Optimizing LLM Inference in Lambda via EFS and Provisioned Concurrency

October 2, 2025

17 min read

Goh Ling Yong

Technology enthusiast and software architect specializing in AI-driven development tools and modern software engineering practices. Passionate about the intersection of artificial intelligence and human creativity in building tomorrow's digital solutions.

The Core Challenge: LLMs vs. Serverless Ephemerality

Large Language Models (LLMs) and serverless compute, particularly AWS Lambda, appear to be fundamentally at odds. LLMs, with model weights often ranging from 1GB to over 100GB, require significant storage and memory, and have a non-trivial initialization time as the model is loaded onto the GPU/CPU. In contrast, AWS Lambda is designed for short-lived, stateless executions, with constraints on deployment package size, temporary storage, and execution duration.

The primary antagonist in this story is the cold start. An on-demand Lambda invocation on a new or idle function requires AWS to provision an execution environment, download the code, and initialize the runtime. For a typical application, this might add a few hundred milliseconds to a couple of seconds. For an LLM-based application, this process is disastrously slow.

Let's analyze the failure points of conventional Lambda deployment methods for large models:

Bundling in a ZIP Archive: The unzipped code size limit for Lambda is 250 MB. This immediately disqualifies all but the most trivial quantized models.

Bundling in a Container Image: Lambda supports container images up to 10 GB. While this can accommodate smaller LLMs (e.g., distilbert-base-uncased, flan-t5-large), it introduces significant cold start latency. During a cold start, the entire container image (or its layers) must be pulled from ECR. Even with optimizations, pulling several gigabytes of model data over the network is a major performance bottleneck.

Downloading from S3 on Init: A common pattern is to download the model from an S3 bucket into the /tmp directory of the Lambda function during the initialization phase. While /tmp now supports up to 10 GB, this approach still suffers from the download time. A 5 GB model can easily take 30-60 seconds to download from S3, a period for which the end-user is waiting and for which you are being billed.

These limitations make on-demand Lambda invocations for serious LLM inference unviable for any user-facing application. The solution requires decoupling the model's storage from the Lambda execution environment's lifecycle. This is precisely where Amazon EFS (Elastic File System) comes in.

The Architectural Pattern: EFS for Persistent Model Storage

The core of our solution is to treat the LLM as persistent data, not as ephemeral code. We achieve this by storing the model on an EFS file system and mounting that file system directly into our Lambda function's execution environment.

Here’s the high-level architecture:

VPC: Both the EFS file system and the Lambda function must reside within the same Virtual Private Cloud (VPC) to allow communication.

EFS File System: A standard EFS file system is created. The LLM model files are downloaded and placed onto this file system once (e.g., via an EC2 instance or a Fargate task).

EFS Access Point: An access point provides a stable, application-specific entry point into the EFS file system, with a defined root directory and POSIX user/group permissions.

Lambda Function: The Lambda function is configured with the necessary VPC settings and IAM permissions to mount the EFS file system via the access point. The mount path within the Lambda environment is a local directory (e.g., /mnt/model).

This architecture transforms the cold start problem. Instead of downloading gigabytes of data on every cold start, the Lambda function sees the model files as if they were on a local disk. The network download step is completely eliminated from the initialization phase.

Implementation with AWS CDK (TypeScript)

Let's codify this architecture using the AWS Cloud Development Kit (CDK). This provides a repeatable, infrastructure-as-code solution.

typescript

// lib/llm-lambda-stack.ts
import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import * as ec2 from 'aws-cdk-lib/aws-ec2';
import * as efs from 'aws-cdk-lib/aws-efs';
import * as lambda from 'aws-cdk-lib/aws-lambda';
import * as iam from 'aws-cdk-lib/aws-iam';
import { DockerImageCode, DockerImageFunction } from 'aws-cdk-lib/aws-lambda';

export class LlmLambdaStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    // 1. Create a VPC for our Lambda and EFS
    const vpc = new ec2.Vpc(this, 'LlmVpc', {
      maxAzs: 2,
      natGateways: 1,
    });

    // 2. Create the EFS file system
    const fileSystem = new efs.FileSystem(this, 'ModelFileSystem', {
      vpc,
      encrypted: true,
      lifecyclePolicy: efs.LifecyclePolicy.AFTER_14_DAYS, // Example policy
      performanceMode: efs.PerformanceMode.GENERAL_PURPOSE,
      throughputMode: efs.ThroughputMode.BURSTING,
      removalPolicy: cdk.RemovalPolicy.DESTROY, // For demo purposes
    });

    // 3. Create an EFS Access Point
    const accessPoint = fileSystem.addAccessPoint('ModelAccessPoint', {
      path: '/models', // The root directory for our models on EFS
      createAcl: {
        ownerGid: '1001',
        ownerUid: '1001',
        permissions: '750',
      },
      posixUser: {
        gid: '1001',
        uid: '1001',
      },
    });

    // 4. Create the Lambda Function
    const llmInferenceFunction = new DockerImageFunction(this, 'LlmInferenceFunction', {
      code: DockerImageCode.fromImageAsset('./lambda'), // Path to Dockerfile
      memorySize: 4096, // Tune based on model size and performance needs
      timeout: cdk.Duration.minutes(5),
      vpc,
      vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS },
      filesystem: lambda.FileSystem.fromEfsAccessPoint(accessPoint, '/mnt/model'),
      architecture: lambda.Architecture.X86_64, // or ARM_64
      environment: {
        MODEL_PATH: '/mnt/model/flan-t5-large', // Tell the function where to find the model
      },
    });

    // Ensure the function's security group can connect to EFS
    llmInferenceFunction.connections.allowTo(fileSystem, ec2.Port.tcp(2049));

    new cdk.CfnOutput(this, 'FunctionName', {
      value: llmInferenceFunction.functionName,
    });
  }
}

To populate the EFS: You would launch a temporary EC2 instance in the same VPC, mount the EFS, and run a script to download your desired model from a source like Hugging Face Hub.

bash

# On the temporary EC2 instance
sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport fs-xxxxxxxx.efs.us-east-1.amazonaws.com:/ /mnt/efs

sudo mkdir -p /mnt/efs/models
sudo chown 1001:1001 /mnt/efs/models

# Use a python script to download the model
# save_model.py
from transformers import AutoTokenizer, AutoModelForSeq2SeqLM

MODEL_NAME = "google/flan-t5-large"
SAVE_PATH = "/mnt/efs/models/flan-t5-large"

tokenizer = AutoTokenizer.from_pretrained(MODEL_NAME)
model = AutoModelForSeq2SeqLM.from_pretrained(MODEL_NAME)

tokenizer.save_pretrained(SAVE_PATH)
model.save_pretrained(SAVE_PATH)

Tackling the Initialization Cold Start: Provisioned Concurrency

EFS solves the multi-gigabyte download problem, but a new bottleneck emerges: model loading. Even though the model files are available instantly on the mount, the inference framework (e.g., PyTorch, TensorFlow) still needs to read these files from the file system and load the model graph and weights into memory. For a model like flan-t5-large (~3GB), this can still take 10-20 seconds on a Lambda with a decent memory allocation.

This is where Provisioned Concurrency (PC) becomes the critical second piece of our architecture. PC instructs Lambda to pre-initialize a specified number of execution environments and keep them "warm" and ready to serve requests instantly.

The key is to structure your Lambda handler code to perform the expensive model loading operation during the initialization phase (i.e., outside the main handler function). When an environment is provisioned by PC, this initialization code runs once. Subsequent invocations sent to this warm environment skip the initialization and go straight to the inference logic.

Python Lambda Handler with Initialization Logic

Here's how to structure the Python code for the Lambda function. Note the separation between the global scope (initialization) and the handler function (invocation).

python

# lambda/app.py
import os
import time
import logging
from transformers import AutoTokenizer, AutoModelForSeq2SeqLM

# Set up logging
logger = logging.getLogger()
logger.setLevel(logging.INFO)

# ===================================================================
# INITIALIZATION (runs once per provisioned environment)
# ===================================================================

def load_model(model_path: str):
    """Loads the model and tokenizer from the specified EFS path."""
    logger.info(f"Loading model from: {model_path}")
    start_time = time.time()
    
    try:
        tokenizer = AutoTokenizer.from_pretrained(model_path)
        model = AutoModelForSeq2SeqLM.from_pretrained(model_path)
        end_time = time.time()
        logger.info(f"Model loaded successfully in {end_time - start_time:.2f} seconds.")
        return tokenizer, model
    except Exception as e:
        logger.error(f"Error loading model: {e}")
        # This will cause the provisioned concurrency initialization to fail,
        # which is desired behavior. AWS will try to provision another instance.
        raise e

# Get model path from environment variable set in CDK
MODEL_PATH = os.environ.get("MODEL_PATH")
if not MODEL_PATH:
    raise ValueError("MODEL_PATH environment variable not set.")

# Load the model during the initialization phase
TOKENIZER, MODEL = load_model(MODEL_PATH)

# ===================================================================
# INVOCATION HANDLER (runs for every request)
# ===================================================================

def handler(event, context):
    """Handles the inference request."""
    logger.info("Handler invoked")
    
    try:
        # Extract input text from the event
        input_text = event.get('text')
        if not input_text:
            return {
                'statusCode': 400,
                'body': 'Missing "text" field in request body'
            }
        
        logger.info(f"Running inference for: '{input_text}'")
        inference_start_time = time.time()
        
        # Perform inference
        input_ids = TOKENIZER(input_text, return_tensors="pt").input_ids
        outputs = MODEL.generate(input_ids, max_length=100)
        result_text = TOKENIZER.decode(outputs[0], skip_special_tokens=True)
        
        inference_end_time = time.time()
        logger.info(f"Inference completed in {inference_end_time - inference_start_time:.2f} seconds.")

        return {
            'statusCode': 200,
            'body': {
                'generated_text': result_text
            }
        }

    except Exception as e:
        logger.error(f"Error during inference: {e}")
        return {
            'statusCode': 500,
            'body': 'Internal server error during inference'
        }

Configuring Provisioned Concurrency in CDK

To enable PC, we add an alias and provisionedConcurrentExecutions to our Lambda function definition in the CDK stack.

typescript

// In LlmLambdaStack class, after defining the function

// 5. Create an alias and configure Provisioned Concurrency
const alias = new lambda.Alias(this, 'ProdAlias', {
  aliasName: 'prod',
  version: llmInferenceFunction.currentVersion,
});

alias.addAutoScaling({
  minCapacity: 1, // Keep at least 1 instance warm
  maxCapacity: 10, // Scale up to 10 warm instances
}).scaleOnUtilization({
  utilizationTarget: 0.7, // Scale up when PC utilization hits 70%
});

With this configuration, AWS will ensure at least one Lambda environment is always running our initialization code. When an invocation arrives at the prod alias, it is routed to a pre-warmed instance, completely bypassing both the network download and the model loading steps. The result is an invocation latency that is purely the inference time, often in the sub-second to few-second range, which is acceptable for many applications.

Deep Dive: Performance Tuning and Benchmarking

The performance of this system depends on a careful interplay between Lambda memory, EFS configuration, and concurrency settings.

Lambda Memory vs. Model Load Time

In AWS Lambda, memory allocation is directly tied to vCPU power and network bandwidth. More memory means a more powerful CPU. This has a dramatic effect on model loading time from EFS.

Hypothetical Benchmark: flan-t5-large (~3GB) Load Time from EFS

Lambda Memory	vCPUs (approx)	Model Load Time (seconds)
2048 MB	1.25	25 - 35
4096 MB	2.5	12 - 18
8192 MB	5.0	6 - 9
10240 MB	6.0	4 - 6

Conclusion: For the initialization phase, maximizing memory is crucial to reduce the time it takes for a new provisioned concurrency instance to become ready. While this increases the cost of initialization, it happens outside the user request path.

EFS Performance Modes and Throughput

EFS offers several performance and throughput modes that can impact model loading:

* Performance Mode:

* General Purpose: The default, suitable for most workloads, offering the lowest latency for file operations.

* Max I/O: Optimizes for high levels of aggregate throughput and parallel operations, but at the cost of slightly higher file operation latency. For model loading, which is essentially a single, large sequential read operation by one client, General Purpose is almost always the better choice.

* Throughput Mode:

* Bursting: Throughput scales with the amount of data stored. You accrue burst credits when idle and spend them during read/write operations. This is cost-effective for spiky workloads.

* Provisioned: You pay for a fixed amount of throughput (in MiB/s). This is ideal if your bursting throughput is insufficient and model loading is too slow. You can provision just enough throughput to meet your desired initialization time.

* Elastic: Automatically scales throughput up and down based on your workload and you pay for what you use. This can be a good middle ground, offering performance when needed without manual provisioning.

For most LLM use cases where model updates are infrequent, Bursting mode is often sufficient. The initial model load is a one-time burst, and subsequent reads by new PC instances are also bursty.

