Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingSet up Node.js application security with Helmet and rate limiting
securityInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesRecently published
Monitor Jetty performance with JMX and Grafana dashboards
monitoringConfigure FRRouting route maps and prefix lists for advanced routing policies
networkingConfigure Jetty clustering and session replication for high availability
hostingConfigure Cherokee web server with MySQL database optimization and performance tuning
hostingConfigure Cassandra SSL encryption and authentication with security hardening
databasesSet up ELK stack alerting with Watcher and email notifications for monitoring and incident response
Configure Elasticsearch Watcher to monitor log data and automatically send email alerts when critical system events occur. Create sophisticated alert conditions, manage email notification templates, and set up automated incident response workflows.
Integrate Jaeger with Kubernetes service mesh for comprehensive distributed tracing
Set up production-grade distributed tracing in Kubernetes using Jaeger with Istio service mesh integration. Configure OpenTelemetry instrumentation, Elasticsearch storage backend, and comprehensive observability for microservices.
Implement Linux resource quotas with systemd and automated enforcement
Configure systemd resource control and cgroups v2 to implement CPU, memory, and I/O quotas with automated enforcement. Set up monitoring and alerts for resource violations across production workloads.
Implement Linux memory cgroups for container workload isolation
Configure cgroups v2 memory subsystem to isolate container workloads with precise memory limits, monitoring, and automated enforcement for production environments.
Configure Kubernetes External DNS for automatic DNS record management with cloud providers
Set up External DNS controller to automatically create and manage DNS records for your Kubernetes services and ingresses. This tutorial covers installation, cloud provider integration, and security configuration for production-ready DNS automation.
Configure Linux user session limits with systemd and pam_limits for resource management
Learn to set up comprehensive user session resource limits using both traditional pam_limits.conf and modern systemd user slices. This tutorial covers memory, CPU, and process limits to prevent resource exhaustion on multi-user systems.
Install and configure Graylog 5 for centralized log management with MongoDB and Elasticsearch
Set up Graylog 5 with MongoDB 8.0 and Elasticsearch 8 for centralized log collection, analysis, and alerting. Learn to configure secure inputs, data streams, and monitoring for production environments.
Configure NGINX rate limiting and advanced security rules for DDoS protection
Configure NGINX with comprehensive rate limiting, connection throttling, and advanced security headers to protect your web applications from DDoS attacks and malicious traffic. Learn to implement zone-based rate limiting, geographic blocking, and real-time monitoring for production environments.
Implement Kubernetes cluster autoscaler for automatic node scaling
Configure Kubernetes cluster autoscaler to automatically add and remove worker nodes based on pod resource demands. This tutorial covers cloud provider integration, scaling policies, and monitoring for production-grade horizontal scaling.
Configure SSH port forwarding and tunneling for secure connections
Learn to configure SSH port forwarding, remote tunnels, and SOCKS proxy for secure network connections. Set up local, remote, and dynamic port forwarding with automated monitoring and security hardening.
Configure Lighttpd 1.4 with multiple virtual hosts and subdomains
Set up Lighttpd web server with multiple virtual hosts, subdomain routing, SSL certificates, and performance optimization for hosting multiple websites on a single server with security hardening.
Configure Airflow DAG security and isolation with RBAC policies
Set up comprehensive security for Apache Airflow with role-based access control, DAG-level permissions, and resource isolation. Configure user authentication, implement fine-grained security policies, and establish monitoring for production-grade workflow orchestration.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer