Tom Meurs

Talos Linux immutable Kubernetes operating system

Talos Linux: The Immutable Kubernetes OS That Changed How I Think About Nodes

Here is how most of us run Kubernetes nodes. You install a general-purpose Linux distro, harden it with a CIS benchmark script, add an SSH key, set up a config management tool to keep drift in check, and then spend the next two years SSH-ing in to fix the things the config management tool didn’t catch. Every node is a little snowflake with its own history. We’ve accepted this as normal. ...

Demoscene optimization and sustainable computing

The Lost Art of Software Optimization: What Demoscene Taught Us About Sustainability

Here is how most of us ship software in 2026. You pick a framework, pull in a few hundred dependencies, and your service idles at a gigabyte of RAM before it does a single useful thing. Nobody profiles it. Nobody asks why. If it’s slow, you scale up. Compute is cheap, your time is expensive, and the bill goes to someone else. We’ve accepted this as normal. I used to live in a different world. I’d spend hours, sometimes whole weekends, squeezing every last byte out of code. Getting a program to run on hardware that “couldn’t possibly” handle it was the best feeling I knew. My inspiration was the demoscene: impossible visual effects rendered in 64 kilobytes or less. I’d watch one and just sit there asking myself, how on earth did they do that? ...

Arch Linux vs NixOS as workstation comparison

Arch vs NixOS as a Workstation: Professional and Personal Use

I keep getting asked which distro someone should run on their daily driver: Arch or NixOS. Usually by people who already run Linux and want a workstation they actually understand, not a black box that updates itself on someone else’s schedule. I’ve run both as my real machine. Not in VMs, not as a weekend experiment. As the laptop where I do professional DevOps and platform engineering work, and as the desktop where I do everything else. So let me state my bias up front, because this framework only works if I’m honest about it: I run Arch on both my desktops today, and I run NixOS on my servers. That tells you where I landed. But I landed there for specific reasons, and I want to walk through them rather than hand you a verdict. ...

CTF and forensics skills for DevOps engineers

CTF and Forensics Skills That Make You a Better DevOps Engineer

A production server is misbehaving at 3 AM. You SSH in. Now what? The engineers who stay calm here are the ones who already know the next ten commands by heart, because they have run this exact loop a hundred times before, just with the word “flag” instead of “incident.” I spend my evenings doing Hack The Box challenges and CTF competitions. I have no plans to become a pentester. I like platform engineering. The reason I keep at it is that the skills carry straight into my day job, and the carryover is bigger than it sounds. ...

Simulation, emulation, virtualization, and containers explained

Simulation, Emulation, Virtualization, and Containers: The Restaurant Metaphor

“So what’s the difference between a container and a virtual machine?” I get this question a lot, usually from someone smart who has been nodding along in meetings without quite wanting to admit they’re fuzzy on it. And the honest answer is that most explanations make things worse. They reach for “hypervisor,” “kernel sharing,” and “hardware abstraction” in the first sentence, and now the person has four new terms to be confused about instead of one. ...