Automating OpenEMR Deployments on AWS: A DevOps Playbook
Electronic medical records (EMRs) have become a critical technology for healthcare providers. Managing patient data digitally offers significant benefits including improved clinical workflows, reduced medical errors, and lower administrative costs. However, deploying and managing EMR systems can be challenging, especially for smaller practices with limited IT resources.
OpenEMR is an open-source EMR solution used by over 100,000 medical providers globally. It offers robust clinical tools for medical records, prescription writing, billing, and more.
However, like most enterprise software, OpenEMR requires careful installation, configuration, and integration to work smoothly. This is where using Infrastructure-as-Code (IaC) and DevOps practices can help.
Recent surveys show that it takes an average of 6 months for healthcare IT teams to manually build, test, and deploy an EMR system. Plus there are risks of misconfiguration which can lead to security issues or reliability problems down the line. By leveraging IaC templates and automated CI/CD pipelines, OpenEMR deployments can be standardized and streamlined from months down to just weeks or days.
AWS Infrastructure Overview
- AWS provides an ideal cloud platform for EMR systems with HIPAA compliance, high availability across zones, and nearly limitless scalability.
- A robust OpenEMR architecture on AWS will typically involve:
- VPC for network isolation
- Public and private subnets for web and database tiers
- RDS PostgreSQL for database
- EC2 application servers
- EFS shared filesystem
- S3 storage for backups and files
- CloudWatch monitoring and alarms
- AWS Secrets Manager for credentials and API keys
Automating Infrastructure with Terraform IaC
HashiCorp Terraform is a popular open-source IaC tool that allows codifying AWS and other cloud infrastructure as configuration files. This allows version controlling and re-using infrastructure templates for automated, consistent OpenEMR deployments.
Here is a sample Terraform module for deploying an OpenEMR cluster across two AZs:
# VPC Module
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
name = "openemr-vpc"
cidr = "10.0.0.0/16"
azs = ["us-east-1a", "us-east-1b"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24"]
enable_nat_gateway = true
}
# RDS Module
module "db" {
source = "terraform-aws-modules/rds/aws"
identifier = "openemr-db"
engine = "postgres"
engine_version = "11.10"
instance_class = "db.t3.large"
allocated_storage = 20
db_name = "openemr"
username = "openemr"
port = "5432"
iam_database_authentication_enabled = true
vpc_security_group_ids = [module.vpc.default_security_group_id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
# DB subnet group
subnet_ids = module.vpc.private_subnets
# DB Parameter group
family = "postgres11"
# DB Option group
major_engine_version = "11"
}
# EC2 Module
module "ec2" {
source = "..."
name = "openemr-web"
ami = data.aws_ami.ubuntu.id
instance_type = "t3.micro"
key_name = aws_key_pair.my_key.key_name
monitoring = true
vpc_security_group_ids = [module.vpc.default_security_group_id]
subnet_id = module.vpc.public_subnets[0]
}
The above modules allow provisioning a full OpenEMR infrastructure with just a terraform application. Module composition and reuse is a powerful paradigm for managing infrastructure as code.
Automating Deployments with Ansible
Once the base infrastructure is provisioned, the OpenEMR application still needs to be deployed and configured. Ansible is a popular automation tool that can install software and configure systems over SSH.
Here is a sample playbook to deploy OpenEMR from the GitHub source:
---
- hosts: webservers
become: yes
tasks:
- name: Install dependencies
ansible.builtin.apt:
name:
- git
- apache2
- php
- mysql-client
- postgresql-client
- name: Clone OpenEMR code
ansible.builtin.git:
repo: 'https://github.com/openemr/openemr.git'
dest: /var/www/openemr
version: release-6.0
- name: Set permissions
ansible.builtin.file:
path: /var/www/openemr
owner: www-data
group: www-data
recurse: yes
- name: Install php extensions
ansible.builtin.apt:
name:
- php-pdo
- php-ldap
- php-gd
- name: Generate config file
template:
src: config.php.j2
dest: /var/www/openemr/sites/default/config.php
Building CI/CD Pipelines with GitHub Actions
Managing infrastructure as code and automated deployments allows the implementation of continuous delivery pipelines for EMR systems. As developers commit code changes, these can kick off automated builds, tests, and deployments to QA/staging environments for verification before releasing them to production.
Here is a sample GitHub Actions workflow for OpenEMR CI/CD:
on:
push:
branches: [ "main" ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Build front-end assets
run: |
npm install
npm run build
- name: Archive artifacts
uses: actions/upload-artifact@v3
with:
name: openemr-files
path: |
interface/themes/
deploy-test:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
name: openemr-files
path: interface/themes
- name: Deploy to Test
uses: ansible-actions/ansible-playbook@v9
with:
playbook: deploy-playbook.yml
inventory: test-inventory.ini
private-key: ${{ secrets.TEST_SSH_KEY }}
# Approve promotion from Test
deploy-prod:
needs: deploy-test
# run deploy steps to Production
Transform OpenEMR Delivery with CapMinds’ DevOps Specialists
CapMinds provides best-in-class services to take your business to the next level. Our experts bring decades of experience guiding organizations of all sizes through digital transformation and technology optimization.
Want all the benefits with none of the headaches? CapMinds offers fully-managed OpenEMR on AWS with end-to-end DevOps built in. Gain a high-performance EMR backend supporting unlimited scaling and cutting-edge delivery pipelines for new features in just days or weeks.
Let our automation experts handle the platform while you focus on patients. Simply move in your data and get back to business transformed.
Contact CapMinds today for a free consultation on migrating your OpenEMR instance onto our blazing-fast, infinitely scalable cloud
