I know this question reads like comparing apples with oranges. In fact, I want to compare a uCPE managed with NETCONF versus a uCPE managed as an OpenStack compute node. First, it’s worth looking at why people think using OpenStack is a good idea.
OpenStack is THE open-source Virtualization Infrastructure Manager (VIM). As operators virtualize their data centers, OpenStack is pretty much the only solution if they want to move away from VMware. As operators move to OpenStack, they can extend it to manage Virtualized Network Functions (VNFs) in branches. The benefit looks obvious: one team in charge of both data center and branch virtualization and a streamlined software layer to deploy and manage.
In many ways, NETCONF vs OpenStack is a political decision. One that determines whether a combination of DevOps culture and IT teams will take power.
OpenStack is not a piece of software, but rather a distribution of modules with heterogeneous documentation. More importantly, putting OpenStack into production requires the gathering of a critical mass of skilled experts. You need a good set of experienced architects who know what works, what does not and what will fail if you do things in a certain way. One well-known issue with OpenStack, for example, concerns planning upgrades. This is not a trivial job; VMware still makes a lot of money and Redhat or Mirantis put massive effort into packaging and supporting OpenStack.
Using OpenStack for uCPE is about deploying VNFs where it makes sense, i.e. the trade-off between cost, latency and security. It implies VNFs would be seamlessly chained between a datacenter and branches. Extending OpenStack to the branch, however, poses challenges, the biggest of which is security. When VNFs are contained within a data center, the security perimeter is clearly defined. In contrast, deploying VNF in branches means the security boundaries are more open-ended as connections can be made to new customer branches. In this case, openness and security often contradict each other.
There is also a longer-term concern. Although backed by a large community, the active development projects for OpenStack focus almost exclusively on the data center use case. For example, if you plan to leverage a particular hardware acceleration in your white boxes or want to achieve a resource-optimized solution for them, you will find yourself pretty much alone (poor documentation, unpackaged/untested software, broken features when upgrading…).
AT&T has considerable experience with OpenStack and yet pushed for NETCONF to manage branch deployments. EKINOPS sees many other CSPs that have adopted similar strategies. From an orchestrator point of view, NETCONF has a great advantage in that it is a single protocol to provision any kind of CPEs (white box or not) as well as VNFs.
Then the questions could be: why bother changing from the current solutions? What about using a REST API?
This is where the key characteristics of NETCONF shine: it is transaction-oriented. With OpenStack, deploying a VNF template will result in a series of calls in Neutron, Nova, etc. If a glitch happens, the changes will not be reverted, thus requiring manual intervention by experts to diagnose and manually fix inconsistencies. If you use NETCONF, the uCPE VIM will guarantee the completion of the provisioning order plus the ability to rollback changes in case of issues. Part of the issues could be addressed by taking an OpenStack controller from someone who packaged it specifically for use with uCPEs. But you would thus lose sight of the initial objective: a single OpenStack implementation for both data center and uCPE.
This is not to say that OpenStack will never work. It does, and if an OpenStack infrastructure is already available, prototyping the solution can be fast. But its challenges should not be underestimated; nor will they be easily overcome. Using a NETCONF API to manage uCPE implicitly solves concerns regarding security, API backward compatibility, solution robustness and maintainability as well as associated design and operations costs. Not only does it require much lower skills in the short-term, it proves a better fit in the long run.
 This TCO analysis from Redhat illustrates that deploying OpenStack is far from a minor exercise.
EKINOPS (Euronext Paris - FR0011466069 – EKI), a leading provider of open and fully interoperable Layer 1, 2 and 3 solutions to network operators, today announces it has enabled Hutchison Drei Austria ("Drei") to continue offering legacy ISDN services (delivered over traditional public telephone lines) during its migration to an IP-based system, preventing service disruption for customers.
EKINOPS (Euronext Paris - FR0011466069 – EKI), a leading supplier of optical transport equipment and router solutions for service providers and telecom operators, today announces its new PM 400FRS04-SF flexible rate line module. This new module triples the capacity of EKINOPS highly successful 200G FlexRate solutions and delivers new levels of flexibility to address market demand for advanced transport capabilities.
EKINOPS (Euronext Paris - FR0011466069 – EKI), a leading global supplier of telecommunications solutions for telecom operators, has published its consolidated revenue for 2018. OneAccess and its subsidiaries have been fully consolidated in the Group financial statements since October 1, 2017.