Infrastructure tutorials

Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.

networking Advanced

Configure Cilium BGP peering with MetalLB integration for Kubernetes load balancing

Set up Cilium CNI with BGP routing capabilities and integrate with MetalLB speaker components for bare-metal Kubernetes load balancing. This configuration enables external traffic routing and service discovery in on-premises environments.

45 min 4 distros 330 views
security Advanced

Configure advanced iptables firewall rules with logging, port knocking, and DDoS protection

Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.

45 min 4 distros 439 views
networking Intermediate

Configure WireGuard site-to-site VPN connections with advanced routing and security

Set up secure network-to-network VPN tunnels using WireGuard with advanced routing, firewall rules, and monitoring for connecting multiple office locations or data centers.

45 min 4 distros 389 views
security Intermediate

Set up SSH bastion host with jump server configuration for secure network access

Configure an SSH bastion host to secure access to private networks, implementing jump server functionality with key-based authentication and access controls for enhanced security.

25 min 4 distros 426 views
security Intermediate

Configure intrusion detection with OSSEC and Wazuh for real-time security monitoring

Set up comprehensive host-based intrusion detection with OSSEC HIDS and Wazuh manager for real-time security monitoring, file integrity checking, and automated threat response across your infrastructure.

45 min 4 distros 492 views
security Intermediate

Configure NGINX rate limiting and advanced security rules for DDoS protection

Configure NGINX with comprehensive rate limiting, connection throttling, and advanced security headers to protect your web applications from DDoS attacks and malicious traffic. Learn to implement zone-based rate limiting, geographic blocking, and real-time monitoring for production environments.

25 min 4 distros 529 views
monitoring Intermediate

Monitor PostgreSQL performance with Prometheus and Grafana dashboards

Set up comprehensive PostgreSQL monitoring using Prometheus PostgreSQL exporter and Grafana dashboards. Configure performance metrics collection, visualization, and alerting for database optimization and troubleshooting.

25 min 4 distros 517 views
networking Advanced

Set up iptables high availability clustering with keepalived for automatic failover

Configure a highly available firewall cluster using iptables and keepalived with VRRP for automatic failover. Set up rule synchronization between nodes and implement monitoring for production-grade firewall redundancy.

45 min 4 distros 503 views
security Advanced

Implement MinIO security hardening with IAM policies and audit logging

Secure your MinIO object storage with comprehensive IAM policies, role-based access control, and audit logging for compliance monitoring. This tutorial covers user management, policy creation, and security validation for production environments.

45 min 4 distros 781 views
networking Advanced

Set up Open vSwitch 3.3 for advanced virtual machine networking with VLAN and bridge configuration

Configure Open vSwitch 3.3 to create isolated virtual networks for VMs with VLAN tagging, bridge management, and advanced traffic control. Essential for virtualization environments requiring network segmentation and high-performance VM networking.

45 min 4 distros 514 views
security Intermediate

Configure Linux user and group management with sudo access control

Learn to create and manage Linux users and groups with proper sudo access control, security hardening, and monitoring. This comprehensive guide covers account creation, group membership management, sudo configuration, and security best practices for production environments.

45 min 4 distros 556 views
security Intermediate

Set up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set

Configure a production-grade web application firewall using NGINX with ModSecurity 3 and OWASP Core Rule Set. Includes logging, monitoring, and fail2ban integration for comprehensive threat protection.

45 min 4 distros 678 views

Need help?

Don't want to manage this yourself?

We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.

Talk to an engineer