mobilize-ssh 1.0.1

data/lib/mobilize-ssh/extensions/net-ssh-gateway.rb

@@ -0,0 +1,33 @@
+class Net::SSH::Gateway
+  def self.run(gname,guser,name,user,command,gopts={},opts={})
+    gateway = self.new(gname,guser,gopts)
+    gateway.ssh(name,user,opts) do |ssh|
+      stderr,stdout = ["",""]
+      ssh.exec!(command) do |ch, stream, data|
+        if stream == :stderr
+          stderr += data
+        else
+          stdout += data
+        end
+      end
+      raise stderr if stderr.length>0
+      return stdout
+    end
+  end
+  def self.sync(gname,guser,name,user,from_path,to_path,gopts={},opts={})
+    gateway = self.new(gname,guser,gopts)
+    gateway.scp(name,user,opts) do |scp|
+      scp.upload!(from_path,to_path,:recursive=>true)
+    end
+    return true
+  end
+  #allow scp through gateway
+  def scp(name, user, opts={}, &block)
+    local_port = open(name, opts[:port] || 22)
+    begin
+      Net::SCP.start("127.0.0.1", user, opts.merge(:port => local_port), &block)
+    ensure
+      close(local_port) if block || $!
+    end
+  end
+end

data/lib/mobilize-ssh/extensions/socket.rb

@@ -0,0 +1,13 @@
+class Socket
+  def Socket.official_hostname
+    begin
+      Socket.gethostbyname(Socket.gethostname).first
+    rescue
+      Socket.gethostname
+    end
+  end
+
+  def Socket.domain_name
+    Socket.official_hostname.split(".")[-2..-1].join(".")
+  end
+end

data/lib/mobilize-ssh/extensions/string.rb

@@ -0,0 +1,5 @@
+class String
+  def to_md5
+    Digest::MD5.hexdigest(self)
+  end
+end

data/lib/mobilize-ssh/handlers/ssh.rb

@@ -0,0 +1,151 @@
+module Mobilize
+  module Ssh
+    def Ssh.config
+      Base.config('ssh')
+    end
+
+    def Ssh.tmp_file_dir
+      Ssh.config['tmp_file_dir']
+    end
+
+    def Ssh.host(node)
+      Ssh.config['nodes'][node]['host']
+    end
+
+    def Ssh.gateway(node)
+      Ssh.config['nodes'][node]['gateway']
+    end
+
+    #determine if current machine is on host domain, needs gateway if one is provided and it is not
+    def Ssh.needs_gateway?(node)
+      host_domain_name = Ssh.host(node)['name'].split(".")[-2..-1].join(".")
+      return true if Ssh.gateway(node) and Socket.domain_name != host_domain_name
+    end
+
+    def Ssh.pop_comm_dir(comm_dir,file_hash)
+      "rm -rf #{comm_dir}".bash
+      file_hash.each do |fname,fdata|
+        fpath = "#{comm_dir}/#{fname}"
+        #for now, only gz is binary
+        binary = fname.ends_with?(".gz") ? true : false
+        #read data from cache, put it in a tmp_file
+        Ssh.tmp_file(fdata,binary,fpath)
+      end
+      return true if file_hash.keys.length>0
+    end
+
+    def Ssh.scp(node,from_path,to_path)
+      name,key,port,user = Ssh.host(node).ie{|h| ['name','key','port','user'].map{|k| h[k]}}
+      key_path = "#{Base.root}/#{key}"
+      opts = {:port=>(port || 22),:keys=>key_path}
+      if Ssh.needs_gateway?(node)
+        gname,gkey,gport,guser = Ssh.gateway(node).ie{|h| ['name','key','port','user'].map{|k| h[k]}}
+        gkey_path = "#{Base.root}/#{gkey}"
+        gopts = {:port=>(gport || 22),:keys=>gkey_path}
+        return Net::SSH::Gateway.sync(gname,guser,name,user,from_path,to_path,gopts,opts)
+      else
+        Net::SCP.start(name,user,opts) do |scp|
+          scp.upload!(from_path,to_path,:recursive=>true)
+        end
+      end
+      return true
+    end
+
+    def Ssh.run(node,command,file_hash=nil,su_user=nil)
+      name,key,port,user = Ssh.host(node).ie{|h| ['name','key','port','user'].map{|k| h[k]}}
+      key_path = "#{Base.root}/#{key}"
+      opts = {:port=>(port || 22),:keys=>key_path}
+      su_user ||= user
+      file_hash ||= {}
+      #make sure the dir for this command is clear
+      comm_md5 = [su_user,node,command,file_hash.keys.to_s].join.to_md5
+      comm_dir = "#{Ssh.tmp_file_dir}#{comm_md5}"
+      #populate comm dir with any files
+      Ssh.pop_comm_dir(comm_dir,file_hash)
+      #move any files up to the node
+      rem_dir = nil
+      if File.exists?(comm_dir)
+        #make sure user starts in rem_dir
+        rem_dir = "#{comm_md5}/"
+        command = ["cd #{rem_dir}",command].join(";")
+        Ssh.scp(node,comm_dir,rem_dir)
+        "rm -rf #{comm_dir}".bash
+        if su_user
+          chown_command = "sudo chown -R #{su_user} #{rem_dir}"
+          Ssh.run(node,chown_command)
+        end
+      end
+      if su_user != user
+        #wrap the command in sudo su -c
+        command = %{sudo su #{su_user} -c "#{command}"}
+      end
+      result = nil
+      #one with gateway, one without
+      if Ssh.needs_gateway?(node)
+         gname,gkey,gport,guser = Ssh.gateway(node).ie{|h| ['name','key','port','user'].map{|k| h[k]}}
+         gkey_path = "#{Base.root}/#{gkey}"
+         gopts = {:port=>(gport || 22),:keys=>gkey_path}
+         result = Net::SSH::Gateway.run(gname,guser,name,user,command,gopts,opts)
+      else
+         Net::SSH.start(name,user,opts) do |ssh|
+           result = ssh.run(command)
+         end
+      end
+      #delete remote dir if necessary
+      if rem_dir
+        del_cmd = "rm -rf #{rem_dir}"
+        if su_user
+          del_cmd = %{sudo su #{su_user} -c "#{del_cmd}"}
+        end
+        Ssh.run(node,del_cmd)
+      end
+      result
+    end
+
+    def Ssh.read(node,path)
+      Ssh.run(node,"cat #{path}")
+    end
+
+    def Ssh.write(node,fdata,to_path,binary=false)
+      from_path = Ssh.tmp_file(fdata,binary)
+      Ssh.scp(node,from_path,to_path)
+      "rm #{from_path}".bash
+      return true
+    end
+
+    def Ssh.tmp_file(fdata,binary=false,fpath=nil)
+      #creates a file under tmp/files with an md5 from the data
+      tmp_file_path = fpath || "#{Ssh.tmp_file_dir}#{(fdata + Time.now.utc.to_f.to_s).to_md5}"
+      write_mode = binary ? "wb" : "w"
+      #make sure folder is created
+      "mkdir -p #{tmp_file_path.split("/")[0..-2].join("/")}".bash
+      #write data to path
+      File.open(tmp_file_path,write_mode) {|f| f.print(fdata)}
+      return tmp_file_path
+    end
+
+    def Ssh.get_file_hash(gsheet_paths,gdrive_slot)
+      file_hash = {}
+      gsheet_paths.map do |gpath|
+        string = Gsheet.find_by_path(gpath,gdrive_slot).to_tsv
+        fname = gpath.split("/").last
+        {fname => string}
+      end.each do |f|
+        file_hash = f.merge(file_hash)
+      end
+      file_hash
+    end
+
+    def Ssh.run_by_task_path(task_path)
+      t = Task.where(:path=>task_path).first
+      params = t.params
+      node, command = [params[0],params[1]]
+      file_hash = if params[2]
+                    gsheet_paths = params[2..-1] if params[2]
+                    gdrive_slot = Gdrive.slot_worker_by_path(task_path)
+                    Ssh.get_file_hash(gsheet_paths,gdrive_slot)
+                  end
+      Ssh.run(node,command,file_hash)
+    end
+  end
+end

data/lib/mobilize-ssh/rakes.rb

@@ -0,0 +1,25 @@
+namespace :mobilize_ssh do
+  desc "Set up config and log folders and files"
+  task :setup do
+    sample_dir = File.dirname(__FILE__) + '/../samples/'
+    sample_files = Dir.entries(sample_dir)
+    config_dir = (ENV['MOBILIZE_CONFIG_DIR'] ||= "config/mobilize/")
+    log_dir = (ENV['MOBILIZE_LOG_DIR'] ||= "log/")
+    full_config_dir = "#{ENV['PWD']}/#{config_dir}"
+    full_log_dir = "#{ENV['PWD']}/#{log_dir}"
+    unless File.exists?(full_config_dir)
+      puts "creating #{config_dir}"
+      `mkdir -p #{full_config_dir}`
+    end
+    unless File.exists?(full_log_dir)
+      puts "creating #{log_dir}"
+      `mkdir -p #{full_log_dir}`
+    end
+    sample_files.each do |fname|
+      unless File.exists?("#{full_config_dir}#{fname}")
+        puts "creating #{config_dir}#{fname}"
+        `cp #{sample_dir}#{fname} #{full_config_dir}#{fname}`
+      end
+    end
+  end
+end

data/lib/mobilize-ssh/version.rb

@@ -0,0 +1,5 @@
+module Mobilize
+  module Ssh
+    VERSION = "1.0.1"
+  end
+end

data/lib/samples/ssh.yml

@@ -0,0 +1,18 @@
+development:
+  tmp_file_dir: "tmp/file/"
+  nodes:
+    dev_node:
+      host: {name: dev-host.com, key: "config/mobilize/ssh_private.key", port: 22, user: host_user}
+      gateway: {name: dev-gateway.com, key: "config/mobilize/ssh_private.key", port: 22, user: gateway_user}
+test:
+  tmp_file_dir: "tmp/file/"
+  nodes:
+    test_node:
+      host: {name: test-host.com, key: "config/mobilize/ssh_private.key", port: 22, user: host_user}
+      gateway: {name: test-gateway.com, key: "config/mobilize/ssh_private.key", port: 22, user: gateway_user}
+production:
+  tmp_file_dir: "tmp/file/"
+  nodes:
+    prod_node:
+      host: {name: prod-host.com, key: "config/mobilize/ssh_private.key", port: 22, user: host_user}
+      gateway: {name: prod-gateway.com, key: "config/mobilize/ssh_private.key", port: 22, user: gateway_user}

data/mobilize-ssh.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'mobilize-ssh/version'
+
+Gem::Specification.new do |gem|
+  gem.name          = "mobilize-ssh"
+  gem.version       = Mobilize::Ssh::VERSION
+  gem.authors       = ["Cassio Paes-Leme"]
+  gem.email         = ["cpaesleme@ngmoco.com"]
+  gem.description   = %q{mobilize-ssh allows you to automate ssh commands and files across hosts}
+  gem.summary       = %q{extend mobilize-base with the ability to run files across hosts}
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($/)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+  gem.add_runtime_dependency "mobilize-base","1.0.4"
+  gem.add_runtime_dependency "net-ssh"
+  gem.add_runtime_dependency "net-scp"
+  gem.add_runtime_dependency "net-ssh-gateway"
+
+end

data/test/code.rb

@@ -0,0 +1,2 @@
+command = File.open("code.sh").read
+puts `#{command}`

data/test/code.sh

@@ -0,0 +1 @@
+tail /var/log/syslog

data/test/mobilize-ssh_test.rb

@@ -0,0 +1,48 @@
+require 'test_helper'
+
+describe "Mobilize" do
+
+  def before
+    puts 'nothing before'
+  end
+
+  # enqueues 4 workers on Resque
+  it "runs integration test" do
+
+    puts "restart workers"
+    Mobilize::Jobtracker.restart_workers!
+
+    gdrive_slot = Mobilize::Gdrive.owner_email
+    puts "create user 'mobilize'"
+    user_name = gdrive_slot.split("@").first
+    u = Mobilize::User.where(:name=>user_name).first
+    r = u.runner
+
+    puts "add test code"
+    rb_code_sheet = Mobilize::Gsheet.find_or_create_by_path("#{r.path.split("/")[0..-2].join("/")}/code.rb",gdrive_slot)
+    rb_code_tsv = File.open("#{Mobilize::Base.root}/test/code.rb").read
+    rb_code_sheet.write(rb_code_tsv)
+
+    sh_code_sheet = Mobilize::Gsheet.find_or_create_by_path("#{r.path.split("/")[0..-2].join("/")}/code.sh",gdrive_slot)
+    sh_code_tsv = File.open("#{Mobilize::Base.root}/test/code.sh").read
+    sh_code_sheet.write(sh_code_tsv)
+
+    jobs_sheet = r.gsheet(gdrive_slot)
+
+    ssh_job_rows = ::YAML.load_file("#{Mobilize::Base.root}/test/ssh_job_rows.yml")
+    jobs_sheet.add_or_update_rows(ssh_job_rows)
+
+    puts "job row added, force enqueued runner, wait 90s"
+    r.enqueue!
+    sleep 90
+
+    puts "update job status and activity"
+    r.update_gsheet(gdrive_slot)
+
+    puts "jobtracker posted data to test sheet"
+    ssh_target_sheet = Mobilize::Gsheet.find_by_path("#{r.path.split("/")[0..-2].join("/")}/test_ssh.out",gdrive_slot)
+
+    assert ssh_target_sheet.to_tsv.length > 100
+  end
+
+end

