Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure CockroachDB cluster with high availability and distributed SQL
databasesConfigure network interface monitoring with ICMP ping and connectivity testing
networkingConfigure Linux system time synchronization with chrony and NTP hardening
linuxInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesInstall and configure ArgoCD for GitOps continuous deployment with RBAC and SSL
devopsRecently published
Configure TimescaleDB backup and recovery with pgBackRest for automated PostgreSQL protection
databasesConfigure Apache Airflow DAG security and secrets management with RBAC policies and encryption
securityConfigure Falco runtime security for Kubernetes threat detection with eBPF monitoring
securityImplement Consul Connect mTLS with Vault PKI backend for secure service mesh communication
securityConfigure Podman secrets management with HashiCorp Vault integration
devopsConfigure Vault dynamic secrets for databases with PostgreSQL and MySQL integration
Set up HashiCorp Vault's database secrets engine to automatically generate short-lived credentials for PostgreSQL and MySQL databases, improving security by eliminating static passwords and enabling automated credential rotation.
Set up Vault as a PKI certificate authority with SSL automation and intermediate CA
Build a production-grade PKI infrastructure using HashiCorp Vault with root and intermediate certificate authorities. Enable automated SSL certificate generation and renewal for your applications with RBAC policies.
Secure Docker containers with Traefik reverse proxy and Authelia authentication
Set up a production-grade security stack using Traefik v3 reverse proxy with SSL automation and Authelia for multi-factor authentication. This tutorial covers Docker hardening, LDAP integration, and container security monitoring.
Set up Grafana Enterprise SSO authentication with LDAP, SAML, and OAuth2 integration
Configure Grafana Enterprise with comprehensive single sign-on authentication supporting LDAP, SAML, and OAuth2 providers. Set up role-based access control with automated team mapping and user provisioning for enterprise environments.
Configure Airflow DAG security and isolation with RBAC policies
Set up comprehensive security for Apache Airflow with role-based access control, DAG-level permissions, and resource isolation. Configure user authentication, implement fine-grained security policies, and establish monitoring for production-grade workflow orchestration.
Integrate Zabbix 7 with network automation and orchestration tools using Ansible and Python APIs
Build comprehensive network automation workflows by integrating Zabbix 7 monitoring with Ansible playbooks and custom Python scripts. This tutorial covers API authentication, automated host provisioning, and dynamic monitoring configuration for enterprise infrastructure management.
Advanced Nomad job templates and deployment strategies with rolling updates and canary deployments
Master production-grade Nomad job templates with HCL syntax, implement rolling updates with health checks, and deploy advanced blue-green and canary deployment patterns for resilient containerized workloads.
Configure Vault auto-unseal with AWS KMS for high availability secrets management
Set up HashiCorp Vault with AWS KMS auto-unseal to eliminate manual unsealing processes and enable high availability deployments with automatic recovery.
Configure Ansible dynamic inventory for AWS, Azure, and GCP with automated discovery
Set up Ansible dynamic inventory plugins for AWS EC2, Azure VMs, and Google Cloud instances with automated discovery, credential management, and performance optimization across multiple cloud providers.
Configure Ansible dynamic inventory for AWS, Azure, and GCP with automated discovery
Set up Ansible dynamic inventory plugins for AWS EC2, Azure, and Google Cloud Platform to automatically discover and manage cloud resources. This tutorial covers authentication, filtering, and unified inventory management across multiple cloud providers.
Implement Kubernetes Pod Security Standards and admission controllers for policy enforcement
Configure Pod Security Standards with baseline and restricted profiles, deploy OPA Gatekeeper admission controller with custom policies, and implement ValidatingAdmissionWebhooks for comprehensive security enforcement in production Kubernetes clusters.
Integrate Nexus Repository with Kubernetes and Docker registry authentication
Set up Nexus Repository Manager as a private Docker registry integrated with Kubernetes clusters, configure secure authentication and authorization, and enable automated container image deployment with RBAC controls.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer