy an application on an EC2 instance that is always running.
Using AWS EC2 is good for running high-performance applications, long-running applications, and the applications that must not have a delay at the start time. If you use AWS EC2 instances, don’t forget to back them up to avoid losing your data. NAKIVO Backup & Replication is an all-in-one data protection solution that can protect EC2 instances in addition to VMware vSphere VMs, Hyper-V VMs, and physical servers.