#046 On Device Automation with Taha Yusuf (a.k.a. NetAutomator), Part 2

Eric Chou: 0:00

Network Automation Nerds Podcast. Hello and welcome to Network Automation Nerds Podcast, a podcast about network automation, network engineering, python and other technology topics. I'm your host, eric Cho. Today on the show, we continue to have conversation with Taha, aka Net Automator. I have to mention that every single time because it's just so how did you get that handle?

Eric Chou: 0:27

Somebody must have offered you to pay you $10,000. If I have money, I'll pay for that, but I'm just as planned on Eric Cho. But anyways, last week we talked to Taha about his journey, his path, how he got into technology. This week I am super excited to continue our conversation and talk about where the Tyrone Mista wrote, so to speak. Really Needy Greedy, how do you? What do you find interesting about containers and all the hotness about Kubernetes and maybe AI? I don't know. We're obligated to talk about AI every single time, to use our ratings right.

Eric Chou: 1:12

But, anyway, Taha, it's great to have you back on the show.

Taha Yusuf: 1:15

Fantastic, eric, it's an absolute pleasure, pleasure to have you. Thank you so much. It's an honor really to be here. I'm very honored, thank you.

Eric Chou: 1:25

The honor is all mine. We were so excited to talk like the last episode, but in fact it was just like 30 minutes ago we started recording but it almost got away from us, the reason why I reached out to you previously. I mean, obviously you're an excellent human being, I love everything you posted about, but what trigger this conversation was a couple of weeks ago you posted about running containers on all three of the I mean not iOS per se, but three of the latest Cisco operating systems, so iOS XP, ios XR and XLS. Tell us a little bit about that.

Taha Yusuf: 2:06

Yes, one thing I've noticed about and I think this is a quite the topic itself I think it lacks quite a lot of resources. Yes, there isn't much resource. I think sometimes it's also misunderstood. The one thing I've noticed about network automation is that few years back it was just network automation, it was a particular field Everyone wanted to go in. It was a DevNet. But I think as we dive forward it's having subdivisions within network automation. So now you have guys who are excellent with AI and network automation, you have guys who are able to do amazing stuff in a multi-vendor environment, you have guys the DevNet guys, and you have.

Taha Yusuf: 2:52

And then there was a particular field which I thought was not giving enough attention and I think one of the reasons is the current role that it sort of pulled me in towards that way. So essentially it's unbox programmability or unbox automation. It's a topic. Now, like I said, it's quite a broad topic and I think the way it's marketed, especially at Cisco, maybe isn't quite so helpful to sort of understanding what you're able to do with it. For me personally, I found it such an interesting topic and it's such an amazing topic really. So essentially, at its core, unbox programmability refers to sort of performing automation via the network device itself as opposed to doing an automation deployment from an external box.

Taha Yusuf: 3:43

So when we're doing automation we're essentially deploying from a laptop or a PC that's hooked up somewhere to the network, and we may have Python, and we're essentially deploying that, the script or what it may be. But and that is the opposite of unbox. So unbox refers to actually doing the automation within the network itself. So think of, like an air-gapped network that has no access to any PC or endpoint connectivity that can do automation, and just being able to automate from the inside of the actual network itself. So one of the nodes will act as an agent and will go ahead and automate the rest as well. That is at its core.

Taha Yusuf: 4:25

What unbox programmability is is the ability to perform automation from the inside of your network, as opposed to doing a Python deployment or an Ansible from an external node, external PC, and that is exactly what it is. So and I think, the way it's marketed by Cisco. So, for example, one of the key things that was marketed a few years back was IOX, which which is an acronym for IOS, linux. Now it was sort of marketed as a application hosting technology where you're able to host applications on the edge of the network, so within the switch, for example you're able to run script, but I think it wasn't given its due diligence.

Taha Yusuf: 5:09

I think there is far more things that that were sort of overlooked, that could have been looked at Right, and you know it's a massive, massive field it's. I mean, with these, I mean with this technology, you've got a essentially a Linux box. I mean you're essentially converting your network switch, your data center switch, like a next next OS or iOS XC switch, you know the on 90, kerala's 93 hundreds. You're essentially converting that to a Linux box, right, and the sort of it's quite endless really of what you're able to do. And I think it maybe it wasn't approached from that perspective. It was more approached from the container side.

Taha Yusuf: 5:52

So majority of the questions I've seen that's been come up when I've been posting is that sort of things that come in DMs like why, why would I need to do that? Like what is the point right? Like what can you explain to me? Yeah, why would I want to want to do that in the first place? Well, it has a plenty of, there's plenty of use case for this and I think that is one of the, and one of them is obviously, you know running Python, you know complex Python scripts, for example, right, and not just Python scripts, bash scripts as well, that can utilize the underlying hardware, so, for example, that can be executed by an event manager script, perform specific tasks. Maybe you want to have a look at, maybe you want to see what specific adjages have gone down, and then you want an OSPF and you want them to come back. I mean, there's so many sort of things that you could do. Obviously, when you've got Python in front of you, it's endless, right, it's. The limit is really down to your creativity. So, having running a Python script inside a box is always helpful, right, it's just you know, and I wouldn't obviously recommend running a game on there, obviously, that's what you're doing right.

Eric Chou: 7:00

You don't want to do that. I have to do that, right, I do have to do that.

Taha Yusuf: 7:07

You can't do it, but I don't think it's helpful.

Eric Chou: 7:10

It's not a career enhancing movement, it might be for your own pleasure, right? I totally agree. I mean, I remember well, you know, I think you hit on some of the use cases where you know just in your brief introduction is I remember the first time I saw it. This wasn't on a Cisco box, this was on an Averista box actually. But there are two kind of use cases that main thing that we use it for. Obviously you know more about it, but that you mentioned.

Eric Chou: 7:38

So the first thing is you're in this airtight space, right, like your data center and you, it's hard for anything to get into that data center.

Eric Chou: 7:49

You have to get like, as any big tech would tell you or any guy that like healthcare, you know, government agency, it's, it requires a lot of approval right Like it's, yeah, it's, it's a. It's a really daunting process to go. But in this case you, if you have something that's already included in the bundle, that's already approved and, you know, blessed by the management, then you have the Swiss army knife where you could. You know, I mean, it's not going to cut that steak really well, but it will do the job right. So in this that's first use case, where it's an airtight, air gap, environment, a close loop, and then you already have the star Swiss army knife called Python and bash and Linux. And the second was, you know, as you talk about like event reaction, right, Like if you have an external management going in, it's never going to be as reactive as fast as something that's on board, right, and that's exactly what you said.

Taha Yusuf: 8:42

Absolutely 100%, 100%. I think that is that is also key. I think one of the other use cases as well and I think it's sort of overlooked is is running a low latency application and containers on the edge. You know, I use the term low latency and I use that for a reason and I tell you exactly why. You know it's no point, no use, you know, having an application somewhere down in the other side of the world, you know, in a data center other side of the world, where that application is sort of being used by your current sort of building, right For everyone in your building. It's actually no use having it somewhere in the cloud when it's used by a particular sort of, you know, endpoints within your company. It makes far more sense to have it on your edge, right, right Close to the edge. You get a lot of benefits. Obviously you'll have low latency.

Taha Yusuf: 9:35

But also, I think, one of the when I recently I was speaking to someone a colleague of mine, about this and I thought you know how interesting that can it be. But then they he made an interesting point where he said but you know, maybe that company wants to move to the cloud, that's. You know that's their goal, right, it's to move everything to the cloud. And I said you know, and they're essentially coming back to the old method where they're having resources sort of you know on-prem, which not what they want, but you know that isn't but when you? But the more you think about that, the more you do realize that it is that in the you know, when you have, when you move to, when a company moves to the cloud, usually it's you know, from a company that I worked with. It's a sort of a from a hybrid standpoint of you. I mean, you're going to move your resources, or you could even move your entire 100% resources, right, you can do a lift and shift and move everything over into the cloud.

Taha Yusuf: 10:22

But the issue is, I think, one thing that people tend to overlook you're still going to have a network infrastructure on-prem, right? I mean you're not. You're not going to have, like you know, there's not going to be a digital people that's one of my friend policy that's able to go into the cloud and you know, get all that information somewhere and you know, run those virtual machine, whatever it may be that you're doing in the cloud. You know you're going to have, you're going to need a network infrastructure, on-prem regardless, right? So you're going to have a bunch of switches, right? You're going to have a bunch of endpoints. These are sort of the crucial aspects, that things that you're going to have.

Taha Yusuf: 10:52

So one of my thinking was that you know you're going to have switches and you know the sort of the 9300 iOS XC now is becoming quite a standard. Now, really, I believe or not, I've seen companies that actually use it as an access, which is quite amazing. You know, a switch where some people will probably say it's more sort of a distribution type of switches the 9200, 9300 catalyst. So I thought to myself you know, why not utilize the hardware? You've already got the hardware in place, so why not utilize the hardware? And someone might say to me, look again.

Taha Yusuf: 11:21

An argument could be that you know, look it's. You know sort of high availability, cloud or private, but you know, if you're obviously nobody has a single switch in their company, right, they have multiple switches. You could have that in a container and load balance across. Again, you know, if it doesn't make sense, where you know for me and this doesn't really make sense where you're going to have a one application that's utilized by a group of endpoints right within a specific location and that application that they're utilizing is somewhere down, you know, in another country in a data center, when you could have it locally hosted on the edge of your network and you just push it to your edge of network and it's much more low latency. And that is, you know, one of the really good use case.

Taha Yusuf: 12:03

I believe that could be utilized, having a sort of running a containers on your own on your switches. They don't have, believe it or not, and this was another question that came up whether they affect the performance of the switch itself. They don't. I mean majority of these running a containerized environment, so they don't actually have that ability. Now, the other sort of use case as well is the ability to run not just specific, you know, sort of bespoke applications, but run network diagnostic tools right. I mean it's great to have Wireshark right on your switch. I mean it's a valuable tool and nowadays you can even get. You know there's something called I think it was a TerraTorm where it's actually I can't remember the name I think it's a T-Shark, but it's a terminal version of Wireshark.

Taha Yusuf: 12:51

So you can actually run it on the switch itself without needing any external endpoints, so you can actually launch the container and it's a terminal container. But it's essentially Wireshark, right, it's a containerized version of Wireshark and those you know the ability to run Wireshark and capture sort of you know frames and packets, it's you know really I can't really think of any words. You know how beneficial it is to a network engineer, especially if you don't need any. You know laptop or a PC connected to where you can just do it directly from the switch itself. You know, using a console port it is beneficial, you don't need to open up a browser, it's right there, you know. You just put it, pop it into your console port and you can run that.

Taha Yusuf: 13:32

And I think that is one of the sort of use cases that's not realized that you know you can run network diagnostic tools as well on your switches, which is really really helpful when things you know don't go according to plan. Yeah, definitely, and I yeah sorry. And I think the overall Linux sort of capabilities is overlooked as well. Because when you know, when you sort of have a containerized version of Linux, you are, I think the biggest mistake people tend to make is that they assume this is a gadget or a feature, but it's not. You're essentially turning your switch into a Linux box, right? That's what it is right, and from that moment, just think of it as a Linux box, and the possibilities are endless really. So yeah.

Eric Chou: 14:17

Yeah, no, I was going to just echo your point of earlier, just before I forget. I think that's essentially the argument, not the argument. But the advantage of having edge networking right Like is you can't backhaul everything back to the cloud. For example, if you think of your, so Cisco is actually the sponsor for you know the 49ers, for, like American football, 49ers stadium and in order to provide that edge, you know sports experience you're not going to be able to backhaul everything back into the cloud and having that response back, you need to run something natively within the stadium. And there's also somebody else who was you know I was chatting with about edge networking and he brought up a good point about you know each, if you think about it, each Tesla is actually an edge network by itself and whenever they get that sensor coming back in to determine you know if that's a child standing in front of that car, you're not going to backhaul to the cloud and say, no, don't hit that. Your response time should be in the subsub milliseconds. So those are actual use cases where it makes sense to set to run something natively. And if you extend that into the switch, absolutely that you know it's beneficial with a Linux and a hard drive.

Eric Chou: 15:38

I'm going to make about performance, of course, right. So a lot of people don't realize where you know you have your management plan. But in order to combine those like echoes and you know process pipelines and your FIPS, they actually get compiled into your FIB, in your FPGA, so that that is where that you know that package is being switched. It's not that you know these products, they don't. They don't go into the Linux kernel and come back down and process it. So, yeah, so both of your points are super valid and I appreciate you bringing those up. You know the performance as well as the. You know none, none. You know package switching impacting, right, like your FIPS, is not going to be impacted.

Taha Yusuf: 16:20

No, the FIPS shouldn't be impacted and you know Cisco is expressed forwarding as in place. So you have all of these things in a data plane. I mean, you know the data plane itself as a hardware should not be affected. So majority of the data plane operations will definitely I would say all of them really would not be affected in a containerized environment. And it's quite interesting that you bring that topic up because it sort of leads me to my sort of next point. And recently I've been sort of researching this topic in in quite in depth and I came across, you know, what makes NXOS so special compared to any other operating system that was developed by Cisco.

Taha Yusuf: 16:59

I think what makes NXOS really, really interesting is the acquisition Absolutely. That's one part right. That's one part right. Like it wasn't built by Cisco, so it wasn't like that's the elephant in the room. Let me just skip that one.

Eric Chou: 17:16

No, no, I'm sorry to interrupt. Go for it.

Taha Yusuf: 17:19

But you know, it's really. It's really its ability to sort of they call it I think Cisco refers to it as if you go to the Cisco developer website as open NXOS, right, and what they've seemed to have done is quite a remarkable. So they've opened up the Linux kernel, right, the Linux kernel. This is where the actual hardware is running on the actual underlay that the hardware is running on, the operating system itself. Right, they've pretty much opened that, expose that to the user and it's quite amazing because it has direct utilization of the hardware itself, right and unlike. I'll explain in a minute about iOS 6c, which is a bit different, but it's actually running an embedded form of Linux, right, especially for sort of it's essentially embedded hardware. Linux is called Wind River Linux.

Eric Chou: 18:14

And I think it's made. It's not Ubuntu.

Taha Yusuf: 18:16

No, it's definitely not. Ubuntu, no, no, no, no, it's definitely not.

Eric Chou: 18:19

Ubuntu. It's not Ubuntu. Yeah.

Taha Yusuf: 18:21

Or Red Hack. I can assure you that.

Eric Chou: 18:23

Yeah.

Taha Yusuf: 18:24

So it's a Wind River Linux, and it's quite interesting because I didn't quite understand how this was the actual underlay, right, Because obviously NXOS is there. Now, what I've learned was a bit of time is that after sort of digging deep, I couldn't find any. Like I said, it lacks quite a lot of resources. Is that NXOS is actually a use-based sort of process? Right, it's actually a software that's running in a user space where the Wind River Linux is actually the underlay hardware. So you've got two layers, right? You've got the NXOS, which has all your CLI configs, the comings that all network engineers are sort of familiar with, and then you have the underlay right, which is the Linux hardware, which is the Wind River Linux hardware, which is utilizing the hardware itself, right this?

Taha Yusuf: 19:10

is what you. Now, what I couldn't quite understand is how they're going to connect, and I've finally, sort of after a lot of research, made that answer. There's a module called NetBroker Module, right, and what that essentially? That piece of software that is that it synchronizes those two layers. So, for example, when a network so let me just so, for example, say you've got an update on the RIB, on NXOS, and what the NetBroker Module does is it synchronizes that back onto the Linux kernel, right, so that they both match. So it synchronizes it to the lower layer. So it's like a synchronization module that synchronizes the com-config on the NXOS to the underlying Linux kernel, which is the Wind River Linux, and that is how it sort of utilizes the hardware resources. And it is very interesting because, like I said, it's very different. They call it bash, I think it's, I think it's feature-enabled bash, but once you enable it, it's essentially they call it bash. But it's much more than that. It's actually a Wind River Linux. It's not a containerized Linux like the other forms.

Taha Yusuf: 20:25

It's a much more sort of a full-on and it has direct utilization to the hardware itself. And then you've got the other sort of Linux on there, which is the containerized Linux, which is what they call name, as referred to as a guest shell, which I'm sure you probably know about right, and that is IOX, which I think they name it, which stands for IOX.

Eric Chou: 20:47

Linux.

Taha Yusuf: 20:47

Now, essentially, that guest shell is a containerized form of Linux, right, and those of you who doesn't know what container is, it's essentially a self-sufficient application that has all of its dependencies to run in any environment. The Linux that the containers were in is CentOS. A different depending on what version of the hardware. Ios using it could be seven, it could be eight, but you could upgrade this. But what's quite interesting is through both of these they have full package management utilities such as YUM. A lot of people don't think it's like okay, wait a second. If I have package utility management and if I essentially have a full Linux kernel, could I run Ansible on this?

Eric Chou: 21:35

Yes, you can, you can run it.

Taha Yusuf: 21:40

Exactly. Wait a second. Could I run NetMeco module, if I can get a module inside Python using PippinStore? Yes, you can. I've done it. You can run NetMeco on it without any issues. You can run Terraform, absolutely. You can download the Terraform ARM64 version of Terraform. I've tried it. It works. It's great. I mean, can you imagine having all of those utilities within your own box environment? I think that is just amazing.

Eric Chou: 22:04

Now one of the- you don't have to imagine. Taha just did it for you Exactly. You show you those examples.

Taha Yusuf: 22:14

Absolutely. It's really amazing that you're able to do that. I think one of the things that I came up against was is that let's just assume that I'm in a air-gapped environment where it's almost impossible to get anything into that environment, even attaching a laptop that has Python and all the modules installed and all the goodies installed. Because, let's be honest, if you haven't got the Request module and it doesn't come native with Python and if you haven't got a good, let's say, an SSH module like Parameco, you're limited and what you can do in terms of automated network device, You're very limited.

Taha Yusuf: 22:54

Actually, it doesn't the Python that it has. I think it's 3.7, I can't remember, but it doesn't have the Request module. So you can't do any API actions Because those aren't native to Python.

Eric Chou: 23:06

Not the standard library? Yeah, Exactly.

Taha Yusuf: 23:09

It didn't have Parameco or any of those. Things are very difficult. This is the challenge that I face. For example, I've got a 100 access switches On my core. I've got one good Nexus switch and I've also got some good iOS XC9, what can I do? What could you do in order? Let's say, we need to create VLANs across all of those access switches. How can we automate that process?

Taha Yusuf: 23:33

At the same time, we've got a complete air gap system. We can't do anything. But how can we automate? Put ourselves in a position where we can automate all of those repetitive sort of tile tasks without attaching any third party device? What can we do? I think that is something that's interesting that I'm working on at the moment, because it is very difficult, as you probably know, to do anything with Python, especially when you're dealing with switches that are networked and you don't have any SSH modules and you've got the standard library. Good luck to anybody who wants to create an SSH module from scratch, because you're in a world of pain.

Eric Chou: 24:13

You're in a world of pain, so you're trying to find a Kirk buyer to unsign. Even Kirk couldn't rewrite the whole thing within an hour, right? Even though he's no creator.

Taha Yusuf: 24:28

Absolutely. That's the challenges that I'm facing at the moment. I'm hoping that I can overcome those.

Eric Chou: 24:34

Yeah, no, I like the point you brought up about, like namespaces, right, like the fact that native Linux with access to hardware shouldn't be overlooked because, um, yeah, so, like you know, maybe people are not familiar too familiar with like namespacing is, you know it's an expensive operation to copy a packet or whatever from like one memory space to another. And especially if you have, um, like Linux, who's the latest kernels and you know three kernels before that have a very, very clear delimitation between you know, your, your kernel namespace versus your, your other namespaces, where, like, moving around is very difficult and that's expensive operation, which is why the process so slow. And something like DP, dk or, in this case, like NXOS, we're able to, you know, kind of bridge the two, where you know you just have to, you don't have to copy it between the spaces, you just have to in one place and then you get that performance. And, like you said, they also have like a guest shell where you know it's just regular, sent us. That you know you're all familiar with.

Taha Yusuf: 25:43

Yeah, that's it. That's it, you know, and I think the other aspect that that's quite scary as well, that I have personally found during my research, is that we've, we've, when, with the containerized version of Linux um, you've got to remember, it's a container, right, it has no understanding of the current infrastructure that it's in, whether it's in a switch, whether it's in the it's, it's running in a piece. It doesn't know that, right, it's a containerized. So one of the great difficulties that many people have with this is the ability. How do I route this to the hardware, you know, how do I attach this with the actual interfaces? Right, I've, I've got the, the, the, the Linux container running um center-west, but how do I route it outside on my network? How do I make sure that that container is able to reach all my network devices? So I can automate. And I think those are the things that are sort of scaring people. And there's, there's many ways you can do this. You can use things like virtual port groups and attach the container to the virtual port group and then associate, and then that way you will have the sort of agency with the, with a virtual port group, essentially an SVI, right, it's a virtual um a virtual interface and associate that with a physical interface. So you'll essentially have to route that container as well about outside of the, the box itself. And I think that may be quite scary. But with the NXOS, remember the Bash shell it's it's directly utilizing the hardware, it's not in a containerized form, so you don't need to do all those all that routing and so forth. You can directly, you know, perform your automation.

Taha Yusuf: 27:10

You could, let's say um, um, you know, if you've got the right modules, you could, you know, go ahead, let's say um, automate, you know, um, the creation of, let's say, VLAN 20 in a hundred switches, with ease, without using any other PC, um, just by using that box itself. You know, it's got all the utilities that you need in there, for, for example, it's got VIM, it has everything um as an editor. So you could essentially create a small script, Python script, um. And it does a lot of interesting things as well, because there's a, an interesting module that it has on there which is a CLI module, um, which essentially allows it to interact with the actual underlying um, um and XOS, um, um, cli. So yeah, it is very, very interesting and I think it's uh, it's a topic maybe not marketed?

Taha Yusuf: 27:57

I personally believe, because I think it's. You shouldn't just assume it's just for an application. Hosting um platform is much more than that, I would say. The some of the features of these sort of uh uh of these switches, especially the newer models, are amazing. I mean they're, they're absolutely amazing Really.

Eric Chou: 28:14

Yeah, I mean, yeah, I mean it's hard to convey, I think, the the overall picture, right, like, or how like to just tell that all the awesomeness of the setup would be, but I think it's safe to say that it is a way to uh give you all the tools that you're familiar with without a lot of, uh, external dependencies, right, yeah, absolutely Able to just do a lot of the things that you're so used to, as opposed to, you know, maybe, uh, I remember a long time ago when I was, you know, trying to automate something and all I had available was a tickle shell right In iOS, and then you have to, like, change your contacts, you have to learn tickle syntax. It wasn't hard, but it was nonetheless another thing that you have to learn and have to do. But now that you have these unbox for all of you know, nxos, xr, sc then you're able to just transfer that knowledge without context switching. Would that be like kind of a correct statement?

Taha Yusuf: 29:17

Absolutely 100%. I mean, I couldn't have said it any better. Actually, um, and I think you know you've, you've really hit the nail on the head. You've got all the tools that you need in, especially from a network automation point of view, things that we know, all the tools that we need. You know from Python, you know, um, containers. We have everything that we need really on these boxes and it's like, and also you've got to remember as well that everything that's in the box, from a security point of view, you are not attaching any external points and points onto that network. So, yeah, so you've also got that security reassurance as well that, no, now that you've connected that laptop to your network, you know what.

Taha Yusuf: 29:55

You don't know what's what's winning or what was in your laptop, right, and you know you've got everything. You know you've got all the utilities on your, on your PC. So if, if you've got a, let's say, you know, a clean, um, um, sort of image laptop that doesn't have anything in there, you know you could connect the console port up and then you will realize that, uh, that you've got pretty much everything in there. You know, from the moment that you enable guest shell, the moment that you exposed the Bashel itself Python it has many types of. It's quite strange, actually, because it has a lot of free forms of Python, but a lot of people don't know about that.

Eric Chou: 30:32

It's just Python. It's not like iOS Python, it's not like Cisco Python.

Taha Yusuf: 30:37

Yeah, so you know one of the Python, so the native Pythons that run on these boxes, right, they have a native Python. And so, for example, the one on NXOS actually has got modules, which is quite unique, that are made by Cisco. So it has a module called Named Cisco, actually, and it's a module called CLI, which essentially allows it to utilize the underlying hardware system. So it allows you to write Python scripts utilizing the underlay hardware system with that module, and it's doing it via API, from what I recall from my research. So, yeah, it has quite unique libraries, the native Python, but within the container itself, within CentoX, it has, you know, python, the Python that me and you know about, right, right, it doesn't have those special modules that were developed by Cisco.

Taha Yusuf: 31:27

So it is quite interesting. So you're absolutely right, you've got quite a lot of tools, really, pretty much I would say all the tools that you need in order to automate your infrastructure, whether that's, you know, expanding your layer to domain, you know, creating that VX. It has everything. It really does have everything that you need.

Eric Chou: 31:45

All right, let me take that back, so you do have that special Cisco Python, or?

Taha Yusuf: 31:50

like.

Eric Chou: 31:51

Python, with you know, Cisco module and then CYLINE module yeah, the oldest booties, but if you, you know, feel like it, you could have the regular Python as well. Right, exactly, yeah.

Taha Yusuf: 32:02

Yeah.

Eric Chou: 32:04

Well, you know, ty, it's great that you brought these up. I really enjoy our conversation, but I mean, you're so far advanced, right Like? So how? Let me ask for the rest of us, right Like, we're not familiar with it, we don't, we haven't done extensive research. How can we get started with playing around with these? You know these cool containers in iOS.

Taha Yusuf: 32:26

Yeah, I think one of the things that I recommend is I've noticed about a lot of switches. Whenever I sort of see an iOS XC switch, I realize that the container shell has never been turned on right.

Eric Chou: 32:40

They probably don't know about it, right.

Taha Yusuf: 32:43

And a lot of people don't even know. You even have, you know, python in the old sort of iOS XC devices like the three, six, five zeros. You know you've got this Python 2 on there and I think a lot of people maybe are not aware of how to turn these on and the containers on. So turning the containers on, and you know going into Bash, you know just, it's very easy, you know, especially with the NXOS, it's just you know feature Bash shell and it will turn the Bash and that just exposes the underlying sort of hardware. And then you've got your Linux kernel that you can play with. And the moment I think you've got to think of it like this, and I think it took me a while to get my head around this and I think this is probably the key Do not think of that NXOS or iOS XC device.

Taha Yusuf: 33:30

You know, even if it's. You know your CSR routers. You know your virtualized CSR routers. Do not think of them as just as a network device, but think of them as a Linux operating system. Right, right, think of it as a Linux and from that moment, think of it that you've got Ubuntu ready and it's quite far fetched, but it's not really because you've got all the package management utilities on there, like YUM and so forth. So think of it as that way. The moment you think of it, that you can, you know, download packages, download software, ansible, anything on there, then you realize that, hey, this is not a switch. You know, I'm sitting in front of my Linux box, right, it is.

Eric Chou: 34:07

Yeah.

Taha Yusuf: 34:08

It is. So I think that is one way you can get started Just enabling those tools and play around with it as if you're sitting in front of a Linux box, not necessarily a switch. That is one thing that I found quite easy. And then you realize that creativity. There's so many things that you could do from running containers Docker I mean Docker is actually built into it. You could run a Kubernetes cluster if you wanted to. You know, have a bunch of containers in pods. So there's so many things you could do. There's a book by Cisco which I highly recommend, and maybe you could.

Eric Chou: 34:40

Yeah, I really put it in the show notes because I saw you.

Taha Yusuf: 34:43

Is it the container since Cisco iOS, that's right, yeah, yeah, that is a great, great book. I can never pronounce the author's name, but he is absolutely fantastic book. I mean I, you know. These guys are absolutely amazing. Honestly, it's a genius of a book and I think maybe the title itself doesn't maybe do justice, because it's assumed that it's just about containers. It is not.

Taha Yusuf: 35:06

I can assure you they talk about everything you know how to get. You know how to SSH into the, you know into the bash kernel, as opposed to SSH into the switch. I mean, a lot of complex topics are discussed in that book which I thought, wow, I can't believe. You know, not many people have know about this book, right? No, no, no, it's an amazing book and I think once you sort of go through that book, then you can come up with a lot of creative, different ways to play around with open NXOS and also Linux as well. Because those are the key things. The key, I would say, is understanding Linux and learning Linux, because once you fully grasp it and you know how to manage Linux, then you realize that, hey, I can run anything on these switches, you know.

Eric Chou: 35:54

Yeah, I get excited just hearing about it. You're now the master of your own domain, right? You no longer need to add any external tools. You don't need to rely on this wall garden provided by you. You have those open source tools. And, yeah, the book. I mean, I didn't know about the book until you posted, so thank you so much for doing that. I have it already in the show notes. It's called Containers in Cisco, ios, xe, ios XR in NSOS. Orchestration and Operation by Yogesh and not Gendra, like you said. I probably you know I'm my apology if I you know. I'm just saying it's brilliant. I haven't read it, but I glanced through it. Just the fact that they talk so deeply about NXOS, like a near real-time OS kernel and all of that, that's amazing. It is, and I appreciate your talk about. You know how. Turn it on, like you heard it here. First. Turn it on, change your mindset and be the king of your domain.

Taha Yusuf: 36:47

Absolutely, absolutely 100%, and you will realize that you will no longer need you know, an external sort of endpoint to have your automations. You can have everything done within the network itself and it's you know. Before you know it, you're gonna create your own sort of python scripts and are running on the, on your you know interfaces. You know whether you're trying to capture specific data or Try to diagnose tools.

Eric Chou: 37:10

It's, it's, the possibilities are really endless, really and if you play doom, please send me pictures, send me a talk pictures. Maybe just pass us right like don't pass it out so your boss don't see it, but please just send us pictures.

Taha Yusuf: 37:28

Yeah, please. Please be not this is very because that's, that's, that's, that's not that's not it.

Eric Chou: 37:33

Yeah, I didn't tell you.

Taha Yusuf: 37:36

You're gonna be. You're gonna be. Needs to change up your CV quite quickly.

Eric Chou: 37:41

Yeah, yeah, you know your lab box and you didn't hear from us, right like I'm just saying yeah. So, todd, it's been a pleasure. I really enjoy our conversation. The honor is all mine to have you on the show. Thank you for making the time. If people want to know more about your thoughts, want to follow you on Twitter, on social what's the best way to do that.

Taha Yusuf: 38:03

You can follow me on Twitter. I'm on Twitter, I'm also on. I've got my own website, network automated calm and all the YouTube content. I've also sort of resorted to YouTube content because I find it easy sometimes to express myself verbally as opposed to having it written. And, yeah, you know YouTube, twitter, as well as network automated calm, for free to reach out. You know, if there's anything that you need or any sort of any topic that you you don't quite understand what we've discussed today, please feel free to reach out and I will try my best to assist you really.

Eric Chou: 38:40

Oh my god, be careful. What you asked for. I mean I'm going to be like unicasting you, like what is this life cycle? I appreciate you. I mean it's been a great conversation. I really enjoyed it.

Taha Yusuf: 38:53

No, thank you so much and yeah, I you know you're one of my spirations, eric, and yeah, keep doing what you do, because you do a very amazing job, amazing.

Eric Chou: 39:03

Yeah, thank you so much. Thank you for the kind words, thank you, thanks for listening to. Network. Animation is podcast today. Find us on Apple podcast, google podcast, spotify and all the other podcast platforms. Until next time, bye, bye.