Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure Deno for web development with systemd and reverse proxy
hostingInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Ollama for local AI models on Linux servers
devopsInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure Uptime Kuma for website monitoring with SSL and email alerts
monitoringRecently published
Implement Node.js application monitoring with Prometheus metrics and Grafana dashboards
monitoringImplement OSPF multi-area design with FRRouting and advanced routing policies
networkingConfigure Istio security policies with external authorization services integration
securityImplement Docker network security with custom bridge networks and container isolation
securityImplement Network Time Security (NTS) for encrypted time synchronization with chrony
securityImplement Podman pod security with network policies and microsegmentation
Secure Podman pods with custom network policies, traffic filtering, and microsegmentation using CNI plugins and netavark. Implement zero-trust networking with firewall rules and container isolation.
Configure Apache Airflow high availability with CeleryExecutor and Redis clustering for production deployments
Set up Apache Airflow with CeleryExecutor and Redis clustering for high availability production deployments. Configure multiple workers, load balancing, monitoring, and automated failover to handle enterprise-scale workflow orchestration with zero downtime.
Implement Airflow DAG security scanning with Bandit and safety checks
Set up automated security scanning for Apache Airflow DAGs using Bandit for Python code analysis and Safety for vulnerability detection. Configure pre-commit hooks and CI/CD integration for continuous security monitoring.
Configure Kubernetes Pod Security Standards with admission controllers for policy enforcement
Learn how to implement Kubernetes Pod Security Standards using built-in admission controllers and OPA Gatekeeper for comprehensive policy enforcement, security compliance, and workload protection in production clusters.
Configure Ansible Vault for secret management and encryption with playbook automation
Set up Ansible Vault to encrypt sensitive data like passwords, API keys, and certificates in your playbooks. Learn to create encrypted variables, manage vault passwords, and integrate secure secret handling into automated deployments.
Set up Apache Airflow DAG security policies and data governance with RBAC and audit logging
Configure comprehensive security for Apache Airflow with role-based access control, DAG-level permissions, data lineage tracking, and audit logging for compliance monitoring in production environments.
Set up Nomad multi-node cluster with TLS encryption and Consul integration
Deploy a production-ready HashiCorp Nomad cluster with server and client nodes, TLS encryption, and Consul integration for service discovery. Includes workload deployment and monitoring configuration.
Install and configure ArgoCD Image Updater for automatic Kubernetes deployments with GitOps automation
Set up ArgoCD Image Updater to automatically monitor container registries and update Kubernetes deployments when new image versions are available. Configure GitOps workflows with automated Git commits and Prometheus monitoring for seamless CI/CD integration.
Integrate HashiCorp Vault with Kubernetes secrets management for secure container orchestration
Configure HashiCorp Vault integration with Kubernetes using the Vault CSI driver and Secrets Operator for automated secret injection and synchronization. This setup enables secure secret management for containerized applications with dynamic secret rotation and policy-based access controls.
Configure Vault dynamic secrets for databases with PostgreSQL and MySQL integration
Set up HashiCorp Vault's database secrets engine to automatically generate short-lived credentials for PostgreSQL and MySQL databases, improving security by eliminating static passwords and enabling automated credential rotation.
Set up Grafana Enterprise SSO authentication with LDAP, SAML, and OAuth2 integration
Configure Grafana Enterprise with comprehensive single sign-on authentication supporting LDAP, SAML, and OAuth2 providers. Set up role-based access control with automated team mapping and user provisioning for enterprise environments.
Configure Airflow DAG security and isolation with RBAC policies
Set up comprehensive security for Apache Airflow with role-based access control, DAG-level permissions, and resource isolation. Configure user authentication, implement fine-grained security policies, and establish monitoring for production-grade workflow orchestration.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer