Server

People often think you need VMware, Hyper-V, or at minimum Proxmox to run a “real” hypervisor. Something with a web UI, enterprise features, the whole package. But here’s the thing: KVM with libvirt can do virtually everything those commercial hypervisors do. Live migration, memory ballooning, CPU pinning, GPU passthrough, SR-IOV, nested virtualization — it’s all there. The Linux kernel has been a production-grade hypervisor for over a decade. I run NixOS as my hypervisor. No Proxmox, no web UI, just declarative Nix configs and virsh. Let me show you what’s possible. ...

I spend my evenings doing Hack The Box challenges and CTF competitions. Not because I want to become a pentester — I’m happy in platform engineering. But because the skills I learn there make me significantly better at my day job. This isn’t obvious at first. What does pwning a vulnerable web app have to do with running Kubernetes clusters? More than you’d think. Forensics and offensive security train you to think about systems differently. You learn to investigate, to trace, to understand what’s actually happening rather than what should be happening. And that mindset — plus the tooling — is exactly what you need when debugging production issues at 3 AM. ...

“So what’s the difference between a container and a virtual machine?” I get this question a lot. And the answer usually involves terms like “hypervisor,” “kernel sharing,” and “hardware abstraction” — which just creates more questions. But there’s actually a deeper question lurking here: what’s the difference between simulation, emulation, virtualization, and containerization? These four concepts are often confused, but they’re fundamentally different approaches to solving the same problem: running something in an environment it wasn’t originally designed for. ...

“So what exactly is this zero trust thing everyone keeps talking about?” I get this question a lot. Usually from managers, executives, or anyone who has to approve security budgets without a technical background. And honestly, most explanations I’ve seen are terrible. They’re either drowning in jargon or so oversimplified they’re useless. So here’s my attempt at a metaphor that actually works. One that I’ve used successfully to explain zero trust to my parents, to executives, and to that one colleague who still thinks the firewall is “the internet box.” ...

What if you could have complete control over your email, your photos, your documents, your everything — without needing to understand Linux, Kubernetes, or networking? What if self-hosting was as easy as paying a monthly subscription, but instead of feeding your data to Big Tech, you actually owned it? This is the future I’m building towards. The Problem: We’ve Lost Control Every day, billions of people hand over their most intimate data to companies whose business model depends on exploiting it. Your emails, your photos, your location history, your browsing habits — all stored on servers you don’t control, governed by terms of service you didn’t read, in jurisdictions that may not protect your rights. ...