Unbox Programmability in Network Automation

Network Automation Nerds Podcast . Hello and welcome to Network Automation Nerds Podcast , a podcast about network automation , network engineering , python and other technology topics . I'm your host , eric Cho . Today on the show , we continue to have conversation with Taha , aka Net Automator . I have to mention that every single time because it's just so how did you get that handle ?

Somebody must have offered you to pay you $10,000 . If I have money , I'll pay for that , but I'm just as planned on Eric Cho . But anyways , last week we talked to Taha about his journey , his path , how he got into technology . This week I am super excited to continue our conversation and talk about where the Tyrone Mista wrote , so to speak . Really Needy Greedy , how do you ? What do you find interesting about containers and all the hotness about Kubernetes and maybe AI ? I don't know . We're obligated to talk about AI every single time , to use our ratings right .

But , anyway , Taha , it's great to have you back on the show .

Fantastic , eric , it's an absolute pleasure , pleasure to have you . Thank you so much . It's an honor really to be here . I'm very honored , thank you .

The honor is all mine . We were so excited to talk like the last episode , but in fact it was just like 30 minutes ago we started recording but it almost got away from us , the reason why I reached out to you previously . I mean , obviously you're an excellent human being , I love everything you posted about , but what trigger this conversation was a couple of weeks ago you posted about running containers on all three of the I mean not iOS per se , but three of the latest Cisco operating systems , so iOS XP , ios XR and XLS . Tell us a little bit about that .

Yes , one thing I've noticed about and I think this is a quite the topic itself I think it lacks quite a lot of resources . Yes , there isn't much resource . I think sometimes it's also misunderstood . The one thing I've noticed about network automation is that few years back it was just network automation , it was a particular field Everyone wanted to go in . It was a DevNet . But I think as we dive forward it's having subdivisions within network automation . So now you have guys who are excellent with AI and network automation , you have guys who are able to do amazing stuff in a multi-vendor environment , you have guys the DevNet guys , and you have .

And then there was a particular field which I thought was not giving enough attention and I think one of the reasons is the current role that it sort of pulled me in towards that way . So essentially it's unbox programmability or unbox automation . It's a topic . Now , like I said , it's quite a broad topic and I think the way it's marketed , especially at Cisco , maybe isn't quite so helpful to sort of understanding what you're able to do with it . For me personally , I found it such an interesting topic and it's such an amazing topic really . So essentially , at its core , unbox programmability refers to sort of performing automation via the network device itself as opposed to doing an automation deployment from an external box .

So when we're doing automation we're essentially deploying from a laptop or a PC that's hooked up somewhere to the network , and we may have Python , and we're essentially deploying that , the script or what it may be . But and that is the opposite of unbox . So unbox refers to actually doing the automation within the network itself . So think of , like an air-gapped network that has no access to any PC or endpoint connectivity that can do automation , and just being able to automate from the inside of the actual network itself . So one of the nodes will act as an agent and will go ahead and automate the rest as well . That is at its core .

What unbox programmability is is the ability to perform automation from the inside of your network , as opposed to doing a Python deployment or an Ansible from an external node , external PC , and that is exactly

Cisco's IOX Marketing and Linux Applications

what it is . So and I think , the way it's marketed by Cisco . So , for example , one of the key things that was marketed a few years back was IOX , which which is an acronym for IOS , linux . Now it was sort of marketed as a application hosting technology where you're able to host applications on the edge of the network , so within the switch , for example you're able to run script , but I think it wasn't given its due diligence .

I think there is far more things that that were sort of overlooked , that could have been looked at Right , and you know it's a massive , massive field it's . I mean , with these , I mean with this technology , you've got a essentially a Linux box . I mean you're essentially converting your network switch , your data center switch , like a next next OS or iOS XC switch , you know the on 90 , kerala's 93 hundreds . You're essentially converting that to a Linux box , right , and the sort of it's quite endless really of what you're able to do . And I think it maybe it wasn't approached from that perspective . It was more approached from the container side .

So majority of the questions I've seen that's been come up when I've been posting is that sort of things that come in DMs like why , why would I need to do that ? Like what is the point right ? Like what can you explain to me ? Yeah , why would I want to want to do that in the first place ? Well , it has a plenty of , there's plenty of use case for this and I think that is one of the , and one of them is obviously , you know running Python , you know complex Python scripts , for example , right , and not just Python scripts , bash scripts as well , that can utilize the underlying hardware , so , for example , that can be executed by an event manager script , perform specific tasks . Maybe you want to have a look at , maybe you want to see what specific adjages have gone down , and then you want an OSPF and you want them to come back . I mean , there's so many sort of things that you could do . Obviously , when you've got Python in front of you , it's endless , right , it's . The limit is really down to your creativity . So , having running a Python script inside a box is always helpful , right , it's just you know , and I wouldn't obviously recommend running a game on there , obviously , that's what you're doing right .

You don't want to do that . I have to do that , right , I do have to do that .

You can't do it , but I don't think it's helpful .

It's not a career enhancing movement , it might be for your own pleasure , right ? I totally agree . I mean , I remember well , you know , I think you hit on some of the use cases where you know just in your brief introduction is I remember the first time I saw it . This wasn't on a Cisco box , this was on an Averista box actually . But there are two kind of use cases that main thing that we use it for . Obviously you know more about it , but that you mentioned .

So the first thing is you're in this airtight space , right , like your data center and you , it's hard for anything to get into that data center .

You have to get like , as any big tech would tell you or any guy that like healthcare , you know , government agency , it's , it requires a lot of approval right Like it's , yeah , it's , it's a . It's a really daunting process to go . But in this case you , if you have something that's already included in the bundle , that's already approved and , you know , blessed by the management , then you have the Swiss army knife where you could . You know , I mean , it's not going to cut that steak really well , but it will do the job right . So in this that's first use case , where it's an airtight , air gap , environment , a close loop , and then you already have the star Swiss army knife called Python and bash and Linux . And the second was , you know , as you talk about like event reaction , right , Like if you have an external management going in , it's never going to be as reactive as fast as something that's on board , right , and that's exactly what you said .

Absolutely 100% , 100% . I think that is that is also key . I think one of the other use cases as well and I think it's sort of overlooked is is running a low latency application and containers on the edge . You know , I use the term low latency and I use that for a reason and I tell you exactly why . You know it's no point , no use , you know , having an application somewhere down in the other side of the world , you know , in a data center other side of the world , where that application is sort of being used by your current sort of building , right For everyone in your building . It's actually no use having it somewhere in the cloud when it's used by a particular sort of , you know , endpoints within your company . It makes far more sense to have it on your edge , right , right Close to the edge . You get a lot of benefits . Obviously you'll have low latency .

But also , I think , one of the when I recently I was speaking to someone a colleague of mine , about this and I thought you know how interesting that can it be . But then they he made an interesting point where he said but you know , maybe that company wants to move to the cloud , that's . You know that's their goal , right , it's to move everything to the cloud . And I said you know , and they're essentially coming back to the old method where they're having resources sort of you know on-prem , which not what they want , but you know that isn't but when you ? But the more you think about that , the more you do realize that it is that in the you know , when you have , when you move to , when a company moves to the cloud , usually it's you know , from a company that I worked with . It's a sort of a from a hybrid standpoint of you . I mean , you're going to move your resources , or you could even move your entire 100% resources , right , you can do a lift and shift and move everything over into the cloud .

But the issue is , I think , one thing that people tend to overlook you're still going to have a network infrastructure on-prem , right ? I mean you're not . You're not going to have , like you know , there's not going to be a digital people that's one of my friend policy that's able to go into the cloud and you know , get all that information somewhere and you know , run those virtual machine , whatever it may be that you're doing in the cloud . You know you're going to have , you're going to need a network infrastructure , on-prem regardless , right ? So you're going to have a bunch of switches , right ? You're going to have a bunch of endpoints . These are sort of the crucial aspects , that things that you're going to have .

So one of my thinking was that you know you're going to have switches and you know the sort of the 9300 iOS XC now is becoming quite a standard . Now , really , I believe or not , I've seen companies that actually use it as an access , which is quite amazing . You know , a switch where some people will probably say it's more sort of a distribution type of switches the 9200 , 9300 catalyst . So I thought to myself you know , why not utilize the hardware ? You've already got the hardware in place , so why not utilize the hardware ? And someone might say to me , look again .

An argument could be that you know , look it's . You know sort of high availability , cloud or private , but you know , if you're obviously nobody has a single switch in their company , right , they have multiple switches . You could have that in a container and load balance across . Again , you know , if it doesn't make sense , where you know for me and this doesn't really make sense where you're going to have a one application that's utilized by a group of endpoints right within a specific location and that application that they're utilizing is somewhere down , you know , in another country in a data center , when you could have it locally hosted on the edge of your network and you just push it to your edge of network and it's much more low latency . And that is , you know , one of the really good use case .

I believe that could be utilized , having a sort of running a containers on your own on your switches . They don't have , believe it or not , and this was another question that came up whether they affect the performance of the switch itself . They don't . I mean majority of these running a containerized environment , so they don't actually have that ability . Now , the other sort of use case as well is the ability to run not just specific , you know , sort of bespoke applications , but run network diagnostic tools right . I mean it's great to have Wireshark right on your switch . I mean it's a valuable tool and nowadays you can even get . You know there's something called I think it was a TerraTorm where it's actually I can't remember the name I think it's a T-Shark , but it's a terminal version of Wireshark .

So you can actually run it on the switch itself without needing any external endpoints , so you can actually launch the container and it's a terminal container . But it's essentially Wireshark , right , it's a containerized version of Wireshark and those you know the ability to run Wireshark and capture sort of you know frames and packets , it's you know really I can't really think of any words . You know how beneficial it is to a network engineer , especially if you don't need any . You know laptop or a PC connected to where you can just do it directly from the switch itself . You know , using a console port it is beneficial , you don't need to open up a browser , it's right there , you know . You just put it , pop it into your console port and you can run that .

And I think that is one of the sort of use cases that's not realized that you know you can run network diagnostic tools as well on your switches , which is really really helpful when things you know don't go according to plan . Yeah , definitely , and I yeah sorry . And I think the overall Linux sort of capabilities is overlooked as well . Because when you know , when you sort of have a containerized version of Linux , you are , I think the biggest mistake people tend to make is that they assume this is a gadget or a feature , but it's not . You're essentially turning your switch into a Linux box , right ? That's what it is right , and from that moment , just think of it as a Linux box , and the possibilities are endless really . So yeah .

Yeah , no , I was going to just echo your point of earlier , just before I forget . I think that's essentially the argument , not the argument . But the advantage of having edge networking right Like is you can't backhaul everything back to the cloud . For example , if you think of your , so Cisco is actually the sponsor for you know the 49ers , for , like American football , 49ers stadium and in order to provide that edge , you know sports experience you're not going to be able to backhaul everything back into the cloud and having that response back , you need to run something natively within the stadium . And there's also somebody else who was you know I was chatting with about edge networking and he brought up a good point about you know each , if you think about it , each Tesla is actually an edge network by itself and whenever they get that sensor coming back in to determine you know if that's a child standing in front of that car , you're not going to backhaul to the cloud and say , no , don't hit that . Your response time should be in the subsub milliseconds . So those are actual use cases where it makes sense to set to run something natively . And if you extend that into the switch , absolutely that you know it's beneficial with a Linux and a hard drive .

I'm going to make about performance , of course , right . So a lot of people don't realize where you know you have your management plan . But in order to combine those like echoes and you know process pipelines and your FIPS , they actually get compiled into your FIB , in your FPGA , so that that is where that you know that package is being switched . It's not that you know these products , they don't . They don't go into the Linux kernel and come back down and process it . So , yeah , so both of your points are super valid and I appreciate you bringing those up . You know the performance as well as the . You know none , none . You know package switching impacting , right , like your FIPS , is not going to be impacted .

No , the FIPS shouldn't be impacted and you know Cisco is expressed forwarding as in place . So you have all of these things in a data plane . I mean , you know the data plane itself as a hardware should not be affected . So majority of the data plane operations will definitely I would say all of them really would not be affected in a containerized environment . And it's quite interesting that you bring that topic up because it sort of leads me to my sort of next point . And recently I've been sort of researching this topic in in quite in depth and I came across , you know , what makes NXOS so special compared to any other operating system that was developed by Cisco .

I think what makes NXOS really , really interesting is the acquisition Absolutely . That's one part right . That's one part right . Like it wasn't built by Cisco , so it wasn't like that's the elephant in the room . Let me just skip that one .

No , no , I'm sorry to interrupt . Go for it .

But you know , it's really

Exploring Open NXOS and Automation Challenges

. It's really its ability to sort of they call it I think Cisco refers to it as if you go to the Cisco developer website as open NXOS , right , and what they've seemed to have done is quite a remarkable . So they've opened up the Linux kernel , right , the Linux kernel . This is where the actual hardware is running on the actual underlay that the hardware is running on , the operating system itself . Right , they've pretty much opened that , expose that to the user and it's quite amazing because it has direct utilization of the hardware itself , right and unlike . I'll explain in a minute about iOS 6c , which is a bit different , but it's actually running an embedded form of Linux , right , especially for sort of it's essentially embedded hardware . Linux is called Wind River Linux .

And I think it's made . It's not Ubuntu .

No , it's definitely not . Ubuntu , no , no , no , no , it's definitely not .

Ubuntu . It's not Ubuntu . Yeah .

Or Red Hack . I can assure you that .

Yeah .

So it's a Wind River Linux , and it's quite interesting because I didn't quite understand how this was the actual underlay , right , Because obviously NXOS is there . Now , what I've learned was a bit of time is that after sort of digging deep , I couldn't find any . Like I said , it lacks quite a lot of resources . Is that NXOS is actually a use-based sort of process ? Right , it's actually a software that's running in a user space where the Wind River Linux is actually the underlay hardware . So you've got two layers , right ? You've got the NXOS , which has all your CLI configs , the comings that all network engineers are sort of familiar with , and then you have the underlay right , which is the Linux hardware , which is the Wind River Linux hardware , which is utilizing the hardware itself , right this ?

is what you . Now , what I couldn't quite understand is how they're going to connect , and I've finally , sort of after a lot of research , made that answer . There's a module called NetBroker Module , right , and what that essentially ? That piece of software that is that it synchronizes those two layers . So , for example , when a network so let me just so , for example , say you've got an update on the RIB , on NXOS , and what the NetBroker Module does is it synchronizes that back onto the Linux kernel , right , so that they both match . So it synchronizes it to the lower layer . So it's like a synchronization module that synchronizes the com-config on the NXOS to the underlying Linux kernel , which is the Wind River Linux , and that is how it sort of utilizes the hardware resources . And it is very interesting because , like I said , it's very different . They call it bash , I think it's , I think it's feature-enabled bash , but once you enable it , it's essentially they call it bash . But it's much more than that . It's actually a Wind River Linux . It's not a containerized Linux like the other forms .

It's a much more sort of a full-on and it has direct utilization to the hardware itself . And then you've got the other sort of Linux on there , which is the containerized Linux , which is what they call name , as referred to as a guest shell , which I'm sure you probably know about right , and that is IOX , which I think they name it , which stands for IOX .

Linux .

Now , essentially , that guest shell is a containerized form of Linux , right , and those of you who doesn't know what container is , it's essentially a self-sufficient application that has all of its dependencies to run in any environment . The Linux that the containers were in is CentOS . A different depending on what version of the hardware . Ios using it could be seven , it could be eight , but you could upgrade this . But what's quite interesting is through both of these they have full package management utilities such as YUM . A lot of people don't think it's like okay , wait a second . If I have package utility management and if I essentially have a full Linux kernel , could I run Ansible on this ?

Yes , you can , you can run it .

Exactly . Wait a second . Could I run NetMeco module , if I can get a module inside Python using PippinStore ? Yes , you can . I've done it . You can run NetMeco on it without any issues . You can run Terraform , absolutely . You can download the Terraform ARM64 version of Terraform . I've tried it . It works . It's great . I mean , can you imagine having all of those utilities within your own box environment ? I think that is just amazing .

Now one of the- you don't have to imagine . Taha just did it for you Exactly . You show you those examples .

Absolutely . It's really amazing that you're able to do that . I think one of the things that I came up against was is that let's just assume that I'm in a air-gapped environment where it's almost impossible to get anything into that environment , even attaching a laptop that has Python and all the modules installed and all the goodies installed . Because , let's be honest , if you haven't got the Request module and it doesn't come native with Python and if you haven't got a good , let's say , an SSH module like Parameco , you're limited and what you can do in terms of automated network device , You're very limited .

Actually , it doesn't the Python that it has . I think it's 3.7 , I can't remember , but it doesn't have the Request module . So you can't do any API actions Because those aren't native to Python .

Not the standard library ? Yeah , Exactly .

It didn't have Parameco or any of those . Things are very difficult . This is the challenge that I face . For example , I've got a 100 access switches On my core . I've got one good Nexus switch and I've also got some good iOS XC9 , what can I do ? What could you do in order ? Let's say , we need to create VLANs across all of those access switches . How can we automate that process ?

At the same time , we've got a complete air gap system . We can't do anything . But how can we automate ? Put ourselves in a position where we can automate all of those repetitive sort of tile tasks without attaching any third party device ? What can we do ? I think that is something that's interesting that I'm working on at the moment , because it is very difficult , as you probably know , to do anything with Python , especially when you're dealing with switches that are networked and you don't have any SSH modules and you've got the standard library . Good luck to anybody who wants to create an SSH module from scratch , because you're in a world of pain .

You're in a world of pain , so you're trying to find a Kirk buyer to unsign . Even Kirk couldn't rewrite the whole thing within an hour , right ? Even though he's no creator .

Absolutely . That's the challenges that I'm facing at the moment . I'm hoping that I can overcome those .

Network Automation With NXOS and Containers

Yeah , no , I like the point you brought up about , like namespaces , right , like the fact that native Linux with access to hardware shouldn't be overlooked because , um , yeah , so , like you know , maybe people are not familiar too familiar with like namespacing is , you know it's an expensive operation to copy a packet or whatever from like one memory space to another . And especially if you have , um , like Linux , who's the latest kernels and you know three kernels before that have a very , very clear delimitation between you know , your , your kernel namespace versus your , your other namespaces , where , like , moving around is very difficult and that's expensive operation , which is why the process so slow . And something like DP , dk or , in this case , like NXOS , we're able to , you know , kind of bridge the two , where you know you just have to , you don't have to copy it between the spaces , you just have to in one place and then you get that performance . And , like you said , they also have like a guest shell where you know it's just regular , sent us . That you know you're all familiar with .

Yeah , that's it . That's it , you know , and I think the other aspect that that's quite scary as well , that I have personally found during my research , is that we've , we've , when , with the containerized version of Linux um , you've got to remember , it's a container , right , it has no understanding of the current infrastructure that it's in , whether it's in a switch , whether it's in the it's , it's running in a piece . It doesn't know that , right , it's a containerized . So one of the great difficulties that many people have with this is the ability . How do I route this to the hardware , you know , how do I attach this with the actual interfaces ? Right , I've , I've got the , the , the , the Linux container running um center-west , but how do I route it outside on my network ? How do I make sure that that container is able to reach all my network devices ? So I can automate . And I think those are the things that are sort of scaring people . And there's , there's many ways you can do this . You can use things like virtual port groups and attach the container to the virtual port group and then associate , and then that way you will have the sort of agency with the , with a virtual port group , essentially an SVI , right , it's a virtual um a virtual interface and associate that with a physical interface . So you'll essentially have to route that container as well about outside of the , the box itself . And I think that may be quite scary . But with the NXOS , remember the Bash shell it's it's directly utilizing the hardware , it's not in a containerized form , so you don't need to do all those all that routing and so forth . You can directly , you know , perform your automation .

