Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityConfigure container resource limits with Docker and systemd for production workloads
Learn to set memory, CPU, and I/O limits for Docker containers using both Docker runtime constraints and systemd service limits. Master cgroups v2 integration for bulletproof resource management in production environments.
Configure NGINX rate limiting and DDoS protection with advanced security rules
Set up NGINX rate limiting modules, implement connection limits, and configure geographic blocking to protect your web applications from DDoS attacks and abuse.
Implement Kubernetes workload rightsizing with VPA recommendations and cost analysis
Set up Vertical Pod Autoscaler to automatically optimize resource requests and limits for your Kubernetes workloads. Create cost analysis dashboards to track resource utilization and identify opportunities for rightsizing containers in production clusters.
Configure Kubernetes cluster autoscaler with mixed instance types for cost optimization
Set up Kubernetes cluster autoscaler 1.30 with mixed instance types and spot instances to automatically scale nodes based on demand while minimizing infrastructure costs through intelligent instance selection and workload optimization.
Set up Kubernetes custom metrics autoscaling with Prometheus adapter for application-specific scaling
Configure Prometheus adapter to expose custom application metrics to Kubernetes Horizontal Pod Autoscaler for intelligent scaling based on business metrics like queue depth, response time, and user load instead of basic CPU/memory usage.
Configure SonarQube quality gates and custom rules for enterprise code analysis
Set up SonarQube quality gates with custom conditions and coding rules to enforce enterprise-grade code quality standards. Configure LDAP authentication and integrate with CI/CD pipelines for automated code analysis workflows.
Deploy Envoy-based service mesh in Kubernetes production environment with SSL and observability
Set up a production-ready Envoy service mesh in Kubernetes with mutual TLS authentication, SSL certificate management, and comprehensive observability through Prometheus monitoring and distributed tracing.
Configure Kafka Streams for real-time data processing and analytics
Set up Kafka Streams applications with Java development environment to build real-time data processing pipelines for analytics and monitoring workloads.
Configure Spark Kubernetes Operator with MinIO for cloud-native analytics
Deploy Apache Spark on Kubernetes with the Spark Operator and MinIO object storage for scalable big data processing. Configure RBAC, SSL certificates, and persistent storage for production-ready analytics workloads.
Configure Consul Connect with Kubernetes integration for secure service mesh communication
Set up Consul Connect as a service mesh on Kubernetes with Helm, enabling automatic mTLS encryption, service discovery, and traffic routing between microservices for secure inter-service communication.
Integrate OPA Gatekeeper with ArgoCD for GitOps policy management
Set up Open Policy Agent Gatekeeper with ArgoCD to enforce Kubernetes admission policies through GitOps workflows. This tutorial covers installation, policy template creation, and automated policy enforcement with monitoring.
Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring
Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer