Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxInstall and configure CockroachDB cluster with high availability and distributed SQL
databasesInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesConfigure network interface monitoring with ICMP ping and connectivity testing
networkingInstall and configure ArgoCD for GitOps continuous deployment with RBAC and SSL
devopsRecently published
Set up GitLab container registry mirror and proxy cache for improved performance
devopsConfigure SonarQube quality gates and custom rules for enterprise code analysis
devopsSet up Consul multi-datacenter replication with ACL token replication
devopsSet up Kafka Connect cluster with high availability and load balancing
devopsIntegrate AWX 24.6 with HashiCorp Vault for dynamic secrets management and secure automation workflows
devopsConfigure Nexus Repository Manager LDAP authentication for enterprise user management
Set up LDAP authentication for Nexus Repository Manager to enable centralized enterprise user management and seamless integration with Active Directory for secure artifact repository access.
Setup Keycloak SAML integration for enterprise single sign-on with identity providers
Configure Keycloak as a SAML identity provider for enterprise SSO, integrate with external identity providers, and implement secure SAML service provider connections with attribute mapping.
Configure Keycloak OAuth2 integration with web applications using OIDC and JWT tokens
Set up Keycloak as an OAuth2 identity provider with OIDC authentication flows. Configure client applications, implement JWT token validation, and secure NGINX reverse proxy with lua-resty-openidc for production web applications.
Configure Grafana LDAP authentication and role-based access control with Active Directory integration
Set up Grafana with LDAP authentication to connect with Active Directory, configure role-based access control for teams, and implement production-ready security policies for enterprise environments.
Deploy applications to Kubernetes with Helm charts and production best practices
Learn how to create production-ready Helm charts for Kubernetes deployments with proper templating, values management, security configurations, and environment-specific customizations for scalable application orchestration.
Integrate GitLab with Kubernetes for automated deployments using CI/CD pipelines and runners
Set up GitLab CI/CD pipelines with Kubernetes runners for automated application deployments. Configure RBAC, implement rolling updates, and establish production-grade deployment strategies.
Configure Kubernetes OpenTelemetry auto-instrumentation for microservices observability
Set up OpenTelemetry Operator in Kubernetes to automatically instrument microservices with distributed tracing. Enable seamless observability across your application stack without modifying application code.
Setup HAProxy with Docker container backends for dynamic load balancing
Configure HAProxy 2.8 to automatically discover and load balance traffic across Docker containers with health checks, service discovery, and SSL termination for production-grade dynamic routing.
Integrate HashiCorp Vault with Kubernetes secrets management for secure container orchestration
Configure HashiCorp Vault integration with Kubernetes using the Vault CSI driver and Secrets Operator for automated secret injection and synchronization. This setup enables secure secret management for containerized applications with dynamic secret rotation and policy-based access controls.
Configure Vault dynamic secrets for databases with PostgreSQL and MySQL integration
Set up HashiCorp Vault's database secrets engine to automatically generate short-lived credentials for PostgreSQL and MySQL databases, improving security by eliminating static passwords and enabling automated credential rotation.
Set up Vault as a PKI certificate authority with SSL automation and intermediate CA
Build a production-grade PKI infrastructure using HashiCorp Vault with root and intermediate certificate authorities. Enable automated SSL certificate generation and renewal for your applications with RBAC policies.
Secure Docker containers with Traefik reverse proxy and Authelia authentication
Set up a production-grade security stack using Traefik v3 reverse proxy with SSL automation and Authelia for multi-factor authentication. This tutorial covers Docker hardening, LDAP integration, and container security monitoring.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer