Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxInstall and configure CockroachDB cluster with high availability and distributed SQL
databasesConfigure network interface monitoring with ICMP ping and connectivity testing
networkingInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesInstall and configure ArgoCD for GitOps continuous deployment with RBAC and SSL
devopsRecently published
Implement Podman pod security with network policies and microsegmentation
securityConfigure Apache Airflow high availability with CeleryExecutor and Redis clustering for production deployments
devopsConfigure advanced gRPC load balancing with Envoy Proxy health checks and circuit breakers
networkingConfigure custom Grafana plugins for specialized monitoring requirements
monitoringConfigure NGINX monitoring with Prometheus and Grafana dashboards for real-time web server performance metrics
monitoringOptimize MariaDB 11.6 performance with query analysis and indexing for high-traffic applications
Learn advanced MariaDB performance optimization techniques including query profiling, slow query analysis, and strategic indexing for high-traffic applications. This tutorial covers query execution plan analysis, covering indexes, and automated monitoring setup.
Implement Apache web application firewall with ModSecurity 3 and OWASP Core Rule Set
Deploy ModSecurity 3 as an Apache module with OWASP Core Rule Set to protect web applications from common attacks. Configure real-time logging, custom rules, and automated threat detection for production environments.
Set up nftables IPv6 NAT and dual-stack networking with firewall rules and traffic forwarding
Configure nftables with IPv6 NAT masquerading, dual-stack IPv4/IPv6 forwarding, and comprehensive firewall rules for secure network routing and traffic management on modern Linux systems.
Implement HAProxy SSL termination with Let's Encrypt certificates for secure load balancing
Configure HAProxy to handle SSL termination with automated Let's Encrypt certificates, enabling secure HTTPS load balancing across multiple backend servers. This setup reduces CPU load on backend servers while providing centralized SSL certificate management.
Set up Istio multi-cluster service mesh with cross-cluster communication
Deploy and configure Istio across multiple Kubernetes clusters with secure cross-cluster communication, shared service discovery, and unified traffic management for distributed microservices architecture.
Set up Thanos Receiver for remote write scalability with Prometheus integration
Configure Thanos Receiver to handle high-volume remote write traffic from multiple Prometheus instances. This tutorial covers installation, multi-tenancy setup, and performance optimization for large-scale metrics ingestion.
Configure Gunicorn performance monitoring with Prometheus metrics and Grafana dashboards
Set up comprehensive performance monitoring for Gunicorn WSGI servers using Prometheus metrics collection and Grafana visualization. Monitor request rates, response times, worker processes, memory usage, and implement automated alerting for production Python applications.
Implement HAProxy rate limiting and DDoS protection with advanced security rules
Configure HAProxy with comprehensive rate limiting, connection throttling, and DDoS protection using stick tables, ACLs, and advanced security rules to protect your applications from malicious traffic and ensure service availability.
Monitor Consul with Prometheus and Grafana for service discovery observability
Set up comprehensive monitoring for HashiCorp Consul using Prometheus metrics collection and Grafana dashboards. Configure telemetry export, alerting rules, and visualization for service discovery health and performance.
Implement Jaeger security with TLS encryption and authentication for distributed tracing
Secure your Jaeger distributed tracing infrastructure with TLS encryption, JWT-based authentication, and RBAC policies. This tutorial covers certificate generation, collector/query service encryption, and UI authentication through reverse proxy integration.
Configure Deno database connections to PostgreSQL and Redis with connection pooling
Set up production-ready database connections in Deno applications with PostgreSQL and Redis, including SSL configuration, connection pooling, authentication, and comprehensive error handling for high-performance TypeScript applications.
Implement NGINX Lua scripting for advanced caching logic with OpenResty
Configure OpenResty with Lua scripting for advanced caching strategies including dynamic cache keys, intelligent TTL management, and conditional cache invalidation based on business logic.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer