Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure TimescaleDB with PostgreSQL for high-performance time-series data
databasesRecently published
Configure Consul Connect service mesh monitoring with distributed tracing
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
devopsImplement Deno microservices architecture with service discovery and load balancing
devopsImplement Kubernetes security scanning with Falco and OPA Gatekeeper for runtime protection
securityConfigure OpenTelemetry custom metrics for application monitoring with Prometheus and Grafana
monitoringConfigure Kubernetes RBAC with service accounts and cluster roles for secure access control
Learn to implement Kubernetes Role-Based Access Control (RBAC) with service accounts, cluster roles, and role bindings for granular permissions and secure cluster access management.
Integrate ArgoCD with External Secrets Operator for secure Kubernetes secret management
Set up External Secrets Operator to sync secrets from HashiCorp Vault and AWS Secrets Manager into your ArgoCD GitOps workflow, enabling secure automated secret management across multiple environments without storing sensitive data in Git repositories.
Configure Istio security policies with external authorization services integration
Set up comprehensive Istio security policies with external authorization services, JWT validation, and RBAC integration for enterprise-grade service mesh security and compliance.
Implement Docker network security with custom bridge networks and container isolation
Secure your Docker deployments by creating isolated custom bridge networks, implementing container segmentation, and configuring network access controls to prevent unauthorized communication between containers.
Configure Spark on Kubernetes with cluster autoscaling for dynamic workloads
Deploy Apache Spark 3.5 on Kubernetes with automatic cluster scaling, dynamic resource allocation, and comprehensive monitoring for production data processing workloads.
Implement Kubernetes secrets management with HashiCorp Vault integration
Set up HashiCorp Vault with Kubernetes to dynamically inject secrets into pods using the Vault Secrets Operator. This tutorial covers authentication configuration, operator deployment, and automated secret injection with annotations.
Configure FastAPI rate limiting and security middleware with Redis and authentication
Set up production-ready FastAPI applications with Redis-backed rate limiting, security middleware, and JWT authentication to protect against abuse and secure your API endpoints.
Configure Kubernetes secrets management with Vault integration for secure container orchestration
Set up HashiCorp Vault Agent Injector to automatically inject secrets into Kubernetes pods without storing sensitive data in container images or configuration files. This production-grade approach replaces hardcoded secrets with dynamic, secure credential management.
Integrate AWX 24.6 with HashiCorp Vault for dynamic secrets management and secure automation workflows
Configure AWX to securely retrieve database credentials and API keys from HashiCorp Vault using dynamic secrets that automatically rotate. Set up credential types, database engines, and secure playbook execution with centralized secrets management.
Implement Podman pod security with network policies and microsegmentation
Secure Podman pods with custom network policies, traffic filtering, and microsegmentation using CNI plugins and netavark. Implement zero-trust networking with firewall rules and container isolation.
Configure Apache Airflow DAG security and secrets management with RBAC policies and encryption
Implement comprehensive security for Apache Airflow DAGs using role-based access control, HashiCorp Vault integration, and encrypted secrets management. Configure granular permissions, audit logging, and isolation policies for production workflows.
Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring
Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer