diff --git a/content/posts/lxd-containers-for-human-beings.md b/content/posts/lxd-containers-for-human-beings.md
index 3751cf4..276df11 100644
--- a/content/posts/lxd-containers-for-human-beings.md
+++ b/content/posts/lxd-containers-for-human-beings.md
@@ -17,8 +17,8 @@ cover: ./cover.png
 
 This is a blog post version of a talk I presented at both Ubuntu Summit 2022 and
 SouthEast LinuxFest 2023. The first was not recorded, but the second was and is
-on [SELF's PeerTube instance.][selfpeertube] I apologise for the terrible, but
-there's unfortunately nothing I can do about that.
+on [SELF's PeerTube instance.][selfpeertube] I apologise for the terrible audio,
+but there's unfortunately nothing I can do about that.
 
 [selfpeertube]: https://peertube.linuxrocks.online/w/hjiTPHVwGz4hy9n3cUL1mq?start=1m
 
@@ -40,50 +40,81 @@ as soon as there's an installable release.
 - **Isolation:** we don't want an attacker to get into our webserver and be able
   to gain access to our email server
 - **Flexibility:** <abbr title="Virtual Machines">VMs</abbr> and containers only
-  use the resources they've been given
+  use the resources they've been given. If you tell the VM it has 200 MBs of
+  RAM, it's going to make do with 200 MBs of RAM and the kernel's <abbr
+  title="Out Of Memory">OOM</abbr> killer is going to have a fun time 🤠
 - **Portability:** once set up and configured, VMs and containers can mostly be
   treated as black boxes; as long as the surrounding environment is similar to
   the previous in terms of communication, they can just be picked up and dropped
-  on bare metal servers as necessary.
-- **Density:**
-- **Cleanliness:**
+  to various machines and hosts as necessary.
+- **Density:** applications are usually much lighter than the systems they're
+  running on, so it makes sense to run many applications on one system. VMs and
+  containers facilitate that without sacrificing security.
+- **Cleanliness:** VMs and containers are black boxes. When you're done with it,
+  you can just throw the box in the trash (delete it) and everything related to
+  that application is gone.
 
 ## Virtual machines
 
-```goat
- .---------------------------------.
-|  .-------.  .-------.  .-------. |
-| | Guest  | | Guest  | | Guest  | |
-| | OS     | | OS     | | OS     | |
-| .---+---'  .---+---'  .---+---'  |
-|  .--+----.  .--+----.  .--+----. |
-| | Guest  | | Guest  | | Guest  | |
-| | Kernel | | Kernel | | Kernel | |
-| .---+---'  .---+---'  .---+---'  |
-|  .--+----------+----------+----. |
-| |          Hypervisor          | |
-| .--------------+--------------'  |
-|  .-------------+---------------. |
-| |          Host Kernel         | |
-| .-----------------------------'  |
-.---------------------------------'
+```kroki {type=d2,d2theme=flagship-terrastruct,d2sketch=true}
+title: |md
+  # Virtual machines
+| { near: top-center }
+
+direction: up
+
+k1: Guest kernel
+k2: Guest kernel
+k3: Guest kernel
+os1: Guest OS
+os2: Guest OS
+os3: Guest OS
+app1: Many apps
+app2: Many apps
+app3: Many apps
+
+Host kernel -> Hypervisor
+Hypervisor -> k1 -> os1 -> app1
+Hypervisor -> k2 -> os2 -> app2
+Hypervisor -> k3 -> os3 -> app3
 ```
 
 ## Containers
 
-```goat
-       Application containers                 System containers
- .---------------------------------.   .------------------------------.
-|  .-------.  .-------.  .-------. |  |  .------.  .------.  .------. |
-| | App 01 | | App 02 | | App 03 | |  | | Guest | | Guest | | Guest | |
-| '---+---'  '---+---'  '---+---'  |  | | OS    | | OS    | | OS    | |
-|  .--+----------+----------+----. |  | '---+--'  '---+--'  '---+--'  |
-| |          Hypervisor          | |  |  .--+---------+---------+---. |
-| '--------------+--------------'  |  | |         Host Kernel       | |
-|  .-------------+---------------. |  | '--------------------------'  |
-| |          Host Kernel         | |  '------------------------------'
-| '-----------------------------'  |
-'---------------------------------'
+```kroki {type=d2,d2theme=flagship-terrastruct,d2sketch=true}
+title: |md
+  # Application containers
+| { near: top-center }
+
+direction: up
+
+app1: App
+app2: App
+app3: App
+
+Host kernel -> Hypervisor
+Hypervisor -> app1
+Hypervisor -> app2
+Hypervisor -> app3
+```
+
+```kroki {type=d2,d2theme=flagship-terrastruct,d2sketch=true}
+title: |md
+  # System containers
+| { near: top-center }
+
+direction: up
+
+os1: Guest OS
+os2: Guest OS
+os3: Guest OS
+app1: Many apps
+app2: Many apps
+app3: Many apps
+
+Host kernel -> os1 -> app1
+Host kernel -> os2 -> app2
+Host kernel -> os3 -> app3
 ```
 
 ## When to use which