Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure CockroachDB cluster with high availability and distributed SQL
databasesInstall and configure ArgoCD for GitOps continuous deployment with RBAC and SSL
devopsInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesInstall and configure Loki for centralized log aggregation with Grafana integration
monitoringInstall and configure WireGuard VPN server with client management
networkingRecently published
Configure Nagios SNMP monitoring for network devices with automated discovery and templates
monitoringIntegrate Elasticsearch 8 with Prometheus monitoring and Grafana dashboards
monitoringSet up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
securityConfigure NGINX reverse proxy with advanced caching and load balancing
hostingConfigure Netdata alerts with Slack and Microsoft Teams for real-time monitoring notifications
monitoringSet up Thanos Receiver for remote write scalability with Prometheus integration
Configure Thanos Receiver to handle high-volume remote write traffic from multiple Prometheus instances. This tutorial covers installation, multi-tenancy setup, and performance optimization for large-scale metrics ingestion.
Implement HAProxy rate limiting and DDoS protection with advanced security rules
Configure HAProxy with comprehensive rate limiting, connection throttling, and DDoS protection using stick tables, ACLs, and advanced security rules to protect your applications from malicious traffic and ensure service availability.
Configure Kubernetes network policies with Calico CNI for microsegmentation and security enforcement
Learn to implement advanced network security in Kubernetes using Calico CNI. Configure namespace-based microsegmentation, application-level policies, and comprehensive monitoring for enterprise-grade cluster protection.
Implement Jaeger security with TLS encryption and authentication for distributed tracing
Secure your Jaeger distributed tracing infrastructure with TLS encryption, JWT-based authentication, and RBAC policies. This tutorial covers certificate generation, collector/query service encryption, and UI authentication through reverse proxy integration.
Configure Deno database connections to PostgreSQL and Redis with connection pooling
Set up production-ready database connections in Deno applications with PostgreSQL and Redis, including SSL configuration, connection pooling, authentication, and comprehensive error handling for high-performance TypeScript applications.
Implement Kubernetes Pod Security Standards and admission controllers for policy enforcement
Configure Pod Security Standards with baseline and restricted profiles, deploy OPA Gatekeeper admission controller with custom policies, and implement ValidatingAdmissionWebhooks for comprehensive security enforcement in production Kubernetes clusters.
Configure OpenTelemetry sampling strategies for high-traffic applications
Learn how to implement probabilistic, deterministic, and adaptive sampling strategies in OpenTelemetry to optimize distributed tracing performance and reduce storage costs in high-traffic production environments.
Implement NGINX Lua scripting for advanced caching logic with OpenResty
Configure OpenResty with Lua scripting for advanced caching strategies including dynamic cache keys, intelligent TTL management, and conditional cache invalidation based on business logic.
Configure Jaeger data retention policies and automated archiving with Elasticsearch backend
Learn to configure Jaeger data retention policies with Elasticsearch backend for automated trace archiving. This tutorial covers index lifecycle management, storage optimization, and performance monitoring to prevent disk space issues while maintaining observability requirements.
Configure ArgoCD notifications for Slack and Microsoft Teams with webhook integration
Set up ArgoCD notification controller to send application deployment alerts and sync status updates to Slack channels and Microsoft Teams. Configure webhook integrations with custom templates and triggers for production GitOps workflows.
Configure Apache HTTP/2 with performance optimization and modern security headers
Enable HTTP/2 protocol in Apache with SSL/TLS encryption, implement advanced performance optimization settings including compression and caching, and configure modern security headers for production deployments.
Implement Consul ACL security and encryption for production deployments
Configure Consul's Access Control List (ACL) system with bootstrap tokens, implement TLS encryption for client-server communication, and enable gossip encryption to secure your Consul cluster for production environments with comprehensive authentication and authorization.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer