Using Docker Containers

SanteDB provides several docker containers for SanteDB solutions and services. The docker containers are structured as illustrated.
The docker containers all use the mono:latest as their root container.
santedb_icdr: The generic SanteDB iCDR project running as a docker container with FHIR, HL7, caching, PostgreSQL database support, and everything needed to get the iCDR running quickly.
santedb_mpi: The generic iCDR project with the SanteGuard and SanteMPI plugins enabled.
santedb_dcdr: The disconnected dCDR project
SanteDB iCDR and dCDR images use the Mono Framework to operate. Depending on your host environment, you may need to modify the MONO_THREADS_PER_CPU environment variable for the iCDR and dCDR if the default thread pool (accessed via the Probesscreen in the portal) indicates a small number of threads available.
Configuring the Docker Containers
Container Directory/File Structures
The container structure is as follows:
/santedb - Directory which contains the application code for SanteDB
/santedb/docker.lastconfig - The configuration file (in XML form) which represents the computed configuration file for the last run of the docker host.
/santedb/data - Data seeding directory in Dataset format
/santedb/data/fhir - Data seeding for FHIR files (JSON or XML)
/santedb/applets - Application directory (where compile applets files should be)
/santedb/match - Directory for match configuration source files
/var/log/santedb_yyyyMMdd.log - SanteDB log file for current date
Enabling or Disabling Features
The docker containers are configured using environment variables. Features can be turned on/off using the environment variable SDB_FEATURE environment variable, for example, to enable the core features and ATNA audit shipping:
SDB_FEATURE=AUDIT_SHIPPING;ADO;AUDIT_REPO
The features which are available for the default SanteDB docker container are:
Code
Feature
LOG
Core data logging (see: Configuration Notes)
DATA_POLICY
Data privacy enforcement (see: Configuration Notes)
AUDIT_REPO
Internal security audit repository (see: Configuration Notes)
ADO
Core Application Data Objects (ADO.NET) data persistence (see: Configuration Notes)
PUBSUB_ADO
Publish / Subscribe Subsystem (see: Configuration Notes)
RAMCACHE
In-Process Memory Cache (see: Configuration Notes)
REDIS
REDIS based shared cache (see: Configuration Notes)
SEC
Core Security Functions (PIP, PDP, PEP)
SWAGGER
OpenAPI / Swagger Metadata Endpoint (see: Configuration Notes)
OPENID
OAUTH 2.0 / OpenID IdP Provider (see: Configuration Notes)
MDM
Master Data Management Functions (see: Configuration Notes)
FHIR
HL7 FHIR Endpoint (see: Configuration Notes)
HL7
HL7 Version 2.x Endpoint (see: Configuration Notes)
HDSI
Core Health Data Service Interface (see: Configuration Notes)
AMI
Administrative Management Interface (see: Configuration Notes)
BIS
Business Intelligence (reporting/query set/etc.) interface (see: Configuration Notes)
MATCHING
Internal SanteDB Matching Engine (see: Configuration Notes)
Database Connections
The location of your PostgreSQL server, and the database to use for the container can be specified with the connection string environment variables: 
SDB_DB_PSQL="server=location;user=user;password=password;database=db"
SDB_DB_PSQL_PROVIDER=Npgsql
SDB_DB_AUDIT=" ... "
If you are using plugins which require additional named configuration parameters, prefix the configuration with SDB_DB_XXX where XXX is the ID of the connection string the plugin is expecting.
Configuring Components
Components within SanteDB iCDR can be configured using environment variables. The syntax of these environment variables is SDB_FEATURE_SETTING , for example, the CACHE feature is configured as:
SDB_FEATURE=CORE_CDR,CACHE
# Caching Mode = REDIS  | LOCAL
SDB_CACHE_MODE=REDIS
# Pointer to redis server
SDB_CACHE_REDIS_SERVER=sdb-redis:6379
# Expire cache entries after X timestamp
SDB_CACHE_EXPIRE=PT1H
Minimal Application 
You can compose a minimal application with either the SanteDB-ICDR or SanteMPI instance using a docker-compose.yml file as shown.
version: "3.3"
​
services:
  db:
    image: postgres
    container_name: sdb-postgres
    ports:
      - "5432:5432"
    environment:
      POSTGRES_USER: santedb
      POSTGRES_PASSWORD: SanteDB123
    restart: always
​
  santedb:
    image: santesuite/santedb-icdr:latest
    container_name: santedb-icdr
    environment:
      - SDB_FEATURE=LOG;DATA_POLICY;AUDIT_REPO;ADO;PUBSUB_ADO;RAMCACHE;SEC;SWAGGER;OPENID;FHIR;HL7;HDSI;AMI;BIS
      - SDB_DB_MAIN=server=sdb-postgres;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
      - SDB_DB_AUDIT=server=sdb-postgres;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
      - SDB_DB_MAIN_PROVIDER=Npgsql
      - SDB_DB_AUDIT_PROVIDER=Npgsql
      - SDB_DELAY_START=1000
    ports:
      - "8080:8080"
      - "2100:2100"
    depends_on:
      - db
    restart: always
Volumes
Some directories in the docker image are useful for development purposes. For example, you can configure a volume which exposes a common configuration file set, or common applets. The volumes which can be expose (and their directories) can be done via:
services:
