Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Ollama for local AI models on Linux servers
devopsConfigure Linux system time synchronization with chrony and NTP hardening
linuxRecently published
Configure Django Redis caching and session storage for high-performance web applications
performanceSet up Kafka Streams testing framework with TopologyTestDriver for automated stream processing validation
devopsBenchmark database performance with sysbench and fio integration
databasesConfigure automated system maintenance with advanced cron scheduling and shell scripts
linuxConfigure Consul multi-datacenter WAN federation for geographic redundancy
devopsSet up Linux network traffic shaping with tc and QoS for bandwidth management
Learn how to implement advanced network traffic control on Linux using tc (traffic control) and HTB (Hierarchical Token Bucket) queueing disciplines. This tutorial covers bandwidth limiting, QoS policies, and traffic prioritization for optimal network performance.
Implement OpenLiteSpeed WAF and DDoS protection with ModSecurity 3 and rate limiting
Set up comprehensive web application security for OpenLiteSpeed with ModSecurity 3 web application firewall, OWASP Core Rule Set for threat protection, and advanced rate limiting to defend against DDoS attacks and malicious traffic.
Implement Kubernetes pod disruption budgets for high availability during scaling events
Configure Pod Disruption Budgets to ensure application availability during cluster maintenance and scaling operations. Learn to implement PDB policies, test disruption scenarios, and maintain service continuity in Kubernetes.
Configure Caddy 2 with Docker containers and automatic SSL certificates
Set up Caddy 2 as a reverse proxy using Docker with automatic Let's Encrypt SSL certificates. Deploy containerized web applications behind Caddy with zero-downtime SSL management and built-in load balancing.
Set up Kubernetes custom metrics autoscaling with Prometheus adapter for application-specific scaling
Configure Prometheus adapter to expose custom application metrics to Kubernetes Horizontal Pod Autoscaler for intelligent scaling based on business metrics like queue depth, response time, and user load instead of basic CPU/memory usage.
Configure Kubernetes network policies with Calico CNI for container security and microsegmentation
Set up Calico CNI in Kubernetes to implement network policies for pod-to-pod traffic control, create ingress and egress rules for microsegmentation, and test policy enforcement to secure container communication at the network layer.
Setup Tekton Pipelines 0.62 for Kubernetes CI/CD with security scanning integration
Configure Tekton Pipelines for cloud-native CI/CD with automated security scanning, Git webhooks, and production-ready RBAC policies. Build secure container pipelines with integrated vulnerability detection and compliance checks.
Deploy Envoy-based service mesh in Kubernetes production environment with SSL and observability
Set up a production-ready Envoy service mesh in Kubernetes with mutual TLS authentication, SSL certificate management, and comprehensive observability through Prometheus monitoring and distributed tracing.
Implement Envoy proxy JWT authentication with OAuth2 integration
Configure Envoy proxy with JWT authentication filters integrated with Keycloak OAuth2 provider for secure microservices communication and advanced rate limiting policies.
Configure Spark Kubernetes Operator with MinIO for cloud-native analytics
Deploy Apache Spark on Kubernetes with the Spark Operator and MinIO object storage for scalable big data processing. Configure RBAC, SSL certificates, and persistent storage for production-ready analytics workloads.
Configure Consul Connect with Kubernetes integration for secure service mesh communication
Set up Consul Connect as a service mesh on Kubernetes with Helm, enabling automatic mTLS encryption, service discovery, and traffic routing between microservices for secure inter-service communication.
Implement Kubernetes network policies with Calico for microsegmentation
Configure Calico CNI to enforce network policies for pod-to-pod traffic control and namespace isolation. This tutorial covers advanced microsegmentation patterns, ingress/egress rules, and policy monitoring for production Kubernetes security.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer