This message was deleted.

30s sounds like a DNS timeout.. ensure all your DNS names are resolvable by Puppet

OK, I’ll look into it, it may well be a lead.

and maybe prune your CRL if its huge

the DNS timeout could have been a lead. but the names i am trying to resolve are resolvable instantly. I don’t think that’s the problem. regarding CRLs: since this is a server that has been built from scratch, the list is almost empty 😔 I did a disk write test (with dd) to rule out this problem. and the v7 server is faster (almost 2x faster) The only thing I can see that may be causing the problem is that I have installed some focal pkgs under jammy.

# cat /etc/issue
Ubuntu 22.04.1 LTS \n \l

# dpkg -l |grep puppet
ii  puppet-agent                          7.20.0-1jammy                           amd64        The Puppet Agent package contains all of the elements needed to run puppet, including ruby, facter, and hiera.
ii  puppetserver                          7.9.2-1focal                            all          Puppet Labs puppetserver

that's a quite bad idea

nope. no, debug available.

Unknown flag or argument `--debug`

does the focal puppetserver package run fine on a jammy os without issue?

I really dont recommend doing it :D

The cert cleanup slowness in particular won’t benefit from Jammy packages in any way, the problem comes down to the new api code, not the operating system librairies… my guess

I wasn't able to reproduce this in any of the puppet 7 environments I manage

mh. yeah. I can imagine. .. it’s something i need to look at.

there's a logback.xml for puppetserver, where you can switch the loglevel to debug. I suggest to do that and then check the puppetserver.log