Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityImplement Docker network security with custom bridge networks and container isolation
Secure your Docker deployments by creating isolated custom bridge networks, implementing container segmentation, and configuring network access controls to prevent unauthorized communication between containers.
Set up container runtime security with Falco and Sysdig for threat detection
Configure Falco for runtime security monitoring and Sysdig Agent for container visibility to detect threats in Kubernetes environments. Implement behavioral analysis, custom security rules, and threat detection policies for production container workloads.
Implement Istio security scanning and vulnerability management for Kubernetes service mesh
Set up comprehensive security scanning and vulnerability management for Istio service mesh using Trivy, Falco, and security policies to protect Kubernetes workloads from threats and compliance violations.
Set up Kubernetes container image security scanning with Trivy and admission controllers
Implement automated security scanning for Kubernetes container images using Trivy scanner and admission controllers to block vulnerable images before deployment.
Implement container security with AppArmor and seccomp profiles
Secure your containers with AppArmor mandatory access controls and seccomp system call filtering. Learn to create custom security profiles, implement runtime policies, and monitor container security violations in production environments.
Configure Kubernetes network policies with Calico CNI for container security and microsegmentation
Set up Calico CNI in Kubernetes to implement network policies for pod-to-pod traffic control, create ingress and egress rules for microsegmentation, and test policy enforcement to secure container communication at the network layer.
Implement GitLab CI/CD security scanning for Docker images
Set up automated container vulnerability scanning in GitLab CI/CD pipelines with Trivy and registry integration. Implement security gates, quality controls, and automated reporting for production-ready DevSecOps workflows.
Configure Kubernetes Pod Security Standards with admission controllers for policy enforcement
Learn how to implement Kubernetes Pod Security Standards using built-in admission controllers and OPA Gatekeeper for comprehensive policy enforcement, security compliance, and workload protection in production clusters.
Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring
Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.
Configure Podman image scanning with Trivy security vulnerability detection
Set up automated container image security scanning using Trivy with Podman to detect vulnerabilities, misconfigurations, and security issues before deploying containers to production.
Secure Docker containers with Traefik reverse proxy and Authelia authentication
Set up a production-grade security stack using Traefik v3 reverse proxy with SSL automation and Authelia for multi-factor authentication. This tutorial covers Docker hardening, LDAP integration, and container security monitoring.
Implement container security monitoring with Falco runtime detection
Set up Falco for real-time container security monitoring with runtime threat detection, Kubernetes integration, and automated alerting through Grafana dashboards.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer