Closed simonswine closed 6 years ago
@jsha @cpu this PR hasn't actually made it out to a release of kube-lego yet. We should be able to roll this, and #325 out fairly soon.
Realistically, based on the design of kube-lego, I imagine it is the tool causing the most requests (as it recreates a new authorization on every sync iteration).
I don't think we're going to be able to redesign the way kube-lego is designed this substantially, so if it's a persistent issue I think our best bet is to change these default backoff parameters/multipliers. We can then push more users across to cert-manager, where we can build out proper testing (as suggested by @jsha) for this (plus, make improvements to the order flow 😄)
Thanks for the note! I hadn't seen this previously. I do think changing these defaults is a good idea. Mainly, LEGO_EXPONENTIAL_BACKOFF_MAX_ELAPSED_TIME
should be 24h. Thanks!
Supersedes #206 #284