I use certbot for auto renew my certificates.
And in the cron task I noticed “random slep”:
0 */12 * * * test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew
Can anyone explain me why need this random slep?
the answer is simple.
It’s not a good idea if 1000 clients start to create a certificate on 00:00, 01:00 etc.
So a random sleep is added.
If not, there exists the potential for thousands, if not millions, of systems to attempt to renew at the exact same time.
[creates a self-imposed denial of service - twice a day - or at the top of each hour - many time zones]
Thank you so much for your reply
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.