However, convert this POC into production ready code proves to be challenging. My lambda randomly exists prematurely, but when run again it sometimes works, sometimes not. It seems like there is some sort of race condition going on. Since it works fine without field level encryption, my best guess is, that the mongocryptd process is not fully up and running.
Has anyone had success in integrating automatic FLE with lambda?
How can I configure the mongocryptd process in a way that it offers some basic debug logs, so I can see the point of failure?
I know that according to the mongo docs one should set context.callbackWaitsForEmptyEventLoop = false; and cache connections (in order to not flood the cluster with unused connections). But I wonder: Does this create problems with hanging mongocryptd processed?
Generally it seems the mongocryptd approach favors a “tranditional” approach of a long running process. What would be the advice for using it in ephemeral function containers (like lambda, Google Cloud functions, etc.)
Sometime the error is MongoServerSelectionError: connect ECONNREFUSED 127.0.0.1:27020 at Timeout._onTimeout, but most of the error are "MongoError","errorMessage":"Current topology does not support sessions" which is strange as I am on an Atlas cluster 4.4 with MongoDB Driver 3.6
The spawning function does not wait until the process is up, it merely waits until the spawning of the process has been handed off by Node to the OS land. At least to my understanding of how the node event queue works. This can create a race condition where the driver tries to connect to the cluster while the mongocryptd process is not ready to accept connections yet. In my case it sometimes did, sometimes not.
I detailed a fix in the article above (at the very bottom), but it is not pretty and I would love to hear from the devs.
Thanks for sharing the knowledge and also raising an issue relating to libmongocrypt. There is now a spec discussion changes to accommodate this (default timeout value).
Please see NODE-2794 for more information. Feel free to upvote/watch the issue ticket to receive notifications on the ticket.
Apologies for that, as the ticket is linked to your reported ticket NODE-2794 you should be able to receive notifications on the progress. The ticket is linked as a dependency.