​
   # ... truncated for space ...
   
   santedb:
      image: santesuite/santedb-icdr:latest
      # .. truncated ...
      volumes:
         - santedb-data:/santedb/data
​
volumes:
   santedb-data:
The volumes which are of use for exposing to the host docker environment are:
Path
Use
/santedb/data
Used for seeding data into the SanteDB instance. For example
if you have a development environment where you'd like the same data
seeded into the database on startup you can use this option.
/santedb/config
Used for direct access to the configuration files. You should use this option
if the environment variables for the docker instance are too restrictive. 
/santedb/applets
Used for loading applet files which contain user interfaces, BI reports, 
business rules, CDSS rules, etc. These applets should be digitally signed
PAK files.
/santedb/match
Stores the match configuration files for the SanteDB matching engine. These 
match configuration files control the weight, blocking, and classification subsystem
for the default match algorithm.
Advanced Configurations
You can import additional configuration files and/or use the XML configuration subsystem by creating a new container which is based off the santedb-icdr docker image and including additional configuration files. To do this, collect your configuration file as myconfig.xml in a directory and create a new Dockerfile which starts using this as configuration file:
FROM santedb-icdr:latest
RUN mkdir /myproject
COPY myconfig.xml /myproject/myconfig.xml
WORKDIR /santedb
EXPOSE 2100/tcp
EXPOSE 8080/tcp
CMD ["mono","/santedb/SanteDB.Docker.Server.exe","/myproject/myconfig.xml"]
Adding Sample Data
See the Adding Sample Data article for methods of seeding sample data into SanteMPI.
Packaging Custom Business Rules
You can package business rules, business intelligence, and other asset files into your docker container by simply composing them into a PAK file and including them in the /santedb/applets/ directory.
FROM santedb-icdr:latest
COPY custom.pak /santedb/applets/custom.pak
Upon load, the SanteDB iCDR server will load your package files and will load any business rules files required.
SanteMPI
In order to run a minimal SanteMPI application, you can exchange santedb-icdr with the santedb-mpi image, and apply the appropriate service configuration.
version: "3.3"
​
services:
  db:
    image: postgres
    container_name: sdb-postgres
    ports:
      - "5432:5432"
    environment:
      POSTGRES_USER: santedb
      POSTGRES_PASSWORD: SanteDB123
    restart: always
​
  santedb:
    image: santesuite/santedb-mpi:latest
    container_name: santedb-mpi
    environment:
      - SDB_FEATURE=LOG;DATA_POLICY;AUDIT_REPO;ADO;PUBSUB_ADO;RAMCACHE;SEC;SWAGGER;OPENID;FHIR;HL7;HDSI;AMI;BIS;MDM;MATCHING;IHE_PIXM;IHE_PDQM;IHE_PMIR
      - SDB_MATCHING_MODE=WEIGHTED
      - SDB_MDM_RESOURCE=Patient=org.santedb.matching.patient.default
      - SDB_MDM_AUTO_MERGE=false
      - SDB_DB_MAIN=server=sdb-postgres;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
      - SDB_DB_AUDIT=server=sdb-postgres;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
      - SDB_DB_MAIN_PROVIDER=Npgsql
      - SDB_DB_AUDIT_PROVIDER=Npgsql
      - SDB_DATA_POLICY_ACTION=HIDE
      - SDB_DELAY_START=5000
    ports:
      - "8080:8080"
      - "2100:2100"
    depends_on:
      - db
    restart: always
The SanteMPI container adds the following plugins to SanteDB which can be enabled/disabled with SDB_FEATURE:
Code
Feature
IHE_PDQM
Enables the Patient Demographics Query for Mobile query parameters and extensions.
IHE_PIXM
Enables the Patient Identity Cross Reference ($ihe-pix) FHIR operation
IHE_PMIR
Enables the Patient Master Identity Registry function (urn:ihe:iti:pmir:2019:patient-feed ) FHIR message
IHE_PIX
Enables the IHE PIX (ITI-8 and ITI-9) interfaces for the MPI
IHE_PDQ
Enables the IHE PDQ profile (ITI-21) for HL7v2 interface on the MPI.
​
Installation using Appliances
Adding Sample Data
Last modified 6mo ago
Copy link
Outline
Configuring the Docker Containers
Container Directory/File Structures
Enabling or Disabling Features
Database Connections
Configuring Components
Minimal Application
Volumes
Advanced Configurations
Adding Sample Data
Packaging Custom Business Rules
SanteMPI