Pakistan's First Oracle Blog

Subscribe to Pakistan's First Oracle Blog feed
Blog By Fahd Mirza ChughtaiFahd Mirza
Updated: 15 hours 20 min ago

Types of EBS Snapshots in AWS and How to Delete Them

Sat, 2023-02-04 20:01

 Eventually you would have to cleanup and delete your EBS snapshots in AWS. But when you try to do that, things get interesting as its not that straight forward. This video explains the difference between AWS snapshots and how to delete them. 

Categories: DBA Blogs

Best Gitops Tools for Devops Engineers

Sat, 2023-02-04 00:21

Let's have a quick overview of what Gitops is. Gitops is a new cool kid in the town. Gitops is a subset of Devops. GitOps is a practice that helps automate application deployment and infrastructure provisioning. It typically involves using Git, an open source version control system, as a single source of truth for declarative infrastructure and applications. Gitops is mostly used in deploying containerized application on Kubernetes cluster along with Kubernetes resources. I have another video in more detail around this and the link is in the description. 


Categories: DBA Blogs

Dora Metrics Accelerate Book Explained

Thu, 2023-02-02 20:48


Categories: DBA Blogs

Kubernetes Lifecycle Hooks Tutorial for Beginners

Tue, 2023-01-31 22:06


Categories: DBA Blogs

How to Transition from a DBA to Cloud Engineer

Sun, 2023-01-29 15:55

 I worked as pure Oracle DBA from 2001 to 2015 and then transitioned to being a Cloud Engineer. One question I am always asked is what it takes to do that transition? How long does it take? How hard it is? In this video I am going to share my journey of transition from Oracle DBA to a Cloud Engineer and share the lessons learned plus some tips to make this transition smooth. 

Categories: DBA Blogs

Cloud Engineer's Beloved Terminal

Fri, 2023-01-27 21:30

 Cloud engineers spend a fair bit of their time in Linux terminals along with GUI tools. After working with various terminals, let me share with you what an ideal Linux terminal for a cloud engineer looks like to me. By ideal, I mean more productive, easy to use and present. 

Categories: DBA Blogs

What is Prow in Kubernetes for Beginners

Wed, 2023-01-25 21:20


Categories: DBA Blogs

Promtail Loki Grafana PLG Stack on AWS EKS Demo

Mon, 2023-01-23 15:53


Categories: DBA Blogs

EKS vs Lambda - Which to Use When

Mon, 2023-01-23 15:52


Categories: DBA Blogs

Kubernetes Python client on AWS EKS Step by Step Demo

Sun, 2023-01-22 20:57

Kubernetes Python client is used to perform operations on Kubernetes resources in the cluster from your Python code.


  • A Running Kubernetes Cluster (Note: I am using AWS EKS cluster)
  • Install Kubernetes client for Python with pip by using command: pip install kubernetes
  • kubectl utility to verify the resources (Optional)

All the code files used in this video are present in my github repo and the link is in video description.

Categories: DBA Blogs

AWS EKS Crossplane for Beginners

Thu, 2023-01-19 23:34


For more detail, here is step by step procedures.

Categories: DBA Blogs

Step by Step Installation of crossplane on AWS EKS

Thu, 2023-01-19 00:29

 If you want to create your cloud resources such as AWS EC2, S3 bucket etc from within Kubernetes, then you need to use Crossplane. Its an open source project. Following is step  by step instructions to install crossplane on AWS EKS.

-- Make sure kubectl version is v1.23 and helm version is v3.8.2

-- All files which are being used in this code are available at github.

Step 1: Create EKS cluster

Step 2: Run following commands:

For IAM Setup:

ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)

# A permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity. permission-boundary.json file is available in github repo here.

sed -i.bak "s/ACCOUNT_ID/${ACCOUNT_ID}/g" permission-boundary.json

aws iam create-policy \

    --policy-name crossplaneBoundary \

    --policy-document file://permission-boundary.json

# Amazon EKS supports using OpenID Connect (OIDC) identity providers as a method to authenticate users to your cluster. crossplane-ssp is my cluster's name. You can use your own.

OIDC_PROVIDER=$(aws eks describe-cluster --name crossplane-ssp --query "cluster.identity.oidc.issuer" --output text | sed -e "s/^https:\/\///")




  "Version": "2012-10-17",

  "Statement": [


      "Effect": "Allow",

      "Principal": {

        "Federated": "arn:aws:iam::${ACCOUNT_ID}:oidc-provider/${OIDC_PROVIDER}"


      "Action": "sts:AssumeRoleWithWebIdentity",

      "Condition": {

        "StringLike": {

          "${OIDC_PROVIDER}:sub": "system:serviceaccount:crossplane-system:provider-*"







echo "${TRUST_RELATIONSHIP}" > trust.json

# IAM role for provider-aws

aws iam create-role --role-name crossplane-provider-aws --assume-role-policy-document file://trust.json --description "IAM role for provider-aws" --permissions-boundary ${PERMISSION_BOUNDARY_ARN}

aws iam attach-role-policy --role-name crossplane-provider-aws --policy-arn=arn:aws:iam::aws:policy/AdministratorAccess

# Annotate the service account to use IRSA.

sed -i.bak "s/ACCOUNT_ID/${ACCOUNT_ID}/g" aws-provider.yaml

# Install Crossplane

kubectl create namespace crossplane-system

helm repo add crossplane-stable

helm repo update

helm install crossplane --namespace crossplane-system --version 1.10.1 crossplane-stable/crossplane

# wait for the provider CRD to be ready.

kubectl wait --for condition=established --timeout=300s crd/

kubectl apply -f aws-provider.yaml

# wait for the AWS provider CRD to be ready.

kubectl wait --for condition=established --timeout=300s crd/

kubectl apply -f aws-provider-config.yaml

#create resources

kubectl apply -f ec2.yaml

kubectl get instance

kubectl describe instance

kubectl apply -f s3.yaml

kubectl get Bucket

kubectl describe Bucket

Categories: DBA Blogs

SSL certificate problem: self signed certificate in certificate chain Kubectl - SOLVED

Wed, 2023-01-18 22:33

 More often than not, if you are installing or upgrading or downgrading kubectl for Windows or Linux, then during download you might face following error:

$ curl -O

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

curl: (60) SSL certificate problem: self signed certificate in certificate chain

More details here:

curl failed to verify the legitimacy of the server and therefore could not

establish a secure connection to it. To learn more about this situation and

how to fix it, please visit the web page mentioned above.


The solution to above error is to use the curl command with --ssl-no-revoke flag as follows:

curl -O --ssl-no-revoke

and it would work.

I hope that helps.

Categories: DBA Blogs

How to Use AWS SSM Resource Scheduler

Thu, 2023-01-12 18:08


Categories: DBA Blogs

What is AWS SSM Hybrid Activations

Thu, 2023-01-12 18:07


Categories: DBA Blogs

How to Approach Cloud Engineer Interview These Days?

Tue, 2023-01-10 22:18

 Cloud has evolved a lot and so has the role of Cloud Engineer. Normally, the role of engineer in any given field is to build something on the basis of design given by architects and then hand-over that built infrastructure to the operations team. That's not really the case in Cloud. The boundaries are blurry and fuzzy. But one thing is for sure. As a cloud engineer you are required to have breadth and depth in various disciplines within and outside of the cloud. If you are thinking of applying as cloud engineer and want to know latest state of as how to approach cloud engineer interview , then following are some pointers:

Make sure you have few stories prepared from your work as cloud engineer to be told as an example usage of above concepts and services. Make sure you highlight your contribution. Make sure to know what are the latest happenings in cloud. Make sure you display your willingness to evolve as cloud is still evolving. Go in and hit it out of the park.  

Categories: DBA Blogs