The redis backend stores serials sharded by issuer and expiry date, but aggregate-known concatenates all serials from a single issuer into an in-memory buffer before writing them out to disk. Since enrolling Let's Encrypt, this has caused some OOM failures in our production instance. Let's stream the serials to disk as we read shards.
The redis backend stores serials sharded by issuer and expiry date, but aggregate-known concatenates all serials from a single issuer into an in-memory buffer before writing them out to disk. Since enrolling Let's Encrypt, this has caused some OOM failures in our production instance. Let's stream the serials to disk as we read shards.