Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Configure FastAPI rate limiting and security middleware with Redis and authentication
securitySetup FastAPI email verification and password reset functionality with Redis and PostgreSQL
hostingConfigure Prometheus Alertmanager with custom webhook integrations for Slack, Microsoft Teams, and PagerDuty notifications
monitoringConfigure MongoDB sharding with zone-based data distribution for geographic workloads
databasesConfigure Kubernetes secrets management with Vault integration for secure container orchestration
devopsImplement Kubernetes network policies with Calico for microsegmentation
Configure Calico CNI to enforce network policies for pod-to-pod traffic control and namespace isolation. This tutorial covers advanced microsegmentation patterns, ingress/egress rules, and policy monitoring for production Kubernetes security.
Integrate OPA Gatekeeper with ArgoCD for GitOps policy management
Set up Open Policy Agent Gatekeeper with ArgoCD to enforce Kubernetes admission policies through GitOps workflows. This tutorial covers installation, policy template creation, and automated policy enforcement with monitoring.
Configure Istio distributed tracing with Jaeger and Zipkin for comprehensive microservices observability
Set up comprehensive distributed tracing in your Istio service mesh using both Jaeger and Zipkin backends. Configure telemetry collection, trace sampling, and monitoring dashboards for full microservices observability.
Configure Kubernetes Pod Security Standards with admission controllers for policy enforcement
Learn how to implement Kubernetes Pod Security Standards using built-in admission controllers and OPA Gatekeeper for comprehensive policy enforcement, security compliance, and workload protection in production clusters.
Configure TimescaleDB backup and recovery with pgBackRest for automated PostgreSQL protection
Set up pgBackRest with TimescaleDB for automated backups, point-in-time recovery, and database protection. Includes configuration for local and remote repositories, scheduled backups, and comprehensive restore procedures.
Configure Apache Airflow DAG security and secrets management with RBAC policies and encryption
Implement comprehensive security for Apache Airflow DAGs using role-based access control, HashiCorp Vault integration, and encrypted secrets management. Configure granular permissions, audit logging, and isolation policies for production workflows.
Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring
Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.
Implement Consul Connect mTLS with Vault PKI backend for secure service mesh communication
Set up mutual TLS authentication for Consul Connect using HashiCorp Vault's PKI backend to secure service-to-service communication with automatic certificate management and rotation.
Configure Podman image scanning with Trivy security vulnerability detection
Set up automated container image security scanning using Trivy with Podman to detect vulnerabilities, misconfigurations, and security issues before deploying containers to production.
Configure Prometheus Blackbox Exporter for endpoint monitoring with SSL and alerting
Set up Prometheus Blackbox Exporter to monitor HTTP, HTTPS, DNS, TCP, and ICMP endpoints with SSL certificate validation and automated alerting for comprehensive uptime monitoring.
Set up Prometheus and Grafana monitoring stack with Docker Compose
Deploy a complete monitoring solution using Prometheus for metrics collection and Grafana for visualization with Docker Compose. This setup provides comprehensive system monitoring, alerting capabilities, and customizable dashboards.
Set up InfluxDB alerting with Kapacitor and notifications
Configure comprehensive alerting for InfluxDB using Kapacitor with email, Slack, and webhook notifications. Set up real-time monitoring, thresholds, and automated responses for time-series data anomalies.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer