Practical Engineering
open-menu closeme
Engineering
github linkedin rss
  • x509: certificate signed by unknown authority? Maybe the cert pool is empty

    calendar Apr 15, 2025 · 6 min read · Linux Container SELinux Bottlerocket  ·
    Share on: twitter copy

    I recently worked on getting amazon-ssm-agent to run inside containers on Bottlerocket. During that process, I ran into a TLS issue connecting to amazonaws.com. The root cause turned out be interesting and we'll walk through it in this post. Running amazon-ssm-agent in a container: why and how? To enable sessions …


    Read More
  • Missing Container Disk I/O Stats with cgroup v1 on Kernel 6.1

    calendar Nov 9, 2024 · 4 min read · Linux Container  ·
    Share on: twitter copy

    As the Amazon Linux 2 (AL2) approaches its End of Life on 2025-06-30, we have started migrating our container platform from AL2 to Amazon Linux 2023 (AL2023). The migration encountered a few speed bumps. In this post, we'll look at one of them: missing container disk I/O stats. Why are container I/O dashboards blank? …


    Read More

Peng Zhang

Software Engineer

Recent Posts

  • A few Go idioms
  • A Few Shell Surprises
  • x509: certificate signed by unknown authority? Maybe the cert pool is empty
  • Lessons from an errgroup and Context mishap
  • Avoid panic on expected errors: lessons from operating journald-to-cwl
  • GPG is still in use to verify downloads
  • Why does GOMEMLIMIT take up significant physical memory for unused virtual memory?
  • Logs default to stderr in Go and other languages: avoid using stderr to determine program success.

Tags

GO 16 ALGORITHMS 8 INTERVIEW 7 LINUX 7 GUIDE 3 CONTAINER 2 DISTRIBUTED-SYSTEM 2 WEB 2 BOTTLEROCKET 1 COMPUTER-ARCHITECTURE 1 CONCURRENCY 1 CRYPTOGRAPHY 1 DATABASES 1 SELINUX 1
All Tags
ALGORITHMS8 BOTTLEROCKET1 COMPUTER-ARCHITECTURE1 CONCURRENCY1 CONTAINER2 CRYPTOGRAPHY1 DATABASES1 DISTRIBUTED-SYSTEM2 GO16 GUIDE3 INTERVIEW7 LINUX7 SELINUX1 SHELL1 TESTING1 WEB2
[A~Z][0~9]
Peng Zhang

Copyright 2022-  PENG ZHANG. All Rights Reserved

to-top