Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityConfigure Kubernetes secrets management with Sealed Secrets for secure Helm values
Learn to implement Sealed Secrets controller for encrypting Kubernetes secrets in Git repositories, enabling secure GitOps workflows with encrypted Helm values and automated secret management.
Integrate HashiCorp Vault with Kubernetes secrets management for secure container orchestration
Configure HashiCorp Vault integration with Kubernetes using the Vault CSI driver and Secrets Operator for automated secret injection and synchronization. This setup enables secure secret management for containerized applications with dynamic secret rotation and policy-based access controls.
Configure Kubernetes External DNS for automatic DNS record management with cloud providers
Set up External DNS controller to automatically create and manage DNS records for your Kubernetes services and ingresses. This tutorial covers installation, cloud provider integration, and security configuration for production-ready DNS automation.
Configure Tailscale with Kubernetes cluster networking integration
Set up Tailscale mesh VPN with Kubernetes cluster integration for secure pod-to-pod communication, subnet routing, and service discovery across distributed nodes.
Implement Kubernetes cluster autoscaler for automatic node scaling
Configure Kubernetes cluster autoscaler to automatically add and remove worker nodes based on pod resource demands. This tutorial covers cloud provider integration, scaling policies, and monitoring for production-grade horizontal scaling.
Configure Kubernetes pod disruption budgets for high availability with policy enforcement
Learn to configure PodDisruptionBudget resources in Kubernetes to maintain application availability during voluntary disruptions. This tutorial covers creating disruption budgets, implementing policies for different workload types, and monitoring disruption events with kubectl.
Setup Kubernetes Ingress NGINX with cert-manager for automated SSL certificates
Learn to deploy NGINX Ingress Controller with cert-manager for automatic SSL certificate provisioning and renewal using Let's Encrypt in production Kubernetes clusters.
Configure Kubernetes network policies with Calico CNI for microsegmentation and security enforcement
Learn to implement advanced network security in Kubernetes using Calico CNI. Configure namespace-based microsegmentation, application-level policies, and comprehensive monitoring for enterprise-grade cluster protection.
Implement Kubernetes network policies with Calico CNI and OPA Gatekeeper for security enforcement
Secure your Kubernetes cluster with Calico CNI network policies and OPA Gatekeeper admission control. This tutorial shows you how to implement pod isolation, policy enforcement, and admission validation for production-grade security.
Integrate SonarQube with Kubernetes security scanning workflows for continuous code quality analysis
Set up SonarQube scanner in Kubernetes pods with admission controllers for automated security scanning. Configure CI/CD pipeline integration and security reporting for continuous code quality analysis in containerized environments.
Implement Kubernetes admission controllers with OPA Gatekeeper for policy enforcement
Set up OPA Gatekeeper admission controllers to enforce security policies, resource governance, and compliance rules across your Kubernetes cluster with custom constraint templates.
Implement Cilium Tetragon runtime security for Kubernetes with eBPF monitoring and threat detection
Deploy Cilium Tetragon for advanced runtime security monitoring in Kubernetes clusters using eBPF technology. Configure security policies, threat detection rules, and real-time monitoring with Grafana dashboards for comprehensive container protection.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer