Using Docker Containers
SanteDB provides several docker containers for SanteDB solutions and services. The docker containers are structured as illustrated.

The docker containers all use the mono:latest as their root container.
santedb_icdr: The generic SanteDB iCDR project running as a docker container with FHIR, HL7, caching, PostgreSQL database support, and everything needed to get the iCDR running quickly.
santedb_mpi: The generic iCDR project with the SanteGuard and SanteMPI plugins enabled.
santedb_dcdr: The disconnected dCDR project
Configuring the Docker Containers
Container Directory/File Structures
The container structure is as follows:
/santedb
- Directory which contains the application code for SanteDB/santedb/docker.lastconfig
- The configuration file (in XML form) which represents the computed configuration file for the last run of the docker host./santedb/data
- Data seeding directory in Dataset format/santedb/data/fhir
- Data seeding for FHIR files (JSON or XML)/santedb/applets
- Application directory (where compile applets files should be)/santedb/match
- Directory for match configuration source files/var/log/santedb_yyyyMMdd.log
- SanteDB log file for current date
Enabling or Disabling Features
The docker containers are configured using environment variables. Features can be turned on/off using the environment variable SDB_FEATURE environment variable, for example, to enable the core features and ATNA audit shipping:
SDB_FEATURE=AUDIT_SHIPPING;ADO;AUDIT_REPO
The features which are available for the default SanteDB docker container are:
Code
Feature
LOG
Core data logging (see: Configuration Notes)
DATA_POLICY
Data privacy enforcement (see: Configuration Notes)
AUDIT_REPO
Internal security audit repository (see: Configuration Notes)
ADO
Core Application Data Objects (ADO.NET) data persistence (see: Configuration Notes)
PUBSUB_ADO
Publish / Subscribe Subsystem (see: Configuration Notes)
RAMCACHE
In-Process Memory Cache (see: Configuration Notes)
REDIS
REDIS based shared cache (see: Configuration Notes)
SEC
Core Security Functions (PIP, PDP, PEP)
SWAGGER
OpenAPI / Swagger Metadata Endpoint (see: Configuration Notes)
OPENID
OAUTH 2.0 / OpenID IdP Provider (see: Configuration Notes)
MDM
Master Data Management Functions (see: Configuration Notes)
FHIR
HL7 FHIR Endpoint (see: Configuration Notes)
HL7
HL7 Version 2.x Endpoint (see: Configuration Notes)
HDSI
Core Health Data Service Interface (see: Configuration Notes)
AMI
Administrative Management Interface (see: Configuration Notes)
BIS
Business Intelligence (reporting/query set/etc.) interface (see: Configuration Notes)
MATCHING
Internal SanteDB Matching Engine (see: Configuration Notes)
Database Connections
The location of your PostgreSQL server, and the database to use for the container can be specified with the connection string environment variables:
SDB_DB_PSQL="server=location;user=user;password=password;database=db"
SDB_DB_PSQL_PROVIDER=Npgsql
SDB_DB_AUDIT=" ... "
If you are using plugins which require additional named configuration parameters, prefix the configuration with SDB_DB_XXX
where XXX is the ID of the connection string the plugin is expecting.
Configuring Components
Components within SanteDB iCDR can be configured using environment variables. The syntax of these environment variables is SDB_FEATURE_SETTING
, for example, the CACHE feature is configured as:
SDB_FEATURE=CORE_CDR,CACHE
# Caching Mode = REDIS | LOCAL
SDB_CACHE_MODE=REDIS
# Pointer to redis server
SDB_CACHE_REDIS_SERVER=sdb-redis:6379
# Expire cache entries after X timestamp
SDB_CACHE_EXPIRE=PT1H
Minimal Application
You can compose a minimal application with either the SanteDB-ICDR or SanteMPI instance using a docker-compose.yml file as shown.
version: "3.3"
services:
db:
image: postgres
container_name: sdb-postgres
ports:
- "5432:5432"
environment:
POSTGRES_USER: santedb
POSTGRES_PASSWORD: SanteDB123
restart: always
santedb:
image: santesuite/santedb-icdr:latest
container_name: santedb-icdr
environment:
- SDB_FEATURE=LOG;DATA_POLICY;AUDIT_REPO;ADO;PUBSUB_ADO;RAMCACHE;SEC;SWAGGER;OPENID;FHIR;HL7;HDSI;AMI;BIS
- SDB_DB_MAIN=server=sdb-postgres;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
- SDB_DB_AUDIT=server=sdb-postgres;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
- SDB_DB_MAIN_PROVIDER=Npgsql
- SDB_DB_AUDIT_PROVIDER=Npgsql
- SDB_DELAY_START=1000
ports:
- "8080:8080"
- "2100:2100"
depends_on:
- db
restart: always
Volumes
Some directories in the docker image are useful for development purposes. For example, you can configure a volume which exposes a common configuration file set, or common applets. The volumes which can be expose (and their directories) can be done via:
services:
# ... truncated for space ...
santedb:
image: santesuite/santedb-icdr:latest
# .. truncated ...
volumes:
- santedb-data:/santedb/data
volumes:
santedb-data:
The volumes which are of use for exposing to the host docker environment are:
Path
Use
/santedb/data
Used for seeding data into the SanteDB instance. For example
if you have a development environment where you'd like the same data
seeded into the database on startup you can use this option.
/santedb/config
Used for direct access to the configuration files. You should use this option
if the environment variables for the docker instance are too restrictive.
/santedb/applets
Used for loading applet files which contain user interfaces, BI reports,
business rules, CDSS rules, etc. These applets should be digitally signed
PAK files.
/santedb/match
Stores the match configuration files for the SanteDB matching engine. These
match configuration files control the weight, blocking, and classification subsystem
for the default match algorithm.
Advanced Configurations
You can import additional configuration files and/or use the XML configuration subsystem by creating a new container which is based off the santedb-icdr
docker image and including additional configuration files. To do this, collect your configuration file as myconfig.xml
in a directory and create a new Dockerfile which starts using this as configuration file:
FROM santedb-icdr:latest
RUN mkdir /myproject
COPY myconfig.xml /myproject/myconfig.xml
WORKDIR /santedb
EXPOSE 2100/tcp
EXPOSE 8080/tcp
CMD ["mono","/santedb/SanteDB.Docker.Server.exe","/myproject/myconfig.xml"]
Adding Sample Data
See the Adding Sample Data article for methods of seeding sample data into SanteMPI.
Packaging Custom Business Rules
You can package business rules, business intelligence, and other asset files into your docker container by simply composing them into a PAK file and including them in the /santedb/applets/ directory.
FROM santedb-icdr:latest
COPY custom.pak /santedb/applets/custom.pak
Upon load, the SanteDB iCDR server will load your package files and will load any business rules files required.
SanteMPI
In order to run a minimal SanteMPI application, you can exchange santedb-icdr
with the santedb-mpi
image, and apply the appropriate service configuration.
version: "3.3"
services:
db:
image: postgres
container_name: sdb-postgres
ports:
- "5432:5432"
environment:
POSTGRES_USER: santedb
POSTGRES_PASSWORD: SanteDB123
restart: always
santedb:
image: santesuite/santedb-mpi:latest
container_name: santedb-mpi
environment:
- SDB_FEATURE=LOG;DATA_POLICY;AUDIT_REPO;ADO;PUBSUB_ADO;RAMCACHE;SEC;SWAGGER;OPENID;FHIR;HL7;HDSI;AMI;BIS;MDM;MATCHING;IHE_PIXM;IHE_PDQM;IHE_PMIR
- SDB_MATCHING_MODE=WEIGHTED
- SDB_MDM_RESOURCE=Patient=org.santedb.matching.patient.default
- SDB_MDM_AUTO_MERGE=false
- SDB_DB_MAIN=server=sdb-postgres;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
- SDB_DB_AUDIT=server=sdb-postgres;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
- SDB_DB_MAIN_PROVIDER=Npgsql
- SDB_DB_AUDIT_PROVIDER=Npgsql
- SDB_DATA_POLICY_ACTION=HIDE
- SDB_DELAY_START=5000
ports:
- "8080:8080"
- "2100:2100"
depends_on:
- db
restart: always
The SanteMPI container adds the following plugins to SanteDB which can be enabled/disabled with SDB_FEATURE
:
Code
Feature
IHE_PDQM
Enables the Patient Demographics Query for Mobile query parameters and extensions.
IHE_PIXM
Enables the Patient Identity Cross Reference ($ihe-pix
) FHIR operation
IHE_PMIR
Enables the Patient Master Identity Registry function (urn:ihe:iti:pmir:2019:patient-feed
) FHIR message
IHE_PIX
Enables the IHE PIX (ITI-8 and ITI-9) interfaces for the MPI
IHE_PDQ
Enables the IHE PDQ profile (ITI-21) for HL7v2 interface on the MPI.
Last updated
Was this helpful?