Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Setup Node.js error tracking with Sentry for production monitoring and debugging
monitoringImplement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityImplement Kubernetes secrets management with HashiCorp Vault integration
Set up HashiCorp Vault with Kubernetes to dynamically inject secrets into pods using the Vault Secrets Operator. This tutorial covers authentication configuration, operator deployment, and automated secret injection with annotations.
Configure Kubernetes secrets management with Vault integration for secure container orchestration
Set up HashiCorp Vault Agent Injector to automatically inject secrets into Kubernetes pods without storing sensitive data in container images or configuration files. This production-grade approach replaces hardcoded secrets with dynamic, secure credential management.
Monitor Kubernetes network policies with Prometheus and Grafana for enhanced cluster security
Set up comprehensive monitoring for Kubernetes network policies using Prometheus and Grafana. Configure CNI metrics collection, create security dashboards, and implement alerting for policy violations and traffic anomalies.
Configure Apache Airflow DAG version control with Git and CI/CD pipelines
Set up Git-based version control for Apache Airflow DAGs with automated CI/CD pipelines for testing and deployment. Implement DAG synchronization, validation workflows, and production-ready deployment strategies.
Configure Vault dynamic secrets for databases with PostgreSQL and MySQL integration
Set up HashiCorp Vault's database secrets engine to automatically generate short-lived credentials for PostgreSQL and MySQL databases, improving security by eliminating static passwords and enabling automated credential rotation.
Set up Grafana Enterprise SSO authentication with LDAP, SAML, and OAuth2 integration
Configure Grafana Enterprise with comprehensive single sign-on authentication supporting LDAP, SAML, and OAuth2 providers. Set up role-based access control with automated team mapping and user provisioning for enterprise environments.
Configure Vault auto-unseal with AWS KMS for high availability secrets management
Set up HashiCorp Vault with AWS KMS auto-unseal to eliminate manual unsealing processes and enable high availability deployments with automatic recovery.
Configure Istio security policies with mutual TLS and authorization for Kubernetes service mesh
Configure mutual TLS authentication and authorization policies in Istio service mesh for secure microservices communication. This tutorial covers PeerAuthentication, AuthorizationPolicy, and RBAC configuration for production Kubernetes environments.
Configure Ansible dynamic inventory for AWS, Azure, and GCP with automated discovery
Set up Ansible dynamic inventory plugins for AWS EC2, Azure VMs, and Google Cloud instances with automated discovery, credential management, and performance optimization across multiple cloud providers.
Configure Ansible dynamic inventory for AWS, Azure, and GCP with automated discovery
Set up Ansible dynamic inventory plugins for AWS EC2, Azure, and Google Cloud Platform to automatically discover and manage cloud resources. This tutorial covers authentication, filtering, and unified inventory management across multiple cloud providers.
Configure Kubernetes network policies with Calico CNI for microsegmentation and security enforcement
Learn to implement advanced network security in Kubernetes using Calico CNI. Configure namespace-based microsegmentation, application-level policies, and comprehensive monitoring for enterprise-grade cluster protection.
Implement Kubernetes Pod Security Standards and admission controllers for policy enforcement
Configure Pod Security Standards with baseline and restricted profiles, deploy OPA Gatekeeper admission controller with custom policies, and implement ValidatingAdmissionWebhooks for comprehensive security enforcement in production Kubernetes clusters.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer