On Sat, Oct 26, 2024 at 12:06:12AM +0900, Nico Schottelius via Postfix-users
wrote:
> The maps/hashes that make a lot of sense on VMs/servers for avoiding
> reloading postfix, do not make much sense in the k8s/container context.
Restarts are much more disruptive that reloads, because the entire
active queue moves back to the incoming queue, client connections are
closed abruptly, ... It is not clear why k8s makes that a non-issue.
> Instead of reparsing something, a container can be fully restarted.
But this is not a good way to routinely update some tables in a running
Postix.
> The above postfix runs with TLS enabled with receiving certificates from
> the cert manager. Automatic restart on certificate change is not yet
> implemented.
Postfix does not need to be reloaded or restarted when certificates
change, the processes that use the certificate files are ephemeral, age
out, and their replacements will read the latest certificate files. If
you're using SNI, with an indexed DB backend, then of course (as with
other tables), you'll need to rebuild those, again does not require
either a reload or restart.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
