[lxc-users] TTY issue

[Ron Kelley]

> On Nov 20, 2017, at 1:58 AM, Marat Khalili <mkh at rqc.ru> wrote:
> 
> On 19/11/17 22:45, Ron Kelley wrote:
>> In all seriousness, I just ran some tests on my servers to see if SSH is still the bottleneck on rsync.  These servers have dual 10G NICs (linux bond), 3.6GHz CPU, and 32G RAM.  I found some interesting data points:
>> 
>> * Running the command "pv /dev/zero | ssh $REMOTE_SERVER 'cat > /dev/null’” I was able to get about 235MB/sec between two servers with ssh pegged at 100% CPU usage. [...]
>> In the end, rsync over NFS (using 10G networking) is much faster than rsync using SSH keys in my environment.  Maybe your environment is different or you use different ciphers?
> 
> Very good data points. I agree that you can saturate ssh if you have 10G network connection and either SSDs or some expensive HDD arrays on both sides and some sequential data to transfer. If you don't have any of listed items, ssh does not slow down things.
Agreed as well.  In fact, I was a little surprised to see a “typical” server run over 200MB/sec in SSH traffic.  But, to be honest, it has been a while since I have done any sort of ssh speed tests.


> As for not trusting the LAN with unencrypted traffic, I would argue either the security policies are not well enforced or the server uses insecure NFS mount options.  I have no reason not to trust my LAN.
> I was just afraid that someone reading your post would copy-paste your configuration to use over less secure LAN or even WAN. (I admit this is not a big problem for original poster since FTP is not much better in this regard.)
Ah, yes, understood.  If someone is concerned about unencrypted rsync traffic, you could add tighter security options to the rsyncd.conf file and/or use NFSv4 with higher security.


> 
> 
> --
> 
> With Best Regards,
> Marat Khalili
> 
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users