Using Docker Containers

SanteDB provides several docker containers for SanteDB solutions and services. The docker containers are structured as illustrated.

The docker containers all use the mono:latest as their root container.

  • santedb_icdr: The generic SanteDB iCDR project running as a docker container with FHIR, HL7, caching, PostgreSQL database support, and everything needed to get the iCDR running quickly.

  • santedb_mpi: The generic iCDR project with the SanteGuard and SanteMPI plugins enabled.

  • santedb_dcdr: The disconnected dCDR project

SanteDB iCDR and dCDR images use the Mono Framework to operate. Depending on your host environment, you may need to modify the MONO_THREADS_PER_CPU environment variable for the iCDR and dCDR if the default thread pool (accessed via the Probesscreen in the portal) indicates a small number of threads available.

Configuring the Docker Containers

Container Directory/File Structures

The container structure is as follows:

  • /santedb - Directory which contains the application code for SanteDB

  • /santedb/docker.lastconfig - The configuration file (in XML form) which represents the computed configuration file for the last run of the docker host.

  • /santedb/data - Data seeding directory in Dataset format

  • /santedb/data/fhir - Data seeding for FHIR files (JSON or XML)

  • /santedb/applets - Application directory (where compile applets files should be)

  • /santedb/match - Directory for match configuration source files

  • /var/log/santedb_yyyyMMdd.log - SanteDB log file for current date

Enabling or Disabling Features

The docker containers are configured using environment variables. Features can be turned on/off using the environment variable SDB_FEATURE environment variable, for example, to enable the core features and ATNA audit shipping:

SDB_FEATURE=AUDIT_SHIPPING;ADO;AUDIT_REPO

The features which are available for the default SanteDB docker container are:

Code

Feature

LOG

Core data logging (see: Configuration Notes)

DATA_POLICY

Data privacy enforcement (see: Configuration Notes)

AUDIT_REPO

Internal security audit repository (see: Configuration Notes)

ADO

Core Application Data Objects (ADO.NET) data persistence (see: Configuration Notes)

PUBSUB_ADO

Publish / Subscribe Subsystem (see: Configuration Notes)

RAMCACHE

In-Process Memory Cache (see: Configuration Notes)

REDIS

REDIS based shared cache (see: Configuration Notes)

SEC

Core Security Functions (PIP, PDP, PEP)

SWAGGER

OpenAPI / Swagger Metadata Endpoint (see: Configuration Notes)

OPENID

OAUTH 2.0 / OpenID IdP Provider (see: Configuration Notes)

MDM

Master Data Management Functions (see: Configuration Notes)

FHIR

HL7 FHIR Endpoint (see: Configuration Notes)

HL7

HL7 Version 2.x Endpoint (see: Configuration Notes)

HDSI

Core Health Data Service Interface (see: Configuration Notes)

AMI

Administrative Management Interface (see: Configuration Notes)

BIS

Business Intelligence (reporting/query set/etc.) interface (see: Configuration Notes)

MATCHING

Internal SanteDB Matching Engine (see: Configuration Notes)

Database Connections

The location of your PostgreSQL server, and the database to use for the container can be specified with the connection string environment variables: 

SDB_DB_PSQL="server=location;user=user;password=password;database=db"
SDB_DB_PSQL_PROVIDER=Npgsql
SDB_DB_AUDIT=" ... "

If you are using plugins which require additional named configuration parameters, prefix the configuration with SDB_DB_XXX where XXX is the ID of the connection string the plugin is expecting.

Configuring Components

Components within SanteDB iCDR can be configured using environment variables. The syntax of these environment variables is SDB_FEATURE_SETTING , for example, the CACHE feature is configured as:

SDB_FEATURE=CORE_CDR,CACHE
# Caching Mode = REDIS  | LOCAL
SDB_CACHE_MODE=REDIS
# Pointer to redis server
SDB_CACHE_REDIS_SERVER=sdb-redis:6379
# Expire cache entries after X timestamp
SDB_CACHE_EXPIRE=PT1H

Minimal Application

You can compose a minimal application with either the SanteDB-ICDR or SanteMPI instance using a docker-compose.yml file as shown.

version: "3.3"

services:
  db:
    image: postgres
    container_name: sdb-postgres
    ports:
      - "5432:5432"
    environment:
      POSTGRES_USER: santedb
      POSTGRES_PASSWORD: SanteDB123
    restart: always

  santedb:
    image: santesuite/santedb-icdr:latest
    container_name: santedb-icdr
    environment:
      - SDB_FEATURE=LOG;DATA_POLICY;AUDIT_REPO;ADO;PUBSUB_ADO;RAMCACHE;SEC;SWAGGER;OPENID;FHIR;HL7;HDSI;AMI;BIS
      - SDB_DB_MAIN=server=sdb-postgres;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
      - SDB_DB_AUDIT=server=sdb-postgres;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
      - SDB_DB_MAIN_PROVIDER=Npgsql
      - SDB_DB_AUDIT_PROVIDER=Npgsql
      - SDB_DELAY_START=1000
    ports:
      - "8080:8080"
      - "2100:2100"
    depends_on:
      - db
    restart: always

Volumes

Some directories in the docker image are useful for development purposes. For example, you can configure a volume which exposes a common configuration file set, or common applets. The volumes which can be expose (and their directories) can be done via:

services:

   # ... truncated for space ...
   
   santedb:
      image: santesuite/santedb-icdr:latest
      # .. truncated ...
      volumes:
         - santedb-data:/santedb/data

volumes:
   santedb-data:

The volumes which are of use for exposing to the host docker environment are:

Path

Use

/santedb/data

Used for seeding data into the SanteDB instance. For example

if you have a development environment where you'd like the same data

seeded into the database on startup you can use this option.

/santedb/config

Used for direct access to the configuration files. You should use this option

if the environment variables for the docker instance are too restrictive.

/santedb/applets

Used for loading applet files which contain user interfaces, BI reports,

business rules, CDSS rules, etc. These applets should be digitally signed

PAK files.

/santedb/match

Stores the match configuration files for the SanteDB matching engine. These

match configuration files control the weight, blocking, and classification subsystem

for the default match algorithm.

Advanced Configurations

You can import additional configuration files and/or use the XML configuration subsystem by creating a new container which is based off the santedb-icdr docker image and including additional configuration files. To do this, collect your configuration file as myconfig.xml in a directory and create a new Dockerfile which starts using this as configuration file:

FROM santedb-icdr:latest
RUN mkdir /myproject
COPY myconfig.xml /myproject/myconfig.xml
WORKDIR /santedb
EXPOSE 2100/tcp
EXPOSE 8080/tcp
CMD ["mono","/santedb/SanteDB.Docker.Server.exe","/myproject/myconfig.xml"]

Adding Sample Data

See the Adding Sample Data article for methods of seeding sample data into SanteMPI.

Packaging Custom Business Rules

You can package business rules, business intelligence, and other asset files into your docker container by simply composing them into a PAK file and including them in the /santedb/applets/ directory.

FROM santedb-icdr:latest
COPY custom.pak /santedb/applets/custom.pak

Upon load, the SanteDB iCDR server will load your package files and will load any business rules files required.

SanteMPI

In order to run a minimal SanteMPI application, you can exchange santedb-icdr with the santedb-mpi image, and apply the appropriate service configuration.

version: "3.3"

services:
  db:
    image: postgres
    container_name: sdb-postgres
    ports:
      - "5432:5432"
    environment:
      POSTGRES_USER: santedb
      POSTGRES_PASSWORD: SanteDB123
    restart: always

  santedb:
    image: santesuite/santedb-mpi:latest
    container_name: santedb-mpi
    environment:
      - SDB_FEATURE=LOG;DATA_POLICY;AUDIT_REPO;ADO;PUBSUB_ADO;RAMCACHE;SEC;SWAGGER;OPENID;FHIR;HL7;HDSI;AMI;BIS;MDM;MATCHING;IHE_PIXM;IHE_PDQM;IHE_PMIR
      - SDB_MATCHING_MODE=WEIGHTED
      - SDB_MDM_RESOURCE=Patient=org.santedb.matching.patient.default
      - SDB_MDM_AUTO_MERGE=false
      - SDB_DB_MAIN=server=sdb-postgres;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
      - SDB_DB_AUDIT=server=sdb-postgres;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
      - SDB_DB_MAIN_PROVIDER=Npgsql
      - SDB_DB_AUDIT_PROVIDER=Npgsql
      - SDB_DATA_POLICY_ACTION=HIDE
      - SDB_DELAY_START=5000
    ports:
      - "8080:8080"
      - "2100:2100"
    depends_on:
      - db
    restart: always

The SanteMPI container adds the following plugins to SanteDB which can be enabled/disabled with SDB_FEATURE:

Code

Feature

IHE_PDQM

Enables the Patient Demographics Query for Mobile query parameters and extensions.

IHE_PIXM

Enables the Patient Identity Cross Reference ($ihe-pix) FHIR operation

IHE_PMIR

Enables the Patient Master Identity Registry function (urn:ihe:iti:pmir:2019:patient-feed ) FHIR message

IHE_PIX

Enables the IHE PIX (ITI-8 and ITI-9) interfaces for the MPI

IHE_PDQ

Enables the IHE PDQ profile (ITI-21) for HL7v2 interface on the MPI.

PreviousInstallation using AppliancesNextAdding Sample Data

Last updated