What a lease is
A lease is a lock with an expiry. The grantor hands ownership for a fixed duration. If the holder does not renew before the deadline, the lease lapses and the resource is free again. This removes the need to detect crashes precisely.
Renewal and clock skew
The holder runs a background renewer that extends the lease well before expiry. A safe design assumes the grantor clock and the holder clock may differ.
- The holder should treat the lease as expired earlier than the grantor does, leaving a safety margin.
- The grantor should not reissue until it is certain the old lease is truly gone.
This asymmetry, where the holder is pessimistic and the grantor is patient, prevents two parties from believing they own the same lease at once.
Trade offs
- Short TTL means fast recovery but heavy renewal traffic.
- Long TTL means cheap renewals but slow failover when a holder dies.
Key idea
A lease is self healing ownership: pick a TTL that balances renewal cost against failover speed, and give the holder a margin against clock skew.