Spread Sentinel cert checks/renewals across 12-hour period (!1084) · Merge requests · Turris / Turris OS / Turris OS packages

Lukas Jelinek requested to merge feature/sentinel-certgen-spread into master Jun 26, 2023

The current configuration checks Sentinel certificates (and renews them eventually) twice a day at exact times. It leads to sharp load peeks on the ca server and other parts of the Sentinel cert infrastructure. This patch utilizes RANDOM_DELAY in the cron configuration to spread the load across the whole 12-hour period. This delay (0 - 719 minutes) is determined when the cron daemon starts and is kept during its operation (thus it can be predicted when the check occurs).

This randomization is a part of #487.

Admin message

Admin message

Spread Sentinel cert checks/renewals across 12-hour period

Merge request reports