Hello Nico,
many thanks for your detailed feedback.
On 09/07/16 16:38, Nico Kadel-Garcia wrote:
On Thu, Jul 7, 2016 at 8:53 AM, Laurentiu Pancescu lpancescu@gmail.com wrote:
III. "UseDNS no" in sshd_config: this would make connections via ssh faster
this is an old feature, and the "fix" is incomplete. What you really want is "-u0" for sshd set in /etc/sysconfig/sshd.
I assume only the first connection would be affected by the reverse DNS delay, since it would probably be cached afterwards? Based on this assumption, and since Vagrant connects to the VM each time it boots, I performed some measurements with "time vagrant up" (from a powered-off state, after "vagrant halt"). Here are the stats from 10 measurements for each configuration, "UseDNS no" in both cases, but default parameters for sshd, and with -u0 enabled:
mean variance median default 76.7526 8.44587 75.4725 with -u0 75.3307 0.353426 75.3235
The values are in seconds. The big variance in the default case is due to two outliers, 84.559s and 78.41s. The boot time is more predictable with -u0, and we seem to save about 150ms from the boot time.
IV. disable requiretty in /etc/sudoers
I am aware of the security trade-off. As Ken wrote, Ansible apparently doesn't need requiretty to be disabled any more, although their documentation hasn't been updated yet to reflect this. I'm going to leave requiretty as it is, enabled by default.
V. set GRUB_TIMEOUT to 1 or 0
For vagrant images, I can see this. For any system where a developer might need to control grub and select a kernel to roll back to, or switch to single user mode, I'd see it as making the grub selections unavailable. But for Vagrant images? Yeah, makes sense.
At least with the VirtualBox provider, you can have a visible VM by setting v.gui=true in the Vagrantfile. I reduced the grub timeout to 1, instead of 0, to allow for manual intervention if necessary, when debugging boot problems.
Best regards, Laurențiu