Latency Comparison

A benchmark of end-to-end latency paints a clear picture:

* On-Demand Cold Start (S3 Download): Network Download (30-60s) + Init (Model Load, 15s) + Invoke (1s) = ~46-76s

* On-Demand Cold Start (EFS Mount): Init (Model Load, 15s) + Invoke (1s) = ~16s

* On-Demand Warm Start (EFS Mount): Invoke (1s) = ~1s

* Provisioned Concurrency (EFS Mount): Invoke (1s) = ~1s (guaranteed)

The EFS+PC pattern is the only one that reliably delivers low-latency responses suitable for production workloads.

Advanced Edge Cases and Production Considerations

Concurrency Spikes and Spillover

What happens if you have N provisioned instances and the N+1th concurrent request arrives? This request will "spill over" and trigger a standard on-demand, cold-start invocation. The user making that request will experience the full EFS model loading latency (~16s in our example).

Mitigation Strategies:

Over-provisioning: Set your minimum PC level slightly higher than your average expected concurrent traffic.

Aggressive Auto-Scaling: Configure the auto-scaling policy for PC to react quickly to increases in traffic. A low utilizationTarget (e.g., 0.5 or 50%) will cause the system to add new warm instances sooner.

Request Queuing: Place an SQS queue in front of the Lambda. This decouples the ingress from the processing, smoothing out traffic spikes. Users might experience slightly higher latency, but they won't hit a massive cold start penalty. This is a good pattern for asynchronous inference tasks.

Model Updates: Blue/Green Deployments

How do you update the model on EFS without causing downtime or inconsistent responses?

Never overwrite a model in place. Instead, use a blue/green strategy:

Upload New Model: Upload the new model version to a separate directory on EFS (e.g., /mnt/model/flan-t5-large-v2).

Create New Lambda Version: Create a new version of your Lambda function. The only change is updating the MODEL_PATH environment variable to point to the new directory (/mnt/model/flan-t5-large-v2).

Update Lambda Alias: Update the prod alias to point to this new Lambda version.

Traffic Shifting: Use AWS CodeDeploy or the Lambda console to perform a weighted traffic shift. You can start by sending 10% of traffic to the new model version, monitor for errors and performance, and gradually increase the weight until 100% of traffic is on the new version. The old provisioned concurrency instances for the old version will automatically be scaled down as traffic moves away.

This process ensures a zero-downtime, safe, and reversible model deployment.

Cost Analysis

This architecture is not free. A senior engineer must analyze the cost trade-offs.

* EFS Storage: Standard storage is relatively cheap (~$0.08/GB-month in us-east-1 for Infrequent Access, which is suitable for models).

* Lambda Provisioned Concurrency: This is the most significant cost. You pay for the memory allocated for the entire time it's provisioned. For a 4096MB function, the PC cost is roughly $0.00000486 per second. For one instance, this is about $12.60 per month to keep it warm 24/7.

* Lambda Invocation: You still pay the standard per-request and GB-second duration fees for actual invocations.

* VPC NAT Gateway: Required for the Lambda to access external services (like Hugging Face Hub if needed). This has a fixed hourly cost plus data processing fees.

Comparison: Compare this to a g4dn.xlarge SageMaker endpoint, which costs ~$0.526/hour, or ~$384 per month. The Lambda/EFS/PC pattern is significantly more cost-effective for applications with intermittent or spiky traffic, as you can scale the warm pool to zero (or a low minimum) during off-peak hours.

Alternative Approaches and Their Trade-offs

* SageMaker Serverless Inference: This is AWS's managed solution for a similar problem. It handles the provisioning and scaling automatically.

* Pros: Simpler to set up, fully managed.

* Cons: Higher cold start times than a pre-warmed PC Lambda (often 5-15 seconds), less control over the underlying environment and dependencies, can be more expensive for sustained traffic.

* Container on Fargate/EKS: For very large models or sustained high traffic, running a container on a service like Fargate or EKS with GPU support might be more cost-effective. You lose the scale-to-zero benefit of serverless but gain more control and potentially better performance for high-throughput scenarios.

The choice depends on your specific latency requirements, traffic patterns, and operational overhead tolerance.

Conclusion

The combination of AWS Lambda with an EFS-mounted model store and Provisioned Concurrency provides a powerful and robust architecture for serving LLM inference with low latency. It directly addresses the fundamental conflict between large, stateful models and ephemeral, stateless compute. By moving the model download and loading phases out of the critical invocation path, we can achieve performance that rivals dedicated endpoints while retaining the scalability and cost-efficiency benefits of serverless. This pattern requires careful consideration of performance tuning, concurrency management, deployment strategies, and cost, but for the right use case, it represents a best-in-class solution for serverless AI.