You could , let's say um , um , you know , if you've got the right modules , you could , you know , go ahead , let's say um , automate , you know , um , the creation of , let's say , VLAN 20 in a hundred switches , with ease , without using any other PC , um , just by using that box itself . You know , it's got all the utilities that you need in there , for , for example , it's got VIM , it has everything um as an editor . So you could essentially create a small script , Python script , um . And it does a lot of interesting things as well , because there's a , an interesting module that it has on there which is a CLI module , um , which essentially allows it to interact with the actual underlying um , um and XOS , um , um , cli . So yeah , it is very , very interesting and I think it's uh , it's a topic maybe not marketed ?

I personally believe , because I think it's . You shouldn't just assume it's just for an application . Hosting um platform is much more than that , I would say . The some of the features of these sort of uh uh of these switches , especially the newer models , are amazing . I mean they're , they're absolutely amazing Really .

Yeah , I mean , yeah , I mean it's hard to convey , I think , the the overall picture , right , like , or how like to just tell that all the awesomeness of the setup would be , but I think it's safe to say that it is a way to uh give you all the tools that you're familiar with without a lot of , uh , external dependencies , right , yeah , absolutely Able to just do a lot of the things that you're so used to , as opposed to , you know , maybe , uh , I remember a long time ago when I was , you know , trying to automate something and all I had available was a tickle shell right In iOS , and then you have to , like , change your contacts , you have to learn tickle syntax . It wasn't hard , but it was nonetheless another thing that you have to learn and have to do . But now that you have these unbox for all of you know , nxos , xr , sc then you're able to just transfer that knowledge without context switching . Would that be like kind of a correct statement ?

Absolutely 100% . I mean , I couldn't have said it any better . Actually , um , and I think you know you've , you've really hit the nail on the head . You've got all the tools that you need in , especially from a network automation point of view , things that we know , all the tools that we need . You know from Python , you know , um , containers . We have everything that we need really on these boxes and it's like , and also you've got to remember as well that everything that's in the box , from a security point of view , you are not attaching any external points and points onto that network . So , yeah , so you've also got that security reassurance as well that , no , now that you've connected that laptop to your network , you know what .

You don't know what's what's winning or what was in your laptop , right , and you know you've got everything . You know you've got all the utilities on your , on your PC . So if , if you've got a , let's say , you know , a clean , um , um , sort of image laptop that doesn't have anything in there , you know you could connect the console port up and then you will realize that , uh , that you've got pretty much everything in there . You know , from the moment that you enable guest shell , the moment that you exposed the Bashel itself Python it has many types of . It's quite strange , actually , because it has a lot of free forms of Python , but a lot of people don't know about that .

It's just Python . It's not like iOS Python , it's not like Cisco Python .

Yeah , so you know one of the Python , so the native Pythons that run on these boxes , right , they have a native Python . And so , for example , the one on NXOS actually has got modules , which is quite unique , that are made by Cisco . So it has a module called Named Cisco , actually , and it's a module called CLI , which essentially allows it to utilize the underlying hardware system . So it allows you to write Python scripts utilizing the underlay hardware system with that module , and it's doing it via API , from what I recall from my research . So , yeah , it has quite unique libraries , the native Python , but within the container itself , within CentoX , it has , you know , python , the Python that me and you know about , right , right , it doesn't have those special modules that were developed by Cisco .

So it is quite interesting . So you're absolutely right , you've got quite a lot of tools , really , pretty much I would say all the tools that you need in order to automate your infrastructure , whether that's , you know , expanding your layer to domain , you know , creating that VX . It has everything . It really does have everything that you need .

All right , let me take that back , so you do have that special Cisco Python , or ?

like .

Python , with you know , Cisco module and then CYLINE module yeah , the oldest booties , but if you , you know , feel like it , you could have the regular Python as well . Right , exactly , yeah .

Yeah .

Well , you know , ty , it's great that you brought these up . I really enjoy our conversation , but I mean , you're so far advanced , right Like ? So how ? Let me ask for the rest of us , right Like , we're not familiar with it , we don't , we haven't done extensive research . How can we get started with playing around with these ? You know these cool containers in iOS .

Yeah , I think one of the things that I recommend is I've noticed about a lot of switches .

Linux on Cisco Devices Explorations

Whenever I sort of see an iOS XC switch , I realize that the container shell has never been turned on right .

They probably don't know about it , right .

And a lot of people don't even know . You even have , you know , python in the old sort of iOS XC devices like the three , six , five zeros . You know you've got this Python 2 on there and I think a lot of people maybe are not aware of how to turn these on and the containers on . So turning the containers on , and you know going into Bash , you know just , it's very easy , you know , especially with the NXOS , it's just you know feature Bash shell and it will turn the Bash and that just exposes the underlying sort of hardware . And then you've got your Linux kernel that you can play with . And the moment I think you've got to think of it like this , and I think it took me a while to get my head around this and I think this is probably the key Do not think of that NXOS or iOS XC device .

You know , even if it's . You know your CSR routers . You know your virtualized CSR routers . Do not think of them as just as a network device , but think of them as a Linux operating system . Right , right , think of it as a Linux and from that moment , think of it that you've got Ubuntu ready and it's quite far fetched , but it's not really because you've got all the package management utilities on there , like YUM and so forth . So think of it as that way . The moment you think of it , that you can , you know , download packages , download software , ansible , anything on there , then you realize that , hey , this is not a switch . You know , I'm sitting in front of my Linux box , right , it is .

Yeah .

It is . So I think that is one way you can get started Just enabling those tools and play around with it as if you're sitting in front of a Linux box , not necessarily a switch . That is one thing that I found quite easy . And then you realize that creativity . There's so many things that you could do from running containers Docker I mean Docker is actually built into it . You could run a Kubernetes cluster if you wanted to . You know , have a bunch of containers in pods . So there's so many things you could do . There's a book by Cisco which I highly recommend , and maybe you could .

Yeah , I really put it in the show notes because I saw you .

Is it the container since Cisco iOS , that's right , yeah , yeah , that is a great , great book . I can never pronounce the author's name , but he is absolutely fantastic book . I mean I , you know . These guys are absolutely amazing . Honestly , it's a genius of a book and I think maybe the title itself doesn't maybe do justice , because it's assumed that it's just about containers . It is not .

I can assure you they talk about everything you know how to get . You know how to SSH into the , you know into the bash kernel , as opposed to SSH into the switch . I mean , a lot of complex topics are discussed in that book which I thought , wow , I can't believe . You know , not many people have know about this book , right ? No , no , no , it's an amazing book and I think once you sort of go through that book , then you can come up with a lot of creative , different ways to play around with open NXOS and also Linux as well . Because those are the key things . The key , I would say , is understanding Linux and learning Linux , because once you fully grasp it and you know how to manage Linux , then you realize that , hey , I can run anything on these switches , you know .

Yeah , I get excited just hearing about it . You're now the master of your own domain , right ? You no longer need to add any external tools . You don't need to rely on this wall garden provided by you . You have those open source tools . And , yeah , the book . I mean , I didn't know about the book until you posted , so thank you so much for doing that . I have it already in the show notes . It's called Containers in Cisco , ios , xe , ios XR in NSOS . Orchestration and Operation by Yogesh and not Gendra , like you said . I probably you know I'm my apology if I you know . I'm just saying it's brilliant . I haven't read it , but I glanced through it . Just the fact that they talk so deeply about NXOS , like a near real-time OS kernel and all of that , that's amazing . It is , and I appreciate your talk about . You know how . Turn it on , like you heard it here . First . Turn it on , change your mindset and be the king of your domain .

Absolutely , absolutely 100% , and you will realize that you will no longer need you know , an external sort of endpoint to have your automations . You can have everything done within the network itself and it's you know . Before you know it , you're gonna create your own sort of python scripts and are running on the , on your you know interfaces . You know whether you're trying to capture specific data or Try to diagnose tools .