sentinel-proxy: Spread cert checks/renewals across 12-hour period

The current configuration checks Sentinel certificates (and renews them eventually) twice a day at exact times. It leads to sharp load peeks on the ca server and other parts of the Sentinel cert infrastructure. This patch utilizes RANDOM_DELAY in the cron configuration to spread the load across the whole 12-hour period. This delay (0 - 719 minutes) is determined when the cron daemon starts and is kept during its operation (thus it can be predicted when the check occurs).

sentinel-proxy: Spread cert checks/renewals across 12-hour period
debfaaa4 · Lukas Jelinek · Michal Hrusecky · 631289bc · debfaaa4
Verified Commit debfaaa4 authored 1 year ago by Lukas Jelinek Committed by Michal Hrusecky 1 year ago
--- a/collect/sentinel/sentinel-proxy/files/renew.cron
+++ b/collect/sentinel/sentinel-proxy/files/renew.cron
 ## crontab
 #

+# Random delay to spread checks/renewals across whole periods
+RANDOM_DELAY=719
+
 # Periodically check and renew Sentinel:Proxy certificate
-42 */12 * * * root sentinel-certgen certs --hooks-dir /usr/libexec/sentinel/renew_hooks.d
+0 */12 * * * root sentinel-certgen certs --hooks-dir /usr/libexec/sentinel/renew_hooks.d