NA007 - Deep Dive on Pulumi with Scott Lowe

Posted on March 23, 2026 • 4 min read • 740 words
Podcast   Network-Automation   Pulumi   Infrastructure-as-Code   Terraform   Python   Kubernetes   Automation  
Podcast   Network-Automation   Pulumi   Infrastructure-as-Code   Terraform   Python   Kubernetes   Automation  
Share via
Scott Lowe joins to explore Pulumi as an infrastructure-as-code tool, the IaC competitive landscape, and why network automation is fundamentally harder than cloud automation
Episode Overview   Episode Guest   Listen to the show on YouTube:   Listen to the show anywhere:   Show notes resources:   What we cover:   Scott’s Journey to Pulumi   What Pulumi Actually Is   The IaC Competitive Landscape   Why Network Automation Is Fundamentally Harder   Mixing Imperative and Declarative Approaches   Advice for Network Engineers   Key Takeaways  
NA007 - Deep Dive on Pulumi with Scott Lowe
Photo by Steinzi

Network Auto Magic Podcast — 2026 Season Premiere  

Deep Dive on Pulumi with Scott Lowe

Episode Overview  

In this season premiere, Steinn and Urs are joined by Scott Lowe — currently at Cisco via the Isovalent acquisition, and formerly on Pulumi’s DevRel team for 2.5 years — to break down Pulumi as an infrastructure-as-code tool and where it fits in the network automation landscape.

Episode Guest  

Listen to the show on YouTube:  

Listen to the show anywhere:  

Listen now!

Show notes resources:  

What we cover:  

Scott’s Journey to Pulumi  

From Terraform Frustration to IaC in Real Languages  

  • HCL Pain Points: Readability problems, lack of proper control flow, difficulty reasoning about community Terraform modules
  • Discovery: Found Pulumi around 2018–2019
  • Language Journey: Started with TypeScript, moved to Golang to support Kubernetes open source work
  • Joined the Company: Spent 2.5 years on Pulumi’s DevRel team, departed on good terms, remains an active user

What Pulumi Actually Is  

Under the Hood  

  • Open-Source Core: A CLI plus multi-language SDKs (Python, TypeScript, Go, C#, Java)
  • Real Programming Languages: Write infrastructure-as-code in a language you already know — with loops, conditionals, functions, and testing
  • Terraform Provider Bridging: Pulumi cleverly bridges existing Terraform providers, giving access to a massive ecosystem
  • Open Source vs. Paid: The CLI and SDKs are open source; Pulumi Cloud is the paid SaaS offering for state management, secrets, and collaboration

Company State  

  • Honest Assessment: Discussion of slowing growth metrics, opaque financials
  • AI Pivot: Recent pivot toward an AI product called “Neo”

The IaC Competitive Landscape  

Where the Tools Stand  

  • Terraform: No longer open source (BSL license change)
  • OpenTofu: Community fork maintaining open-source Terraform
  • AWS CloudFormation / CDK: AWS-native IaC
  • Azure Bicep: Azure-native IaC
  • Crossplane: Kubernetes-native infrastructure management
  • Ansible: Awkward fit for IaC — better suited for configuration management than infrastructure provisioning

Why Network Automation Is Fundamentally Harder  

Scott’s Three-Tier Argument  

  • Tightly Hardware-Coupled OSes: Network operating systems are tied to specific hardware platforms in ways cloud and server automation never faces
  • Wildly Inconsistent APIs: APIs vary dramatically across vendors and even across versions of the same vendor’s products
  • Poor Standards Implementations: Vendors implement standards inconsistently, creating a fragmentation tax on the entire community

Mixing Imperative and Declarative Approaches  

The Idempotency Trap  

  • Pulumi’s Guarantee: State tracking only covers operations through its providers
  • Imperative Libraries: Mixing in NAPALM, Netmiko, or other imperative Python libraries becomes the programmer’s responsibility
  • Key Distinction: Pulumi is declarative — it manages desired state; bolting on imperative code breaks that contract

Advanced Pulumi Concepts  

  • Rollback Behavior: How Pulumi handles failures and state rollback
  • Circular Dependencies: Pitfalls when resources depend on each other
  • Automation API: Programmatic orchestration — embed Pulumi in your own applications and workflows
  • Provider Quality: Real-world pain of inconsistent provider quality across network vendors

Advice for Network Engineers  

Getting Started  

  • Learn a Programming Language: Python as a force multiplier — it unlocks not just Pulumi but the entire automation ecosystem

Scott’s Controversial Opinion  

  • Look Beyond Switches and Routers: Network engineers who insist they only care about devices up to the server boundary are being shortsighted
  • The Borders Are Collapsing: Networking extends into Kubernetes, hypervisors, and cloud-native workloads
  • Career Growth: Understanding the full stack makes you more valuable and more effective

Key Takeaways  

  1. Real Languages > DSLs: Writing IaC in Python, Go, or TypeScript gives you the full power of a programming language — testing, abstractions, package management
  2. Pulumi Bridges Terraform: You don’t lose the Terraform provider ecosystem by switching to Pulumi
  3. Network Automation Is Hard: Hardware coupling, API inconsistency, and poor standards create unique challenges that cloud IaC tools don’t solve out of the box
  4. Declarative vs. Imperative Matters: Mixing paradigms requires careful thought about state management and idempotency
  5. Learn to Code: Python is the single best investment a network engineer can make
  6. Expand Your Horizons: The network doesn’t stop at the switch port — Kubernetes, cloud, and virtualization are all part of the modern network engineer’s domain
On this page: