Using Docker Containers

SanteDB provides several docker containers for SanteDB solutions and services. The docker containers are structured as illustrated.
The docker containers all use the mono:latest as their root container.
santedb_icdr: The generic SanteDB iCDR project running as a docker container with FHIR, HL7, caching, PostgreSQL database support, and everything needed to get the iCDR running quickly.
santedb_mpi: The generic iCDR project with the SanteGuard and SanteMPI plugins enabled.
santedb_dcdr: The disconnected dCDR project
SanteDB iCDR and dCDR images use the Mono Framework to operate. Depending on your host environment, you may need to modify the MONO_THREADS_PER_CPU environment variable for the iCDR and dCDR if the default thread pool (accessed via the Probesscreen in the portal) indicates a small number of threads available.
Configuring the Docker Containers
Container Directory/File Structures
The container structure is as follows:
/santedb - Directory which contains the application code for SanteDB
/santedb/docker.lastconfig - The configuration file (in XML form) which represents the computed configuration file for the last run of the docker host.
/santedb/data - Data seeding directory in Dataset format
/santedb/data/fhir - Data seeding for FHIR files (JSON or XML)
/santedb/applets - Application directory (where compile applets files should be)
/santedb/match - Directory for match configuration source files
/var/log/santedb_yyyyMMdd.log - SanteDB log file for current date
Enabling or Disabling Features
The docker containers are configured using environment variables. Features can be turned on/off using the environment variable SDB_FEATURE environment variable, for example, to enable the core features and ATNA audit shipping:
1
SDB_FEATURE=AUDIT_SHIPPING;ADO;AUDIT_REPO
Copied!
The features which are available for the default SanteDB docker container are:
Code
Feature
LOG
Core data logging (see: Configuration Notes)
DATA_POLICY
Data privacy enforcement (see: Configuration Notes)
AUDIT_REPO
Internal security audit repository (see: Configuration Notes)
ADO
Core Application Data Objects (ADO.NET) data persistence (see: Configuration Notes)
PUBSUB_ADO
Publish / Subscribe Subsystem (see: Configuration Notes)
RAMCACHE
In-Process Memory Cache (see: Configuration Notes)
REDIS
REDIS based shared cache (see: Configuration Notes)
SEC
Core Security Functions (PIP, PDP, PEP)
SWAGGER
OpenAPI / Swagger Metadata Endpoint (see: Configuration Notes)
OPENID
OAUTH 2.0 / OpenID IdP Provider (see: Configuration Notes)
MDM
Master Data Management Functions (see: Configuration Notes)
FHIR
HL7 FHIR Endpoint (see: Configuration Notes)
HL7
HL7 Version 2.x Endpoint (see: Configuration Notes)
HDSI
Core Health Data Service Interface (see: Configuration Notes)
AMI
Administrative Management Interface (see: Configuration Notes)
BIS
Business Intelligence (reporting/query set/etc.) interface (see: Configuration Notes)
MATCHING
Internal SanteDB Matching Engine (see: Configuration Notes)
Database Connections
The location of your PostgreSQL server, and the database to use for the container can be specified with the connection string environment variables: 
1
SDB_DB_PSQL="server=location;user=user;password=password;database=db"
2
SDB_DB_PSQL_PROVIDER=Npgsql
3
SDB_DB_AUDIT=" ... "
Copied!
If you are using plugins which require additional named configuration parameters, prefix the configuration with SDB_DB_XXX where XXX is the ID of the connection string the plugin is expecting.
Configuring Components
Components within SanteDB iCDR can be configured using environment variables. The syntax of these environment variables is SDB_FEATURE_SETTING , for example, the CACHE feature is configured as:
1
SDB_FEATURE=CORE_CDR,CACHE
2
# Caching Mode = REDIS  | LOCAL
3
SDB_CACHE_MODE=REDIS
4
# Pointer to redis server
5
SDB_CACHE_REDIS_SERVER=sdb-redis:6379
6
# Expire cache entries after X timestamp
7
SDB_CACHE_EXPIRE=PT1H
Copied!
Minimal Application 
You can compose a minimal application with either the SanteDB-ICDR or SanteMPI instance using a docker-compose.yml file as shown.
1
version: "3.3"
2
​
3
services:
4
  db:
5
    image: postgres
6
    container_name: sdb-postgres
7
    ports:
8
      - "5432:5432"
9
    environment:
10
      POSTGRES_USER: santedb
11
      POSTGRES_PASSWORD: SanteDB123
12
    restart: always
13
​
14
  santedb:
15
    image: santesuite/santedb-icdr:latest
16
    container_name: santedb-icdr
17
    environment:
18
      - SDB_FEATURE=LOG;DATA_POLICY;AUDIT_REPO;ADO;PUBSUB_ADO;RAMCACHE;SEC;SWAGGER;OPENID;FHIR;HL7;HDSI;AMI;BIS
19
      - SDB_DB_MAIN=server=sdb-postgres;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
20
      - SDB_DB_AUDIT=server=sdb-postgres;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
21
      - SDB_DB_MAIN_PROVIDER=Npgsql
22
      - SDB_DB_AUDIT_PROVIDER=Npgsql
23
      - SDB_DELAY_START=1000
24
    ports:
25
      - "8080:8080"
26
      - "2100:2100"
27
    depends_on:
28
      - db
29
    restart: always
Copied!
Volumes
Some directories in the docker image are useful for development purposes. For example, you can configure a volume which exposes a common configuration file set, or common applets. The volumes which can be expose (and their directories) can be done via:
1
services:
2
​
3
   # ... truncated for space ...
4
   
5
   santedb:
6
      image: santesuite/santedb-icdr:latest
7
      # .. truncated ...
8
      volumes:
9
         - santedb-data:/santedb/data
10
​
11
volumes:
12
   santedb-data:
Copied!
The volumes which are of use for exposing to the host docker environment are:
Path
Use
/santedb/data
Used for seeding data into the SanteDB instance. For example
if you have a development environment where you'd like the same data
seeded into the database on startup you can use this option.
/santedb/config
Used for direct access to the configuration files. You should use this option
if the environment variables for the docker instance are too restrictive. 
/santedb/applets
Used for loading applet files which contain user interfaces, BI reports, 
business rules, CDSS rules, etc. These applets should be digitally signed
PAK files.
/santedb/match
Stores the match configuration files for the SanteDB matching engine. These 
match configuration files control the weight, blocking, and classification subsystem
for the default match algorithm.
Advanced Configurations
You can import additional configuration files and/or use the XML configuration subsystem by creating a new container which is based off the santedb-icdr docker image and including additional configuration files. To do this, collect your configuration file as myconfig.xml in a directory and create a new Dockerfile which starts using this as configuration file:
1
FROM santedb-icdr:latest
2
RUN mkdir /myproject
3
COPY myconfig.xml /myproject/myconfig.xml
4
WORKDIR /santedb
5
EXPOSE 2100/tcp
6
EXPOSE 8080/tcp
7
CMD ["mono","/santedb/SanteDB.Docker.Server.exe","/myproject/myconfig.xml"]
Copied!
Adding Sample Data
See the Adding Sample Data article for methods of seeding sample data into SanteMPI.
Packaging Custom Business Rules
You can package business rules, business intelligence, and other asset files into your docker container by simply composing them into a PAK file and including them in the /santedb/applets/ directory.
1
FROM santedb-icdr:latest
2
COPY custom.pak /santedb/applets/custom.pak
Copied!
Upon load, the SanteDB iCDR server will load your package files and will load any business rules files required.
SanteMPI
In order to run a minimal SanteMPI application, you can exchange santedb-icdr with the santedb-mpi image, and apply the appropriate service configuration.
1
version: "3.3"
2
​
3
services:
4
  db:
5
    image: postgres
6
    container_name: sdb-postgres
7
    ports:
8
      - "5432:5432"
9
    environment:
10
      POSTGRES_USER: santedb
11
      POSTGRES_PASSWORD: SanteDB123
12
    restart: always
13
​
14
  santedb:
15
    image: santesuite/santedb-mpi:latest
16
    container_name: santedb-mpi
17
    environment:
18
      - SDB_FEATURE=LOG;DATA_POLICY;AUDIT_REPO;ADO;PUBSUB_ADO;RAMCACHE;SEC;SWAGGER;OPENID;FHIR;HL7;HDSI;AMI;BIS;MDM;MATCHING;IHE_PIXM;IHE_PDQM;IHE_PMIR
19
      - SDB_MATCHING_MODE=WEIGHTED
20
      - SDB_MDM_RESOURCE=Patient=org.santedb.matching.patient.default
21
      - SDB_MDM_AUTO_MERGE=false
22
      - SDB_DB_MAIN=server=sdb-postgres;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
23
      - SDB_DB_AUDIT=server=sdb-postgres;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;
24
      - SDB_DB_MAIN_PROVIDER=Npgsql
25
      - SDB_DB_AUDIT_PROVIDER=Npgsql
26
      - SDB_DATA_POLICY_ACTION=HIDE
27
      - SDB_DELAY_START=5000
28
    ports:
29
      - "8080:8080"
30
      - "2100:2100"
31
    depends_on:
32
      - db
33
    restart: always
Copied!
The SanteMPI container adds the following plugins to SanteDB which can be enabled/disabled with SDB_FEATURE:
Code
Feature
IHE_PDQM
Enables the Patient Demographics Query for Mobile query parameters and extensions.
IHE_PIXM
Enables the Patient Identity Cross Reference ($ihe-pix) FHIR operation
IHE_PMIR
Enables the Patient Master Identity Registry function (urn:ihe:iti:pmir:2019:patient-feed ) FHIR message
IHE_PIX
Enables the IHE PIX (ITI-8 and ITI-9) interfaces for the MPI
IHE_PDQ
Enables the IHE PDQ profile (ITI-21) for HL7v2 interface on the MPI.
​
Installation using Appliances
Adding Sample Data
Last modified 3mo ago
Copy link
Contents
Configuring the Docker Containers
Container Directory/File Structures
Enabling or Disabling Features
Database Connections
Configuring Components
Minimal Application
Volumes
Advanced Configurations
Adding Sample Data
Packaging Custom Business Rules
SanteMPI