data/test/redis-test.conf

@@ -0,0 +1,540 @@
+# Redis configuration file example
+
+# Note on units: when memory size is needed, it is possible to specify
+# it in the usual form of 1k 5GB 4M and so forth:
+#
+# 1k => 1000 bytes
+# 1kb => 1024 bytes
+# 1m => 1000000 bytes
+# 1mb => 1024*1024 bytes
+# 1g => 1000000000 bytes
+# 1gb => 1024*1024*1024 bytes
+#
+# units are case insensitive so 1GB 1Gb 1gB are all the same.
+
+# By default Redis does not run as a daemon. Use 'yes' if you need it.
+# Note that Redis will write a pid file in /usr/local/var/run/redis.pid when daemonized.
+daemonize yes
+
+# When running daemonized, Redis writes a pid file in /usr/local/var/run/redis.pid by
+# default. You can specify a custom pid file location here.
+pidfile /usr/local/var/run/redis.pid
+
+# Accept connections on the specified port, default is 6379.
+# If port 0 is specified Redis will not listen on a TCP socket.
+port 9736
+
+# If you want you can bind a single interface, if the bind option is not
+# specified all the interfaces will listen for incoming connections.
+#
+bind 127.0.0.1
+
+# Specify the path for the unix socket that will be used to listen for
+# incoming connections. There is no default, so Redis will not listen
+# on a unix socket when not specified.
+#
+# unixsocket /tmp/redis.sock
+# unixsocketperm 755
+
+# Close the connection after a client is idle for N seconds (0 to disable)
+timeout 0
+
+# Set server verbosity to 'debug'
+# it can be one of:
+# debug (a lot of information, useful for development/testing)
+# verbose (many rarely useful info, but not a mess like the debug level)
+# notice (moderately verbose, what you want in production probably)
+# warning (only very important / critical messages are logged)
+loglevel notice
+
+# Specify the log file name. Also 'stdout' can be used to force
+# Redis to log on the standard output. Note that if you use standard
+# output for logging but daemonize, logs will be sent to /dev/null
+logfile stdout
+
+# To enable logging to the system logger, just set 'syslog-enabled' to yes,
+# and optionally update the other syslog parameters to suit your needs.
+# syslog-enabled no
+
+# Specify the syslog identity.
+# syslog-ident redis
+
+# Specify the syslog facility.  Must be USER or between LOCAL0-LOCAL7.
+# syslog-facility local0
+
+# Set the number of databases. The default database is DB 0, you can select
+# a different one on a per-connection basis using SELECT <dbid> where
+# dbid is a number between 0 and 'databases'-1
+databases 16
+
+################################ SNAPSHOTTING  #################################
+#
+# Save the DB on disk:
+#
+#   save <seconds> <changes>
+#
+#   Will save the DB if both the given number of seconds and the given
+#   number of write operations against the DB occurred.
+#
+#   In the example below the behaviour will be to save:
+#   after 900 sec (15 min) if at least 1 key changed
+#   after 300 sec (5 min) if at least 10 keys changed
+#   after 60 sec if at least 10000 keys changed
+#
+#   Note: you can disable saving at all commenting all the "save" lines.
+#
+#   It is also possible to remove all the previously configured save
+#   points by adding a save directive with a single empty string argument
+#   like in the following example:
+#
+#   save ""
+
+save 900 1
+save 300 10
+save 60 10000
+
+# By default Redis will stop accepting writes if RDB snapshots are enabled
+# (at least one save point) and the latest background save failed.
+# This will make the user aware (in an hard way) that data is not persisting
+# on disk properly, otherwise chances are that no one will notice and some
+# distater will happen.
+#
+# If the background saving process will start working again Redis will
+# automatically allow writes again.
+#
+# However if you have setup your proper monitoring of the Redis server
+# and persistence, you may want to disable this feature so that Redis will
+# continue to work as usually even if there are problems with disk,
+# permissions, and so forth.
+stop-writes-on-bgsave-error yes
+
+# Compress string objects using LZF when dump .rdb databases?
+# For default that's set to 'yes' as it's almost always a win.
+# If you want to save some CPU in the saving child set it to 'no' but
+# the dataset will likely be bigger if you have compressible values or keys.
+rdbcompression yes
+
+# Since verison 5 of RDB a CRC64 checksum is placed at the end of the file.
+# This makes the format more resistant to corruption but there is a performance
+# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
+# for maximum performances.
+#
+# RDB files created with checksum disabled have a checksum of zero that will
+# tell the loading code to skip the check.
+rdbchecksum yes
+
+# The filename where to dump the DB
+dbfilename dump.rdb
+
+# The working directory.
+#
+# The DB will be written inside this directory, with the filename specified
+# above using the 'dbfilename' configuration directive.
+# 
+# Also the Append Only File will be created inside this directory.
+# 
+# Note that you must specify a directory here, not a file name.
+dir ./test/
+
+################################# REPLICATION #################################
+
+# Master-Slave replication. Use slaveof to make a Redis instance a copy of
+# another Redis server. Note that the configuration is local to the slave
+# so for example it is possible to configure the slave to save the DB with a
+# different interval, or to listen to another port, and so on.
+#
+# slaveof <masterip> <masterport>
+
+# If the master is password protected (using the "requirepass" configuration
+# directive below) it is possible to tell the slave to authenticate before
+# starting the replication synchronization process, otherwise the master will
+# refuse the slave request.
+#
+# masterauth <master-password>
+
+# When a slave lost the connection with the master, or when the replication
+# is still in progress, the slave can act in two different ways:
+#
+# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will
+#    still reply to client requests, possibly with out of date data, or the
+#    data set may just be empty if this is the first synchronization.
+#
+# 2) if slave-serve-stale data is set to 'no' the slave will reply with
+#    an error "SYNC with master in progress" to all the kind of commands
+#    but to INFO and SLAVEOF.
+#
+slave-serve-stale-data yes
+
+# You can configure a slave instance to accept writes or not. Writing against
+# a slave instance may be useful to store some ephemeral data (because data
+# written on a slave will be easily deleted after resync with the master) but
+# may also cause problems if clients are writing to it because of a
+# misconfiguration.
+#
+# Since Redis 2.6 by default slaves are read-only.
+#
+# Note: read only slaves are not designed to be exposed to untrusted clients
+# on the internet. It's just a protection layer against misuse of the instance.
+# Still a read only slave exports by default all the administrative commands
+# such as CONFIG, DEBUG, and so forth. To a limited extend you can improve
+# security of read only slaves using 'rename-command' to shadow all the
+# administrative / dangerous commands.
+slave-read-only yes
+
+# Slaves send PINGs to server in a predefined interval. It's possible to change
+# this interval with the repl_ping_slave_period option. The default value is 10
+# seconds.
+#
+# repl-ping-slave-period 10
+
+# The following option sets a timeout for both Bulk transfer I/O timeout and
+# master data or ping response timeout. The default value is 60 seconds.
+#
+# It is important to make sure that this value is greater than the value
+# specified for repl-ping-slave-period otherwise a timeout will be detected
+# every time there is low traffic between the master and the slave.
+#
+# repl-timeout 60
+
+# The slave priority is an integer number published by Redis in the INFO output.
+# It is used by Redis Sentinel in order to select a slave to promote into a
+# master if the master is no longer working correctly.
+#
+# A slave with a low priority number is considered better for promotion, so
+# for instance if there are three slaves with priority 10, 100, 25 Sentinel will
+# pick the one wtih priority 10, that is the lowest.
+#
+# However a special priority of 0 marks the slave as not able to perform the
+# role of master, so a slave with priority of 0 will never be selected by
+# Redis Sentinel for promotion.
+#
+# By default the priority is 100.
+slave-priority 100
+
+################################## SECURITY ###################################
+
+# Require clients to issue AUTH <PASSWORD> before processing any other
+# commands.  This might be useful in environments in which you do not trust
+# others with access to the host running redis-server.
+#
+# This should stay commented out for backward compatibility and because most
+# people do not need auth (e.g. they run their own servers).
+# 
+# Warning: since Redis is pretty fast an outside user can try up to
+# 150k passwords per second against a good box. This means that you should
+# use a very strong password otherwise it will be very easy to break.
+#
+# requirepass foobared
+
+# Command renaming.
+#
+# It is possible to change the name of dangerous commands in a shared
+# environment. For instance the CONFIG command may be renamed into something
+# of hard to guess so that it will be still available for internal-use
+# tools but not available for general clients.
