diff --git a/source/resources/apps/redis/forksand-redis-setup b/source/resources/apps/redis/forksand-redis-setup
index bc61067..564a372 100755
--- a/source/resources/apps/redis/forksand-redis-setup
+++ b/source/resources/apps/redis/forksand-redis-setup
@@ -50,3 +50,62 @@ vim /etc/redis/redis.conf
 -bind 127.0.0.1 ::1
 +bind 127.0.0.1
 
+
+# Set up firewall:
+# Redis Access Ports
+-A INPUT -p tcp --dport  6379 -j ACCEPT
+-A INPUT -p tcp --dport 16379 -j ACCEPT
+# Sentinel
+-A INPUT -p tcp --dport 26379 -j ACCEPT
+# Cluster
+-A INPUT -p tcp --dport 30001 -j ACCEPT
+
+cd /etc ; git add . ; git commit -a -m "Setup firewall for redis"
+
+# Change /etc/redis/redis.conf like this (using appropriate IP/name):
+bind 10.62.1.41
+cluster-enabled yes
+cluster-config-file redis1.conf
+cluster-node-timeout 15000
+cluster-slave-validity-factor 0
+cluster-migration-barrier 1
+cluster-require-full-coverage no
+
+
+# Change /etc/redis/sentinel.conf like this (using appropriate IP):
+bind 10.62.1.41
+protected-mode no
+sentinel monitor mymaster 10.62.1.41 6379 2
+
+
+cd /etc ; git add . ; git commit -a -m "Configure redis cluster"
+
+# Install ruby deps for cluster creation script:
+apt install ruby
+gem install redis
+cd /etc ; git add . ; git commit -a -m "Install ruby"
+
+# XXX create cluster, run on one node, redis1:
+/usr/share/doc/redis-tools/examples/redis-trib.rb create --replicas 1 10.62.1.41:6379 10.62.1.42:6379 \
+10.62.1.43:6379 10.62.1.44:6379 10.62.1.45:6379 10.62.1.46:6379
+
+# If creation fails with:
+[ERR] Node 10.62.1.41:6379 is not empty. Either the node already knows other nodes (check with CLUSTER NODES) or contains some key in database 0.
+# Run:
+systemctl stop redis-sentinel
+systemctl stop redis-server
+rm /var/lib/redis/dump.rdb
+rm /var/lib/redis/redis*.conf
+systemctl start redis-server
+systemctl start redis-sentinel
+# flushdb if necessary
+
+############ System tweaks ######################
+# XXX set in sysctl.conf
+echo never > /sys/kernel/mm/transparent_hugepage/enabled
+
+475:M 18 Jul 20:32:45.616 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
+
+475:M 18 Jul 20:32:45.616 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
+
+
diff --git a/source/resources/apps/sharkfork-bootstrap/forksand-sf-005-bootstrap b/source/resources/apps/sharkfork-bootstrap/forksand-sf-005-bootstrap
index 7be826f..21defd7 100755
--- a/source/resources/apps/sharkfork-bootstrap/forksand-sf-005-bootstrap
+++ b/source/resources/apps/sharkfork-bootstrap/forksand-sf-005-bootstrap
@@ -79,10 +79,12 @@ apt-get -y --download-only install					\
 	debian-archive-keyring						\
 	exuberant-ctags							\
 	git								\
+	haveged								\
 	host								\
 	less								\
 	locales								\
 	lsb-release							\
+	lshw								\
 	man-db								\
 	manpages							\
 	molly-guard							\
@@ -111,10 +113,12 @@ DEBIAN_FRONTEND=noninteractive apt-get -y 				\
 	debian-archive-keyring						\
 	exuberant-ctags							\
 	git								\
+	haveged								\
 	host								\
 	less								\
 	locales								\
 	lsb-release							\
+	lshw								\
 	man-db								\
 	manpages							\
 	molly-guard							\
diff --git a/source/resources/spreadsheets/sharkfork.ods b/source/resources/spreadsheets/sharkfork.ods
index 93eb96f..fc25508 100644
Binary files a/source/resources/spreadsheets/sharkfork.ods and b/source/resources/spreadsheets/sharkfork.ods differ