Brendan's Tech Ramblings

Brendan's Tech Ramblings

Using OCI Monitoring to Generate Alerts for VM Instance CPU Utilisation ❌

In this short video, learn how to use the OCI Monitoring Service to generate alerts when the CPU utilisation of a VM instance within OCI exceeds a given value – for example 50%.

Happy monitoring 📉

April 1, 2026
Quickly generating CPU load on a Linux machine 🔥
I needed to test an OCI Alarm I had created that should send an e-mail notification when the average CPU utilisation of a server exceeds 50% over a 15-minute period.

I found a “quick and dirty” way to generate CPU load on Linux using this one simple command:
yes > /dev/null &
This command runs yes (which outputs an endless stream of “y” lines) and redirects all its output to /dev/null (discarding it), with & putting it in the background.

I then ran htop on the instance and I could see that this pegged the CPU at 100%!

After 15 minutes, I received a lovely alert in my inbox:

If you do this, don’t forget to kill the process afterwards using “killall yes”.
March 25, 2026
Updating the Instance Metadata Settings on all Compute instances in an OCI tenancy using PowerShell 🪄
A customer of mine recently ran the OCI Security Health Check 👨‍⚕️, this flagged up the following issue:

Rather than manually clicking through the OCI Console and updating this setting for all Compute Instances (which would have been mind-numbing!) to resolve this, I wrote a PowerShell script that loops through all instances within a tenancy and changes the Instance metadata service so that it only supports Version 2 (rather than V1 and V2), updating the configuration from this:

To this:

Here is the script in all of it’s glory, it can also be found on GitHub. Simply replace TenancyOCID with the OCID of the root compartment in the tenancy and run – this will loop through all compartments, find all Compute Instances and update the setting.
# Get all Compartments $Compartments = Get-OCIIdentityCompartmentsList -CompartmentId TenancyOCID -CompartmentIdInSubtree $true -LifecycleState Active # Loop through all VMs and update the instance metadata service so that it only supports version 2 Foreach ($Compartment in $Compartments) { Write-Host "Compartment Name:" $Compartment.Name -ForegroundColor Green $Instances = Get-OCIComputeInstancesList -CompartmentId $Compartment.Id Foreach ($Instance in $Instances) { Write-Host "-Instance:" $Instance.DisplayName -ForegroundColor White $Action = Update-OCIComputeInstance -InstanceId $Instance.Id -UpdateInstanceDetails @{InstanceOptions = @{AreLegacyImdsEndpointsDisabled = $true}} } }
If you need a hand using PowerShell with OCI, check out this guide.

That’s all for now!
March 6, 2026
Automating VM Instance Configuration using Cloud-init 👷

I’ve just posted a short video on YouTube that demonstrates how to use Cloud-init to automate the configuration of a VM instance in OCI during the creation process.

This is a great way to save time, drive consistency and reduce errors when configuring VM instances.

February 13, 2026
Testing the speed of an OCI VPN connection using iperf3 🏎️
I’ve been working with a customer to setup an OCI Site-to-Site VPN between their On-Premises environment and OCI tenancy.

One thing we wanted to do was test the actual speed of the VPN to ensure that it was sufficient for the customers needs. I found the easiest way to do this was using the splendid tool iperf3 🏎️.

I had a play with this in my home lab, where I have an OCI Site-to-Site VPN configured between a Dream Router 7 and my test OCI tenancy – this provides private access to a number of VM instances that I have hosted within my OCI tenancy.

To get started I needed to install iperf3 on a server within my tenancy (this will be the endpoint for the speed test). To install iperf3 on Ubuntu, the following command can be used:
sudo apt install iperf3
To install on Oracle Linux run the following command:
sudo yum install iperf3
Once iperf3 had been installed on the server within OCI, I then needed to install it on my client machine that sits On-Premises (my house!), iperf3 supports Windows and macOS. I installed on my mac using the instructions found here – https://iperf.fr/iperf-download.php.

Now that I have iperf3 installed on the client and server, the next thing I needed to do was open the ports used by the iperf3 (TCP 5201 by default) on both the Linux server itself and the Security List/NSG within OCI 🔐.

Here are instructions for opening a local port on Ubuntu. To open the port on Oracle Linux, use these commands:
sudo firewall-cmd --add-port=5201/tcp sudo firewall-cmd --runtime-to-permanent
Use these instructions to open a port in a Security List. To open a port in an NSG use these instructions.

In my case I’m only using Security Lists to secure access so have the configuration below, which permits traffic on TCP port 5201 from my home network (192.168.1.0) to the subnet containing my VM instance within OCI (172.16.1.0/24):

Now that the ports have been opened on the Linux server AND either the Security List or NSG (depending on what you use).

The next thing to do is to start iperf3 on the Linux server in listening mode, to do this I ran the following command.
iperf3 -s
I can now start the test from the client machine (macOS in my case) by running the following command, which connects to the IP address of my Linux VM instance – note, it’s using the private IP address so will route over the VPN tunnel:
sudo iperf3 -c 172.16.1.21
It will then run some speed tests and output the results:

From this I can see the transfer speed in MBit/s and MBytes/s for each of the 10 intervals and also the average send/receive speed.

In the example above, I was seeing ~30 Mbits/sec throughput.

This was super-helpful for me, hopefully you find it useful too.

Whilst I used it to benchmark VPN speeds, it can be used in other scenarios too, to understand the network throughput between two devices on the same or different networks.
February 13, 2026
Using a Bastion to Securely Connect to a Windows VM 🔒

I’ve previously documented the process for using the OCI Bastion service to securely connect to a Windows VM instance – https://brendg.co.uk/2023/12/14/connect-to-a-windows-vm-in-oci-using-rdp-through-a-bastion-%F0%9F%94%90/

I’ve recently created a short video to accompany this which steps through the process in further detail 📼.

February 3, 2026
Run a Free Security Health Check of an OCI Tenancy 👩‍⚕️

I’ve previously written about the fantastic OCI Security Health Check – https://brendg.co.uk/2024/07/12/assessing-the-security-posture-of-your-oci-tenant-%F0%9F%94%92/

I decided to create a short video that walks through the process of performing an OCI Security Health Check…..a picture paints a thousand words and all that! 🌆

February 3, 2026
Using tcpdump to troubleshoot network connectivity ❌
I’ve been helping a customer troubleshoot network connectivity between their On-Premises environment and OCI, one tool that has been super-useful is tcpdump (which I’d never used before).

I wanted to put together a short and simple guide on how to use this amazing tool to capture network traffic to help troubleshoot connectivity issues.

First things, first – what is tcpdump?

tcpdump is a powerful command-line packet analyzer that captures and displays network traffic (TCP/IP and other protocols) flowing through a system, acting as a vital tool for network troubleshooting, security analysis, and diagnosing performance issues by letting users filter and inspect individual data packets in real-time or from saved files.

I’ve using this tool on Oracle Linux to troubleshoot connectivity between a Windows server hosted On-Premises and an Oracle Linux VM instance hosted in OCI (where else 😀).

To get started, the tool can be installed on Oracle Linux using the following command:
```
sudo dnf install tcpdump
```
Once tcpdump has been installed, the first thing to do is list the network interfaces on the server – so you can select the relevant one to take the capture from.
```
sudo tcpdump -D
```
I’m interested in the traffic on the main NIC so will use “enp0s6” to take the capture.

Running the following command captures all network traffic on this NIC, it also disables name resolution so you see the IP addresses rather than hostnames of the devices (which makes things a little easier to read).

10.10.1.202 is the IP address of the Oracle Linux VM instance.
```
sudo tcpdump -i enp0s6 -n
```
This is obviously quite chatty, to see traffic on a specific port we can run the following command, in this case it will only list traffic on port 80 (HTTP):
```
sudo tcpdump -n -i enp0s6 port 80
```
Again, this is quite chatty. I’m only interested in traffic on port 80 from a specific machine, so ran the following – update the port/host parameter as needed to specifiy a different port/IP address combo.
```
sudo tcpdump -n -i enp0s6 host 213.249.245.216 and port 80
```
The trace now only shows port 80 traffic to/from the IP address 213.249.245.216.

One other useful parameter is -v which provides more verbose output (example below), in this case it captures the actual HTTP request and response – how cool 😎.
```
sudo tcpdump -n -i enp0s6 host 213.249.245.216 and port 80 -v
```
Another useful tool for me to have in my toolbelt 🔨.
January 15, 2026
Disaster Recovery in OCI using Block Volume Replication 🪄

Here is a short walkthrough of how to configure Block Volume replication in OCI to replicate a Windows VM instance between two different regions – this is useful for disaster recovery scenarios.

Want to learn more about Block Volume replication, check this out – https://docs.oracle.com/en-us/iaas/Content/Block/Concepts/volumereplication.htm

January 7, 2026
List all VM Instances within an OCI tenant using PowerShell 💻
I’ve been working with a customer that’s automation tool of choice is PowerShell…..the good news for them was that OCI provides PowerShell modules!

This means that customers can in theory do everything in PowerShell that they can with the OCI CLI.

The following guide steps through the process of setting up the PowerShell modules for OCI – OCI Modules for PowerShell

Once I’d got this setup (which wasn’t very painful), one of the first things that I helped them to automate is producing a list of all of the VM instances running within their tenancy, I’ve included the code for this below:
```
# Get all VMs
$Compartments = Get-OCIIdentityCompartmentsList -CompartmentId ocid1.tenancy.oc1.. -CompartmentIdInSubtree $true -LifecycleState Active

Foreach ($Compartment in $Compartments) 
{
Write-Host "Compartment Name:" $Compartment.Name -ForegroundColor Green
$Instances = Get-OCIComputeInstancesList -CompartmentId $Compartment.Id
Foreach ($Instance in $Instances)
    {
        Write-Host "-Instance:" $Instance.DisplayName -ForegroundColor White
    }
}
```
This loops through every Compartment from the root Compartment downwards and lists the VM instances within each of these Compartments.

The only thing that needs to be updated prior to running this script is the OCID of the root compartment (CompartmentId parameter).

Here is the output from my tenancy:

You can see all of the Compartments within the tenancy and the 3 x VM instances that I have:
- N8N
- Streamlit
- Hub-VM
December 10, 2025