Linux Control Groups (cgroups V2): Limiting CPU And Memory For Production Workloads
If you're running production workloads without cgroup constraints, you're one runaway process away from a bad day. Here's everything you need to configure...
24 articles
If you're running production workloads without cgroup constraints, you're one runaway process away from a bad day. Here's everything you need to configure...
A complete reference for Alpine Linux's apk package manager — adding packages, managing repositories, pinning versions, building custom packages, and running Alpine as a minimal server OS.
How to configure Apache httpd for production use — name-based virtual hosts, SSL/TLS with Let's Encrypt, HTTP to HTTPS redirects, mod_rewrite rules, and performance tuning with MPM.
How to configure Keepalived for automatic failover using VRRP — setting up master/backup pairs, virtual IPs, health-check scripts, and combining it with HAProxy or Nginx for zero-downtime load balancer HA.
How openSUSE's transactional-update and Btrfs snapshot integration enables atomic, rollback-safe system updates — and how MicroOS takes this to a fully immutable, container-optimized OS.
A practical guide to SUSE Linux administration — using YaST for system configuration, zypper for package management, managing repositories, and understanding the differences between openSUSE Leap, Tumbleweed, and SUSE Linux Enterprise.
How to tune RHEL 9 performance using tuned profiles, sysctl parameters, CPU governors, NUMA topology, and memory settings — for database servers, web workloads, and latency-sensitive applications.
A practical guide to RHEL 9's subscription management — attaching entitlements, enabling the right repositories, creating local mirrors for air-gapped environments, and managing subscriptions at scale.
How to migrate existing CentOS 7/8 servers to Rocky Linux 8 or 9 using the migrate2rocky script — including pre-migration checks, the migration process itself, and post-migration validation steps.
A production security baseline for Rocky Linux 9 — covering SELinux configuration, firewalld rules, SSH hardening, auditd, AIDE integrity checking, and CIS Benchmark compliance checks.
A complete walkthrough for turning a fresh Ubuntu 24.04 LTS installation into a production-ready server — from initial SSH lockdown to swap configuration and kernel parameter tuning.
How to keep Ubuntu servers patched automatically without unplanned reboots — combining unattended-upgrades, Canonical Livepatch, and USN monitoring into a practical patching strategy.
Resolve the Linux 'too many open files' error by increasing file descriptor limits at the system, user, and process level.
Diagnose and fix SSH connection refused errors after a Linux server reboot, covering sshd service, firewall rules, port configuration, and host key issues.
The sysctl knobs that actually improve Linux network throughput, latency, and connection handling — with benchmarks and safe production values.
How to use systemd's built-in sandboxing directives to isolate services, restrict filesystem access, and harden daemons without containers.
Linux networking commands cheat sheet for troubleshooting — interfaces, routing, DNS lookups, connections, iptables firewalls, and tcpdump packet capture.
Navigate the Linux file system hierarchy, master essential commands, understand file permissions and ownership, and work with links, pipes, and redirection.
Configure Linux network interfaces, set up iptables/nftables/firewalld rules, troubleshoot connectivity with ss, ip, dig, and tcpdump, and secure your servers.
Install, update, and manage packages across Ubuntu (apt), RHEL (dnf/yum), and SUSE (zypper) — repositories, GPG keys, version pinning, and automation.
Diagnose Linux performance bottlenecks with top, htop, vmstat, iostat, sar, iotop, and strace — a systematic approach to finding and fixing issues.
Write effective Bash scripts for DevOps automation — variables, conditionals, loops, functions, error handling, argument parsing, and real-world script patterns.
Manage Linux services with systemctl, write custom unit files, understand the boot process, configure targets, and use journalctl for log analysis.
Create and manage Linux users and groups, configure sudo access, understand /etc/passwd and /etc/shadow, and implement PAM authentication policies.