+#
+# Example:
+#
+# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
+#
+# It is also possible to completely kill a command renaming it into
+# an empty string:
+#
+# rename-command CONFIG ""
+
+################################### LIMITS ####################################
+
+# Set the max number of connected clients at the same time. By default
+# this limit is set to 10000 clients, however if the Redis server is not
+# able ot configure the process file limit to allow for the specified limit
+# the max number of allowed clients is set to the current file limit
+# minus 32 (as Redis reserves a few file descriptors for internal uses).
+#
+# Once the limit is reached Redis will close all the new connections sending
+# an error 'max number of clients reached'.
+#
+# maxclients 10000
+
+# Don't use more memory than the specified amount of bytes.
+# When the memory limit is reached Redis will try to remove keys
+# accordingly to the eviction policy selected (see maxmemmory-policy).
+#
+# If Redis can't remove keys according to the policy, or if the policy is
+# set to 'noeviction', Redis will start to reply with errors to commands
+# that would use more memory, like SET, LPUSH, and so on, and will continue
+# to reply to read-only commands like GET.
+#
+# This option is usually useful when using Redis as an LRU cache, or to set
+# an hard memory limit for an instance (using the 'noeviction' policy).
+#
+# WARNING: If you have slaves attached to an instance with maxmemory on,
+# the size of the output buffers needed to feed the slaves are subtracted
+# from the used memory count, so that network problems / resyncs will
+# not trigger a loop where keys are evicted, and in turn the output
+# buffer of slaves is full with DELs of keys evicted triggering the deletion
+# of more keys, and so forth until the database is completely emptied.
+#
+# In short... if you have slaves attached it is suggested that you set a lower
+# limit for maxmemory so that there is some free RAM on the system for slave
+# output buffers (but this is not needed if the policy is 'noeviction').
+#
+# maxmemory <bytes>
+
+# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
+# is reached? You can select among five behavior:
+# 
+# volatile-lru -> remove the key with an expire set using an LRU algorithm
+# allkeys-lru -> remove any key accordingly to the LRU algorithm
+# volatile-random -> remove a random key with an expire set
+# allkeys-random -> remove a random key, any key
+# volatile-ttl -> remove the key with the nearest expire time (minor TTL)
+# noeviction -> don't expire at all, just return an error on write operations
+# 
+# Note: with all the kind of policies, Redis will return an error on write
+#       operations, when there are not suitable keys for eviction.
+#
+#       At the date of writing this commands are: set setnx setex append
+#       incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
+#       sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
+#       zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
+#       getset mset msetnx exec sort
+#
+# The default is:
+#
+# maxmemory-policy volatile-lru
+
+# LRU and minimal TTL algorithms are not precise algorithms but approximated
+# algorithms (in order to save memory), so you can select as well the sample
+# size to check. For instance for default Redis will check three keys and
+# pick the one that was used less recently, you can change the sample size
+# using the following configuration directive.
+#
+# maxmemory-samples 3
+
+############################## APPEND ONLY MODE ###############################
+
+# By default Redis asynchronously dumps the dataset on disk. This mode is
+# good enough in many applications, but an issue with the Redis process or
+# a power outage may result into a few minutes of writes lost (depending on
+# the configured save points).
+#
+# The Append Only File is an alternative persistence mode that provides
+# much better durability. For instance using the default data fsync policy
+# (see later in the config file) Redis can lose just one second of writes in a
+# dramatic event like a server power outage, or a single write if something
+# wrong with the Redis process itself happens, but the operating system is
+# still running correctly.
+#
+# AOF and RDB persistence can be enabled at the same time without problems.
+# If the AOF is enabled on startup Redis will load the AOF, that is the file
+# with the better durability guarantees.
+#
+# Please check http://redis.io/topics/persistence for more information.
+
+appendonly no
+
+# The name of the append only file (default: "appendonly.aof")
+# appendfilename appendonly.aof
+
+# The fsync() call tells the Operating System to actually write data on disk
+# instead to wait for more data in the output buffer. Some OS will really flush 
+# data on disk, some other OS will just try to do it ASAP.
+#
+# Redis supports three different modes:
+#
+# no: don't fsync, just let the OS flush the data when it wants. Faster.
+# always: fsync after every write to the append only log . Slow, Safest.
+# everysec: fsync only one time every second. Compromise.
+#
+# The default is "everysec" that's usually the right compromise between
+# speed and data safety. It's up to you to understand if you can relax this to
+# "no" that will let the operating system flush the output buffer when
+# it wants, for better performances (but if you can live with the idea of
+# some data loss consider the default persistence mode that's snapshotting),
+# or on the contrary, use "always" that's very slow but a bit safer than
+# everysec.
+#
+# More details please check the following article:
+# http://antirez.com/post/redis-persistence-demystified.html
+#
+# If unsure, use "everysec".
+
+# appendfsync always
+appendfsync everysec
+# appendfsync no
+
+# When the AOF fsync policy is set to always or everysec, and a background
+# saving process (a background save or AOF log background rewriting) is
+# performing a lot of I/O against the disk, in some Linux configurations
+# Redis may block too long on the fsync() call. Note that there is no fix for
+# this currently, as even performing fsync in a different thread will block
+# our synchronous write(2) call.
+#
+# In order to mitigate this problem it's possible to use the following option
+# that will prevent fsync() from being called in the main process while a
+# BGSAVE or BGREWRITEAOF is in progress.
+#
+# This means that while another child is saving the durability of Redis is
+# the same as "appendfsync none", that in practical terms means that it is
+# possible to lost up to 30 seconds of log in the worst scenario (with the
+# default Linux settings).
+# 
+# If you have latency problems turn this to "yes". Otherwise leave it as
+# "no" that is the safest pick from the point of view of durability.
+no-appendfsync-on-rewrite no
+
+# Automatic rewrite of the append only file.
+# Redis is able to automatically rewrite the log file implicitly calling
+# BGREWRITEAOF when the AOF log size will growth by the specified percentage.
+# 
+# This is how it works: Redis remembers the size of the AOF file after the
+# latest rewrite (or if no rewrite happened since the restart, the size of
+# the AOF at startup is used).
+#
+# This base size is compared to the current size. If the current size is
+# bigger than the specified percentage, the rewrite is triggered. Also
+# you need to specify a minimal size for the AOF file to be rewritten, this
+# is useful to avoid rewriting the AOF file even if the percentage increase
+# is reached but it is still pretty small.
+#
+# Specify a percentage of zero in order to disable the automatic AOF
+# rewrite feature.
+
+auto-aof-rewrite-percentage 100
+auto-aof-rewrite-min-size 64mb
+
+################################ LUA SCRIPTING  ###############################
+
+# Max execution time of a Lua script in milliseconds.
+#
+# If the maximum execution time is reached Redis will log that a script is
+# still in execution after the maximum allowed time and will start to
+# reply to queries with an error.
+#
+# When a long running script exceed the maximum execution time only the
+# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
+# used to stop a script that did not yet called write commands. The second
+# is the only way to shut down the server in the case a write commands was
+# already issue by the script but the user don't want to wait for the natural
+# termination of the script.
+#
+# Set it to 0 or a negative value for unlimited execution without warnings.
+lua-time-limit 5000
+
+################################## SLOW LOG ###################################
+
+# The Redis Slow Log is a system to log queries that exceeded a specified
+# execution time. The execution time does not include the I/O operations
+# like talking with the client, sending the reply and so forth,
+# but just the time needed to actually execute the command (this is the only
+# stage of command execution where the thread is blocked and can not serve
+# other requests in the meantime).
+# 
+# You can configure the slow log with two parameters: one tells Redis
+# what is the execution time, in microseconds, to exceed in order for the
+# command to get logged, and the other parameter is the length of the
+# slow log. When a new command is logged the oldest one is removed from the
+# queue of logged commands.
+
+# The following time is expressed in microseconds, so 1000000 is equivalent
+# to one second. Note that a negative number disables the slow log, while
+# a value of zero forces the logging of every command.
+slowlog-log-slower-than 10000
+
+# There is no limit to this length. Just be aware that it will consume memory.
+# You can reclaim memory used by the slow log with SLOWLOG RESET.
+slowlog-max-len 128
+
+############################### ADVANCED CONFIG ###############################
+
+# Hashes are encoded using a memory efficient data structure when they have a
+# small number of entries, and the biggest entry does not exceed a given
+# threshold. These thresholds can be configured using the following directives.
+hash-max-ziplist-entries 512
+hash-max-ziplist-value 64
+
+# Similarly to hashes, small lists are also encoded in a special way in order
+# to save a lot of space. The special representation is only used when
+# you are under the following limits:
+list-max-ziplist-entries 512
+list-max-ziplist-value 64
+
+# Sets have a special encoding in just one case: when a set is composed
+# of just strings that happens to be integers in radix 10 in the range
+# of 64 bit signed integers.
+# The following configuration setting sets the limit in the size of the
+# set in order to use this special memory saving encoding.
+set-max-intset-entries 512
+
+# Similarly to hashes and lists, sorted sets are also specially encoded in
+# order to save a lot of space. This encoding is only used when the length and
+# elements of a sorted set are below the following limits:
+zset-max-ziplist-entries 128
+zset-max-ziplist-value 64
+
+# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
+# order to help rehashing the main Redis hash table (the one mapping top-level
+# keys to values). The hash table implementation Redis uses (see dict.c)
+# performs a lazy rehashing: the more operation you run into an hash table
+# that is rehashing, the more rehashing "steps" are performed, so if the
+# server is idle the rehashing is never complete and some more memory is used
+# by the hash table.
+# 
+# The default is to use this millisecond 10 times every second in order to
+# active rehashing the main dictionaries, freeing memory when possible.
+#
+# If unsure:
+# use "activerehashing no" if you have hard latency requirements and it is
+# not a good thing in your environment that Redis can reply form time to time
+# to queries with 2 milliseconds delay.
+#
+# use "activerehashing yes" if you don't have such hard requirements but
+# want to free memory asap when possible.
+activerehashing yes
+
+# The client output buffer limits can be used to force disconnection of clients
+# that are not reading data from the server fast enough for some reason (a
+# common reason is that a Pub/Sub client can't consume messages as fast as the
+# publisher can produce them).
+#
+# The limit can be set differently for the three different classes of clients:
+#
+# normal -> normal clients
+# slave  -> slave clients and MONITOR clients
+# pubsub -> clients subcribed to at least one pubsub channel or pattern
+#
+# The syntax of every client-output-buffer-limit directive is the following:
+#
+# client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
+#
+# A client is immediately disconnected once the hard limit is reached, or if
+# the soft limit is reached and remains reached for the specified number of
+# seconds (continuously).
+# So for instance if the hard limit is 32 megabytes and the soft limit is
+# 16 megabytes / 10 seconds, the client will get disconnected immediately
+# if the size of the output buffers reach 32 megabytes, but will also get
+# disconnected if the client reaches 16 megabytes and continuously overcomes
+# the limit for 10 seconds.
+#
+# By default normal clients are not limited because they don't receive data
+# without asking (in a push way), but just after a request, so only
+# asynchronous clients may create a scenario where data is requested faster
+# than it can read.
+#
+# Instead there is a default limit for pubsub and slave clients, since
+# subscribers and slaves receive data in a push fashion.
+#
+# Both the hard or the soft limit can be disabled just setting it to zero.
+client-output-buffer-limit normal 0 0 0
+client-output-buffer-limit slave 256mb 64mb 60
+client-output-buffer-limit pubsub 32mb 8mb 60
+
+################################## INCLUDES ###################################
+
+# Include one or more other config files here.  This is useful if you
+# have a standard template that goes to all Redis server but also need
+# to customize a few per-server settings.  Include files can include
+# other files, so use this wisely.
+#
+# include /path/to/local.conf
+# include /path/to/other.conf