During boot, the kernel logs are displayed on the console. As the kernel logs are meant to be restricted to root (kernel.dmesg_restrict=1), this should probably be disabled.
Setting kernel.printk=3 3 3 3 with sysctl configures it so only really important errors will be displayed.
This can improve boot and shutdown speed too. I've noticed that performance improves significantly after setting this.
dmesg --console-off does not do the trick.
I still see some logs after running that. Changing the kernel.printk sysctl hides more. I can still see some logs even with changing kernel.printk as it starts displaying logs before systemd-sysctl is executed.
The only way around that would be setting kernel.printk in the initramfs, before systemd has started if it’s even possible.
Setting kernel.printk = 3 3 3 3 was implemented in /etc/sysctl.d/30_security-misc.conf and it is being set initramfs before systemd has started using /etc/initramfs-tools/scripts/init-bottom/sysctl-initramfs.