Let's Encrypt gets a lot of traffic, as you might imagine, but it's usually fairly spread out except for some notable peaks.
We've had some overload issues at the biggest peak throughout June at midnight (00:00) UTC, and it lasts for 15-20 seconds. We're working on various projects to scale and improve that, but those may take some time and it would be helpful to move load away from that peak.
We've identified a particular client, lego-cli, which appears to be used in some of the biggest spike. The lego-cli authors have helpfully added a random sleep to help smooth it out which will be great when people upgrade. And be sure to check out the graph linked in that issue to see the scale of the spikes.
We suspect there's some software package that's shipping lego-cli as a cronjob or similar which is running every day at midnight, utc. However, I haven't been able to find what that is. It must be popular however, for the wide variety of domains we're seeing in these load spikes. Do you know what that might be? Any leads would be helpful here.
If you're an author of a software package, or an administrator of a system, please don't schedule jobs to run exactly at midnight. It'll be less reliable for you, and cause me more pain!