https://tommeurs.nl/tags/advanced/ Recent content in Advanced on Tom Meurs https://tommeurs.nl/images/papermod-cover.png https://tommeurs.nl/images/papermod-cover.png Hugo en Tom Meurs Wed, 08 Apr 2026 20:23:00 +0100 https://tommeurs.nl/posts/cilium-ebpf-networking/ Wed, 08 Apr 2026 20:23:00 +0100 https://tommeurs.nl/posts/cilium-ebpf-networking/ Master Cilium CNI for Kubernetes: eBPF networking, network policies, service mesh, and observability. A practical guide to modern container networking. https://tommeurs.nl/posts/thanos-remote-write-push-architecture/ Fri, 27 Mar 2026 20:38:00 +0100 https://tommeurs.nl/posts/thanos-remote-write-push-architecture/ Scale Prometheus with Thanos Receive using push-based remote write. Ideal for edge clusters, intermittent connectivity, and large multi-cluster environments. https://tommeurs.nl/posts/declarative-infrastructure-compliance-certification/ Mon, 23 Mar 2026 19:28:00 +0100 https://tommeurs.nl/posts/declarative-infrastructure-compliance-certification/ How declarative systems like Talos and NixOS make ISO 27001, NIS2, and SOC 2 compliance easier by generating audit evidence automatically. https://tommeurs.nl/posts/nixos-vs-talos-kubernetes-nodes/ Sun, 15 Mar 2026 20:37:00 +0100 https://tommeurs.nl/posts/nixos-vs-talos-kubernetes-nodes/ Comparing NixOS and Talos Linux as operating systems for Kubernetes nodes. Both are declarative and immutable, but with very different trade-offs. https://tommeurs.nl/posts/talos-linux-immutable-kubernetes/ Wed, 11 Mar 2026 21:15:00 +0100 https://tommeurs.nl/posts/talos-linux-immutable-kubernetes/ Why Talos Linux is the perfect OS for Kubernetes: immutable, API-driven, and secure by default. Real experiences from running it in production. https://tommeurs.nl/posts/kubernetes-resource-sizing/ Sun, 08 Feb 2026 14:00:00 +0100 https://tommeurs.nl/posts/kubernetes-resource-sizing/ Migrating to Kubernetes without proper resource metrics is a recipe for disaster. A real Black Friday horror story and how to do data-driven pod sizing. https://tommeurs.nl/posts/k8sgpt-local-llm-cluster-management/ Thu, 05 Feb 2026 14:00:00 +0100 https://tommeurs.nl/posts/k8sgpt-local-llm-cluster-management/ Hands-on test of K8sGPT with Llama 3.3 70B on a Mac Studio M3 Ultra. Does autonomous cluster management work with local LLMs? Including security analysis. https://tommeurs.nl/posts/falco-runtime-security/ Thu, 07 Aug 2025 10:00:00 +0200 https://tommeurs.nl/posts/falco-runtime-security/ Implement Kubernetes runtime security with Falco. Detect suspicious syscalls, container escapes, and anomalous behavior in real-time. https://tommeurs.nl/posts/spiffe-spire-zero-trust/ Sat, 26 Jul 2025 10:00:00 +0200 https://tommeurs.nl/posts/spiffe-spire-zero-trust/ Implement zero trust workload identity with SPIFFE and SPIRE. Cryptographic identity for services without static secrets. https://tommeurs.nl/posts/kyverno-policies-governance/ Mon, 14 Jul 2025 10:00:00 +0200 https://tommeurs.nl/posts/kyverno-policies-governance/ Implement Kubernetes governance with Kyverno policies. Enforce best practices, security standards, and compliance automatically. https://tommeurs.nl/posts/argo-rollouts-progressive-delivery/ Fri, 20 Jun 2025 10:00:00 +0200 https://tommeurs.nl/posts/argo-rollouts-progressive-delivery/ Implement canary and blue-green deployments in Kubernetes with Argo Rollouts. Reduce deployment risk with progressive delivery. https://tommeurs.nl/posts/argocd-drift-detection/ Sat, 03 May 2025 19:27:00 +0200 https://tommeurs.nl/posts/argocd-drift-detection/ How to detect and prevent configuration drift in Kubernetes with ArgoCD. Monitor unauthorized changes and keep your cluster in sync with Git. https://tommeurs.nl/posts/argocd-app-of-apps/ Mon, 21 Apr 2025 20:18:00 +0200 https://tommeurs.nl/posts/argocd-app-of-apps/ Learn the App-of-Apps pattern in ArgoCD to manage hundreds of applications with a single root application. Scalable GitOps architecture explained. https://tommeurs.nl/posts/gitops-disaster-recovery/ Wed, 09 Apr 2025 19:52:00 +0200 https://tommeurs.nl/posts/gitops-disaster-recovery/ How to recover a Kubernetes cluster from complete failure using GitOps. Turn Git into your ultimate backup and disaster recovery strategy. https://tommeurs.nl/posts/kubernetes-offline-edge/ Tue, 04 Mar 2025 20:47:00 +0100 https://tommeurs.nl/posts/kubernetes-offline-edge/ How to run Kubernetes clusters in air-gapped and offline environments. Island mode architecture for edge computing, ships, and sovereign infrastructure. https://tommeurs.nl/posts/kubernetes-graceful-degradation/ Thu, 20 Feb 2025 14:22:00 +0100 https://tommeurs.nl/posts/kubernetes-graceful-degradation/ What happens when Kubernetes components fail? Understand how kube-apiserver, etcd, scheduler, and kubelet failures affect your cluster. https://tommeurs.nl/posts/etcd-deep-dive/ Mon, 27 Jan 2025 21:47:00 +0100 https://tommeurs.nl/posts/etcd-deep-dive/ Understanding etcd internals: Raft consensus, leader election, data model, and why it's critical to Kubernetes reliability. https://tommeurs.nl/posts/kubernetes-high-availability-etcd/ Wed, 15 Jan 2025 20:23:00 +0100 https://tommeurs.nl/posts/kubernetes-high-availability-etcd/ Understanding Kubernetes HA architectures: stacked etcd vs external etcd. When to use which, and how to build clusters that survive node failures.