1 of 46

Packages

The OpenHIM Platform includes a number of base packages which are useful for supporting Health Information Exchanges Workflows. Each section below describes the details of these packages.

Package can be stood up individually using the instant package init -n <package_name> command, or they can be included in your own recipes. This can be accomplished by that includes the necessary packages and any custom configuration packages.

Interoperability Layer Openhim

The interoperability layer that enables simpler data exchange between the different systems. It is also the security layer for the other systems.

This component consists of two services:

Interoperability Layer - OpenHIM for routing the events
Mongo DB for storing the transactions

It provides an interface for:

Checking the transactions logs
Configuring the channels to route the events
User authentication logs
Service logs
Rerun the transactions tasks
Reprocess mediator launching

OpenHIM is based on two 3 main services, openhim-core as a backend, openhim-console as a frontend and mongo as a database.

It is a mandatory component in the stack and the entry point for all incoming requests from the external systems.

Local Development

The Interoperability Layer is the base of the Platform architecture.

Accessing the services

OpenHIM

Console: http://127.0.0.1:9000
Username: root@openhim.org
Password: instant101

Testing the Interoperability Component

As part of the Interoperability Layer setup we also do some initial config import for connecting the services together.

OpenHIM: Import a channel configuration that routes requests to the Data Store - HAPI FHIR service

This config importer will import channels and configuration according to the file openhim-import.json in the folder <path to project packages>/interoperability-layer-openhim/importer/volume.

Environment Variables

Listed in this page are all environment variables needed to run the interoperability layer Openhim.

Variable Name

Type

Relevance

Required

Default

Monitoring

A package for monitoring the platform services

The monitoring package sets up services to monitor the entire deployed stack. This includes the state of the servers involved in the docker swarm, the docker containers themselves and particular applications such as Kafka. It also captures the logs from the various services.

This monitoring package uses:

Grafana: for dashboards
Prometheus: for recording metrics
Cadvisor: for reading docker container metrics
Loki: for storing logs
Node Exporter: for monitoring host machine metrics like CPU, memory etc

To use the monitoring services, include the monitoring package id to your list of package ids when standing up the platform.

Adding application specific metrics

The monitoring service utilises service discovery to discover new metric endpoints to scrape.

To use custom metrics for an application, first configure that application to provide a Prometheus compatible metrics endpoint. Then, let the monitoring service know about it by configuring specific docker service labels that tell the monitoring service to add a new endpoint to scrape. E.g. see lines 8-9:

  kafka-minion:
    image: quay.io/cloudhut/kminion:master
    hostname: kafka-minion
    environment:
      KAFKA_BROKERS: kafka:9092
    deploy:
      labels:
        - prometheus-job-service=kafka
        - prometheus-address=kafka-minion:8080

prometheus-job-service lets Prometheus know to enable monitoring for this container and prometheus-address gives the endpoint that Prometheus can access the metrics on. By default this is assumed to be at the path /metrics by Prometheus.

By using the prometheus-job-service label prometheus will only create a single target for your application even if it is replicated via service config in docker swarm. If you would like to monitor each replica separately (i.e. if metrics are only captured for that replica and not shared to some central location in the application cluster) you can instead used the prometheus-job-task label and Prometheus will create a target for each replica.

A full list od supported labels are listed below:

prometheus-job-service - indicates this service should be monitored
prometheus-job-task - indicates each task in the replicated service should be monitored separately
prometheus-address - the service address Prometheus can scrape metrics from, can only be used with prometheus-job-service
prometheus-scheme - the scheme to use when scaping a task or service (e.g. http or https), defaults to http
prometheus-metrics-path - the path to the metrics endpoint on the target (defaults to /metrics)
prometheus-port - the port of the metrics endpoint. Only usable with prometheus-job-task, defaults to all exposed ports for the container if no label is present

All services must also be on the prometheus_public network to be able to be seen by Prometheus for metrics scraping.

Adding additional dashboards

To add additional dashboards simply use docker configs to add new Grafana dashboard json files into this directory in the Grafana container: /etc/grafana/provisioning/dashboards/

That directory will be scanned periodically and new dashboards will automatically be added to Grafana.

Grafana dashboard json file may be exported directly from the Grafana when saving dashboards or you may lookup the many existing dashboard in the Grafana marketplace.

Environment Variables

Listed in this page are all environment variables needed to run Monitoring package.

Variable Name

Type

Relevance

Required

Default

Kafka Mapper Consumer

A Kafka consumer that maps FHIR resources to a flattened data structure.

Local Development

A Kafka consumer that maps FHIR resources to a flattened data structure

Kafka-mapper-consumer

A Kafka processor that will consume messages from Kafka topics. This messages will be mapped according to the mapping defined in the file called fhir-mapping.json.

This flattened data will be then sent to Clickhouse DB to be stored.

Each topic has its own table mapping, plugin and filter and one topic may be mapped in different ways.

An example of fhir-mapping.json can be found in the package.

Each new message with new ID will be inserted as a new row in the table defined in the mapping. An update of the message will result on update in Clickhouse DB accordingly. Link to GitHub repo: https://github.com/jembi/kafka-mapper-consumer.

Environment Variables

Listed in this page are all environment variables needed to run Kafka mapper consumer.

Variable Name

Type

Relevance

Required

Default

Data Mapper Logstash

Generic Logstash pipeline for ELK stack.

Logstash provides a data transformation pipeline for analytics data. In the platform it is responsible for transforming FHIR messages into a flattened object that can be inserted into Elasticsearch.

Input

Logstash allows for different types of input to read the data: Kafka, HTTP ports, files, etc.

Filters

With a set of filters and plugins, the data can be transformed, filtered, and conditioned.

This allows the creation of a structured and flattened object out of many nested and long resources.

Accessing the different fields will be much easier and we will get rid of the unused data.

Output

To save the data, Logstash provides a set of outputs such as: Elasticsearch, S3, files, etc.

Local Development

Generic Logstash pipeline for ELK stack.

Adding pipelines and configs

To add Logstash config files, you can add files into the <path to project packages>/data-mapper-logstash/pipeline.

Developing the Logstash configs locally

When seeking to make changes to the Logstash configs without having to repeatedly start and stop the service, one can set the LOGSTASH_DEV_MOUNT env var in your .env file to true to attach the service's config files to those on your local machine.

Cluster

When attaching Logstash to an Elasticsearch cluster ensure you use the ES_HOSTS environment variable. eg. ES_HOSTS="analytics-datastore-elastic-search-1:9200","analytics-datastore-elastic-search-2:9200","analytics-datastore-elastic-search-3:9200" and reference it in your logstash configs eg. hosts => [$ES_HOSTS]

Notes

With LOGSTASH_DEV_MOUNT=true, you have to set the LOGSTASH_PACKAGE_PATH variable with the absolute path to package containing your Logstash config files, i.e., LOGSTASH_PACKAGE_PATH=/home/user/Documents/Projects/platform/data-mapper-logstash.
WARNING: do not edit the pipeline files from within the Logstash container, or the group ID and user ID will change, and subsequently will result in file permission errors on your local file system.

Environment Variables

Listed in this page are all environment variables needed to run Logstash.

Variable Name

Type

Relevance

Required

Default

Job Scheduler Ofelia

A job scheduling tool.

Local Development

A job scheduling tool.

Ofelia - Job Scheduler

Job Docs

The platform uses image: mcuadros/ofelia:v0.3.6 which has the following limitations:

Ofelia does not support config.ini files when run in docker mode (which enables scheduling jobs with docker labels) thus we need to always use the config.ini file for creating jobs.
Ofelia does not support attaching to a running instance of a service.
Ofelia does not support job-run (which allows you to launch a job with a specified image name) labels on non-ofelia services (ie. you may not specify a job of type job-run within the nginx package as ofelia will not pick it up)
Ofelia only initializes jobs when it stands up and does not listen for new containers with new labels to update it's schedules, thus Ofelia needs to be re-up'd every time a change is made to a job that is configured on another service's label.

Example of a job config

An example of job config in the file config.example.ini existing in the folder <path to project packages>/job-scheduler-ofelia/.

[job-run "renew-certs"]
schedule = @every 1440h ;60 days
image = jembi/swarm-nginx-renewal:v1.0.0
volume = renew-certbot-conf:/instant
volume = /var/run/docker.sock:/var/run/docker.sock:ro
environment = RENEWAL_EMAIL=${RENEWAL_EMAIL}
environment = STAGING=${STAGING}
environment = DOMAIN_NAME=${DOMAIN_NAME}
environment = SUBDOMAINS=${SUBDOMAINS}
environment = REVERSE_PROXY_STACK_NAME=${REVERSE_PROXY_STACK_NAME}
delete = true

You can specify multiple jobs in a single file.

Environment Variables

Listed in this page are all environment variables needed to run Ofelia.

The Ofelia service does not make use of any environment variables. However, when specifying jobs in the config.ini file(s) we can pass any environment variable in.

Example:

[job-run "mongo-backup"]
schedule= @daily
image= mongo:4.2
network= mongo_backup
volume= /backups:/tmp/backups
command= sh -c 'mongodump --uri=${OPENHIM_MONGO_URL} --gzip --archive=/tmp/backups/mongodump_$(date +%s).gz'
delete= true

In the example above, OPENHIM_MONGO_URL is an environment variable.

Analytics Datastore - Clickhouse

Clickhouse is a SQL datastore.

Local Development

Clickhouse is a SQL datastore

Launching

Launching this package executes the following two steps:

Running Clickhouse service
Running config importer to run the initial SQL script

Initializing ClickHouse

The config importer will be launched to run a NodeJS script after ClickHouse has started.

It will run SQL queries to initialize the tables and the schema, and can also include initial seed data if required.

The config importer looks for two files clickhouseTables.js and clickhouseConfig.js found in <path to project packages>/analytics-datastore-clickhouse/importer/config.

For specific implementation, this folder can be overridden.

Environment Variables

Listed in this page are all environment variables needed to run Clickhouse.

Variable Name

Type

Relevance

Required

Default

Analytics Datastore - Elasticsearch

Elasticsearch is the datastore for the Elastic (ELK) Stack.

Local Development

Elasticsearch is the datastore for the Elastic (ELK) Stack

Launching

Launching this package follows different steps:

[Cluster mode] Creating certificates and configuring the nodes
Running Elasticsearch
Setting Elasticsearch passwords
Importing Elasticsearch index

Importing

To initialize the index mapping in Elasticsearch, a helper container is launched to import a config file to Elasticsearch. The config importer looks for a field named fhir-enrich-report.json in <path to project packages>/analytics-datastore-elastic-search/importer.

The file fhir-enrich-report.json will contain the mapping of the index fhir-enrich-reports.

Elasticsearch will create a dynamic mapping for the incoming data if we don't specify one, this dynamic mapping may cause issues when we start sending the data as it doesn't necessarily conform 100% to the data types that we're expecting when querying the data out of Elasticsearch again.

Therefore, the mapping should be initialized in Elasticsearch using the config importer.

The file fhir-enrich-report.json is just an example, the name and the mapping can be overridden.

Running in Dev Mode

When running in DEV mode, Elasticsearch is reachable at:

http://127.0.0.1:9201/

Elasticsearch Backups

For detailed steps about creating backups see: Snapshot filesystem repository docs.

Elasticsearch offers the functionality to save a backup in different ways, for further understanding, you can use this link: Register a snapshot repository docs.

Elasticsearch Restore

To see how to restore snapshots in Elasticsearch: Snapshot Restore docs.

Running in Clustered Mode

Pre-Deploy Configuration

If running in clustered mode, take note that each machine has to have the following vm.max_map_count setting:

sysctl -w vm.max_map_count=262144

Environment Variables

Listed in this page are all environment variables needed to run and initialize Elasticsearch.

Variable Name

Type

Relevance

Required

Default

Client Registry - SanteMPI

A patient matching and deduplicater for the platform

This package consists of four services:

Postgres Main DB
Postgres Audit DB
SanteMPI Web UI -
SanteMPI API -

Environment Variables

Listed in this page are all environment variables needed to run Kibana.

Variable Name

Type

Relevance

Required

Default

Note

The environment variable SANTEMPI_REPMGR_PARTNER_NODES will differ from cluster and single mode.

Default value for SANTEMPI_MAIN_CONNECTION_STRING:

server=santempi-psql-1;port=5432; database=santedb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;

Default value for SANTEMPI_AUDIT_CONNECTION_STRING:

server=santempi-psql-1;port=5432; database=auditdb; user id=santedb; password=SanteDB123; pooling=true; MinPoolSize=5; MaxPoolSize=15; Timeout=60;

Dashboard Visualiser - Jsreport

Jsreport is a visualisation tool configured to query data from Elasticsearch.

Local Development

Accessing the Service

Jsreport - http://127.0.0.1:5488/

Scripts/Templates Development

When seeking to make changes to the Jsreport scripts/templates without having to repeatedly start and stop the service, one can set the JS_REPORT_DEV_MOUNT environment variable in your .env file to true to attach the service's content files to those on your local machine.

You have to run the set-permissions.sh script before and after launching Jsreport when JS_REPORT_DEV_MOUNT=true.
REMEMBER TO EXPORT THE JSREXPORT FILE WHEN YOU'RE DONE EDITING THE SCRIPTS. More info is available at https://jsreport.net/learn/import-export

With JS_REPORT_DEV_MOUNT=true, you have to set the JS_REPORT_PACKAGE_PATH variable with the absolute path to the Jsreport package on your local machine, i.e., JS_REPORT_PACKAGE_PATH=/home/user/Documents/Projects/platform/dashboard-visualiser-jsreport
Remember to shut down Jsreport before changing git branches if JS_REPORT_DEV_MOUNT=true, otherwise, the dev mount will persist the Jsreport scripts/templates across your branches.

Export & Import

After editing the templates in Jsreport, you will need to save these changes, it is advised to export a file containing all the changes named export.jsrexport and put it into the folder <path to project packages>/dashboard-visualiser-jsreport/importer.

The config importer of Jsreport will import the export.jsrexport and then all the templates, assets, and scripts will be loaded in Jsreport.

Environment Variables

Listed in this page are all environment variables needed to run Jsreport.

Variable Name

Type

Relevance

Required

Default

Dashboard Visualiser - Kibana

Kibana is a visualisation tool forming part of the Elastic (ELK) Stack for creating dashboards by querying data from ElasticSearch.

Local Development

Accessing the Service

Kibana - http://127.0.0.1:5601/

Importing Saved Objects

The config importer will import the file kibana-export.ndjson that exists in the folder <path to project packages>/dashboard-visualiser-kibana/importer.

The saved objects that will be imported are the index patterns and dashboards. If you made any changes to these objects please don't forget to export them and save the file kibana-export.ndjson under the folder specified above.