Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingSet up Node.js application security with Helmet and rate limiting
securityInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesRecently published
Monitor ScyllaDB cluster with Prometheus and Grafana for comprehensive performance tracking
monitoringMonitor Jetty performance with JMX and Grafana dashboards
monitoringConfigure FRRouting route maps and prefix lists for advanced routing policies
networkingConfigure Jetty clustering and session replication for high availability
hostingConfigure Cherokee web server with MySQL database optimization and performance tuning
hostingImplement Airflow DAG security scanning with Bandit and safety checks
Set up automated security scanning for Apache Airflow DAGs using Bandit for Python code analysis and Safety for vulnerability detection. Configure pre-commit hooks and CI/CD integration for continuous security monitoring.
Configure Consul Connect with Kubernetes integration for secure service mesh communication
Set up Consul Connect as a service mesh on Kubernetes with Helm, enabling automatic mTLS encryption, service discovery, and traffic routing between microservices for secure inter-service communication.
Configure Apache Airflow data lineage tracking with OpenLineage for comprehensive workflow observability
Set up OpenLineage with Apache Airflow to track data lineage across workflows, providing comprehensive observability into data transformations, dependencies, and quality issues in production environments.
Implement Kubernetes network policies with Calico for microsegmentation
Configure Calico CNI to enforce network policies for pod-to-pod traffic control and namespace isolation. This tutorial covers advanced microsegmentation patterns, ingress/egress rules, and policy monitoring for production Kubernetes security.
Integrate OPA Gatekeeper with ArgoCD for GitOps policy management
Set up Open Policy Agent Gatekeeper with ArgoCD to enforce Kubernetes admission policies through GitOps workflows. This tutorial covers installation, policy template creation, and automated policy enforcement with monitoring.
Configure Istio distributed tracing with Jaeger and Zipkin for comprehensive microservices observability
Set up comprehensive distributed tracing in your Istio service mesh using both Jaeger and Zipkin backends. Configure telemetry collection, trace sampling, and monitoring dashboards for full microservices observability.
Configure Kubernetes Pod Security Standards with admission controllers for policy enforcement
Learn how to implement Kubernetes Pod Security Standards using built-in admission controllers and OPA Gatekeeper for comprehensive policy enforcement, security compliance, and workload protection in production clusters.
Configure TimescaleDB backup and recovery with pgBackRest for automated PostgreSQL protection
Set up pgBackRest with TimescaleDB for automated backups, point-in-time recovery, and database protection. Includes configuration for local and remote repositories, scheduled backups, and comprehensive restore procedures.
Configure Apache Airflow DAG security and secrets management with RBAC policies and encryption
Implement comprehensive security for Apache Airflow DAGs using role-based access control, HashiCorp Vault integration, and encrypted secrets management. Configure granular permissions, audit logging, and isolation policies for production workflows.
Configure Falco runtime security for Kubernetes threat detection with eBPF monitoring
Set up Falco with eBPF monitoring to detect runtime security threats in Kubernetes clusters. Configure custom rules, integrate Prometheus metrics, and establish comprehensive threat detection for container workloads.
Implement Consul Connect mTLS with Vault PKI backend for secure service mesh communication
Set up mutual TLS authentication for Consul Connect using HashiCorp Vault's PKI backend to secure service-to-service communication with automatic certificate management and rotation.
Configure Podman secrets management with HashiCorp Vault integration
Set up secure container secrets management by integrating Podman with HashiCorp Vault. Configure dynamic secret injection, automated rotation, and production-ready monitoring for containerized applications.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer