Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxSet up Node.js application security with Helmet and rate limiting
securityInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesRecently published
Configure systemd service resource limits and security isolation
linuxConfigure NGINX SSL termination with Redis session storage
hostingConfigure intrusion detection with OSSEC and fail2ban integration
securitySet up Varnish 7 cluster with load balancing across multiple backends
performanceConfigure OSSEC active response for automated threat blocking
securityImplement Jaeger security with TLS encryption and authentication for distributed tracing
Secure your Jaeger distributed tracing infrastructure with TLS encryption, JWT-based authentication, and RBAC policies. This tutorial covers certificate generation, collector/query service encryption, and UI authentication through reverse proxy integration.
Implement Kubernetes Pod Security Standards and admission controllers for policy enforcement
Configure Pod Security Standards with baseline and restricted profiles, deploy OPA Gatekeeper admission controller with custom policies, and implement ValidatingAdmissionWebhooks for comprehensive security enforcement in production Kubernetes clusters.
Configure advanced iptables QoS with DSCP marking and traffic classification
Set up Quality of Service (QoS) on Linux servers using iptables DSCP marking, HTB queuing, and traffic classification. This tutorial shows you how to prioritize network traffic, implement bandwidth limits, and ensure critical applications get the network resources they need for optimal performance.
Configure ScyllaDB backup and restore with automation
Set up automated daily backups for ScyllaDB with monitoring, restore procedures, and retention policies. Includes snapshot management, S3 storage integration, and comprehensive alerting for production NoSQL environments.
Implement NGINX Lua scripting for advanced caching logic with OpenResty
Configure OpenResty with Lua scripting for advanced caching strategies including dynamic cache keys, intelligent TTL management, and conditional cache invalidation based on business logic.
Implement Istio security policies with authorization and authentication for Kubernetes service mesh
Configure Istio service mesh security with mTLS authentication, JWT validation, and RBAC authorization policies. This tutorial covers implementing comprehensive security controls for microservices communication in production Kubernetes environments.
Configure NTP server with chrony and security hardening for precise time synchronization
Set up a production-grade NTP server using chrony with client access controls, firewall rules, and security hardening. Learn to configure upstream time sources, implement monitoring, and troubleshoot common synchronization issues.
Configure OSPF with FRRouting 10 for dynamic routing protocols and network failover
Set up OSPF dynamic routing with FRRouting 10 for automatic network failover and route redistribution. Configure area authentication, routing policies, and monitoring for enterprise network resilience.
Implement FastAPI authentication with JWT and OAuth2 for secure API development
Build secure FastAPI applications with JWT token authentication and OAuth2 password bearer flows. Learn to implement role-based access control and protect API endpoints with production-ready security patterns.
Implement Kubernetes network policies with Calico CNI and OPA Gatekeeper for security enforcement
Secure your Kubernetes cluster with Calico CNI network policies and OPA Gatekeeper admission control. This tutorial shows you how to implement pod isolation, policy enforcement, and admission validation for production-grade security.
Set up Node.js application security with Helmet and rate limiting
Secure your Node.js Express applications against common vulnerabilities with Helmet.js middleware and implement rate limiting to prevent abuse and DDoS attacks.
Implement Varnish cache warming with automated content preloading for high-performance websites
Set up automated Varnish cache warming with priority URL preloading, systemd timers for scheduled content refreshing, and comprehensive monitoring to optimize cache hit rates and reduce backend server load for high-traffic websites.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer