Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxSet up Node.js application security with Helmet and rate limiting
securityInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesRecently published
Configure ModSecurity machine learning anomaly detection for automated threat protection
securityConfigure NGINX HTTP/2 server push and connection multiplexing
performanceConfigure NGINX SSL certificate automation with Certbot and renewal monitoring
hostingMonitor FastAPI applications with Prometheus and Grafana for production observability
monitoringConfigure logrotate with Elasticsearch and Kibana integration for automated log management
monitoringIntegrate ModSecurity 3 with SOAR platforms for automated incident response and threat detection
Set up ModSecurity 3 with structured logging, webhook notifications, and API integrations to automatically feed security events into SOAR platforms for real-time threat detection and incident response workflows.
Configure container resource limits with Docker and systemd for production workloads
Learn to set memory, CPU, and I/O limits for Docker containers using both Docker runtime constraints and systemd service limits. Master cgroups v2 integration for bulletproof resource management in production environments.
Configure Apache Airflow DAG performance optimization best practices
Optimize Apache Airflow DAGs for production with parallelism tuning, resource allocation strategies, and performance monitoring. Learn executor configuration, task dependency optimization, and troubleshooting techniques for high-throughput workflows.
Configure Kubernetes network policies with Calico CNI for container security and microsegmentation
Set up Calico CNI in Kubernetes to implement network policies for pod-to-pod traffic control, create ingress and egress rules for microsegmentation, and test policy enforcement to secure container communication at the network layer.
Implement Airflow DAG security scanning with Bandit and safety checks
Set up automated security scanning for Apache Airflow DAGs using Bandit for Python code analysis and Safety for vulnerability detection. Configure pre-commit hooks and CI/CD integration for continuous security monitoring.
Configure Apache Airflow data lineage tracking with OpenLineage for comprehensive workflow observability
Set up OpenLineage with Apache Airflow to track data lineage across workflows, providing comprehensive observability into data transformations, dependencies, and quality issues in production environments.
Integrate OPA Gatekeeper with ArgoCD for GitOps policy management
Set up Open Policy Agent Gatekeeper with ArgoCD to enforce Kubernetes admission policies through GitOps workflows. This tutorial covers installation, policy template creation, and automated policy enforcement with monitoring.
Configure Istio distributed tracing with Jaeger and Zipkin for comprehensive microservices observability
Set up comprehensive distributed tracing in your Istio service mesh using both Jaeger and Zipkin backends. Configure telemetry collection, trace sampling, and monitoring dashboards for full microservices observability.
Integrate Jaeger with Kubernetes and Istio service mesh for distributed tracing
Deploy Jaeger operator on Kubernetes with Istio telemetry integration for comprehensive distributed tracing across microservices. Configure Elasticsearch backend for production-grade trace storage and implement automated service discovery.
Configure Cilium BGP peering with MetalLB integration for Kubernetes load balancing
Set up Cilium CNI with BGP routing capabilities and integrate with MetalLB speaker components for bare-metal Kubernetes load balancing. This configuration enables external traffic routing and service discovery in on-premises environments.
Implement Istio circuit breaker and retry policies for microservices resilience and fault tolerance
Configure Istio destination rules with circuit breaker patterns, implement retry policies with exponential backoff, and set up comprehensive fault injection testing for microservices resilience in Kubernetes service mesh environments.
Configure Istio ingress gateway with SSL certificates and custom domains for Kubernetes service mesh
Set up Istio ingress gateway with automated SSL certificate management using cert-manager, configure custom domain routing with VirtualService, and implement TLS termination for secure service mesh traffic.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer