In the dynamic landscape of OpenRAN 5G services, creating a robust execution environment based on the O-RAN Architecture and extending it for INDIGO use cases is essential. This environment must meet O-RAN WG11 security requirements and serve the needs of a Multi-Operator Service Management and Orchestration (MO-SMO) system, along with several operator instances, including a Single Operator Service Management and Orchestration (SO-SMO) system, a 5G Core instance, and simulated RAN and user equipment for INDIGO’s MultiPath solution.

Security Compliance with O-RAN WG11 Specification: Ensuring the security of OpenRAN 5G services is paramount. The execution environment complies with the stringent security requirements set by O-RAN WG11, including zero trust capabilities. This involves robust measures for access control, data integrity, and secure communication channels, providing a foundation for trustworthy and secure operations. Communication between virtual machines and service consumers is encrypted, and access to components is secured through password protection and preferably certificates. Automated deployment includes all security setups, with root passwords and certificates stored in a centralized keystore accessible only to administrators.

Architecture of the Cloud Stack with OpenStack, Docker, and Kubernetes: The execution environment leverages a robust cloud stack to abstract bare-metal servers effectively. OpenStack acts as the infrastructure-as-a-service (IaaS) layer, providing virtualization and resource management. On top of OpenStack, Docker engine enables containerization, ensuring consistent deployment across diverse environments. Kubernetes clusters are deployed for efficient orchestration, ensuring scalability and resilience in executing INDIGO services.

This approach ensures a secure, scalable, and resilient execution environment, capable of supporting the complex requirements of OpenRAN 5G services and the INDIGO project’s innovative solutions.