Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Install and configure CockroachDB cluster with high availability and distributed SQL
databasesInstall and configure ArgoCD for GitOps continuous deployment with RBAC and SSL
devopsInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesInstall and configure Loki for centralized log aggregation with Grafana integration
monitoringInstall and configure WireGuard VPN server with client management
networkingRecently published
Configure Nagios SNMP monitoring for network devices with automated discovery and templates
monitoringIntegrate Elasticsearch 8 with Prometheus monitoring and Grafana dashboards
monitoringSet up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
securityConfigure NGINX reverse proxy with advanced caching and load balancing
hostingConfigure Netdata alerts with Slack and Microsoft Teams for real-time monitoring notifications
monitoringImplement Kubernetes network policies with Calico CNI and OPA Gatekeeper for security enforcement
Secure your Kubernetes cluster with Calico CNI network policies and OPA Gatekeeper admission control. This tutorial shows you how to implement pod isolation, policy enforcement, and admission validation for production-grade security.
Configure GitLab SAML authentication with Keycloak for enterprise SSO
Set up single sign-on (SSO) authentication between GitLab and Keycloak using SAML 2.0 protocol. This enables centralized user management and secure authentication for your GitLab instance through your existing identity provider infrastructure.
Implement Varnish cache warming with automated content preloading for high-performance websites
Set up automated Varnish cache warming with priority URL preloading, systemd timers for scheduled content refreshing, and comprehensive monitoring to optimize cache hit rates and reduce backend server load for high-traffic websites.
Implement Kubernetes resource quotas and limits for namespace isolation and workload management
Configure namespace resource quotas, container resource limits, and limit ranges to ensure fair resource allocation and prevent resource exhaustion in multi-tenant Kubernetes clusters.
Monitor container performance with Prometheus and cAdvisor for comprehensive metrics collection
Set up comprehensive container monitoring with cAdvisor, Prometheus, and Grafana to collect detailed metrics on CPU, memory, network, and disk usage. This tutorial covers installation, configuration, and alerting for production-ready container performance monitoring.
Configure Istio traffic management with virtual services and destination rules
Configure advanced Istio traffic management using virtual services for intelligent request routing and destination rules for load balancing and service subsets in production Kubernetes environments.
Configure Kubernetes persistent volumes with NFS storage for container data persistence
Set up NFS-backed persistent volumes in Kubernetes to provide shared, durable storage for containerized applications across multiple nodes with automatic failover capabilities.
Set up Nexus Repository Manager high availability clustering for production scale
Deploy a production-ready Nexus Repository Manager cluster with shared storage, load balancing, and automated failover for enterprise artifact management and zero-downtime operations.
Configure Linux kernel parameters for container workloads with sysctl optimization
Configure Linux kernel parameters for optimal container performance with sysctl tuning. This guide covers memory management, network stack optimization, file descriptor limits, and security parameters for Docker and Podman workloads.
Configure Tailscale mesh VPN with subnet routing and ACL policies for secure network access
Set up a zero-trust mesh VPN network with Tailscale that includes subnet routing for local network access, granular ACL policies for security, and exit nodes for secure internet access.
Configure Linux process resource monitoring and alerting with cgroups and systemd
Set up comprehensive process resource monitoring using cgroups v2 and systemd to track CPU, memory, and I/O usage with automated alerting when processes exceed defined limits.
Configure automatic security updates with unattended-upgrades and email notifications
Set up automated security patching on Linux servers with unattended-upgrades and dnf-automatic. Configure email notifications, update policies, and monitoring to keep your systems secure while maintaining control over critical services.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer