CapMinds > Technical Guide > Automating OpenEMR Deployments on AWS: A DevOps Playbook

Automating OpenEMR Deployments on AWS: A DevOps Playbook

November 13, 2024 Technical Guide

Electronic medical records (EMRs) have become a critical technology for healthcare providers. Managing patient data digitally offers significant benefits including improved clinical workflows, reduced medical errors, and lower administrative costs. However, deploying and managing EMR systems can be challenging, especially for smaller practices with limited IT resources.

OpenEMR is an open-source EMR solution used by over 100,000 medical providers globally. It offers robust clinical tools for medical records, prescription writing, billing, and more.

However, like most enterprise software, OpenEMR requires careful installation, configuration, and integration to work smoothly. This is where using Infrastructure-as-Code (IaC) and DevOps practices can help.

Recent surveys show that it takes an average of 6 months for healthcare IT teams to manually build, test, and deploy an EMR system. Plus there are risks of misconfiguration which can lead to security issues or reliability problems down the line. By leveraging IaC templates and automated CI/CD pipelines, OpenEMR deployments can be standardized and streamlined from months down to just weeks or days.

AWS Infrastructure Overview

  • AWS provides an ideal cloud platform for EMR systems with HIPAA compliance, high availability across zones, and nearly limitless scalability.
  • A robust OpenEMR architecture on AWS will typically involve:
  • VPC for network isolation
  • Public and private subnets for web and database tiers
  • RDS PostgreSQL for database
  • EC2 application servers
  • EFS shared filesystem
  • S3 storage for backups and files
  • CloudWatch monitoring and alarms
  • AWS Secrets Manager for credentials and API keys

Automating Infrastructure with Terraform IaC

HashiCorp Terraform is a popular open-source IaC tool that allows codifying AWS and other cloud infrastructure as configuration files. This allows version controlling and re-using infrastructure templates for automated, consistent OpenEMR deployments.

Here is a sample Terraform module for deploying an OpenEMR cluster across two AZs:

# VPC Module
module "vpc" {
  source = "terraform-aws-modules/vpc/aws"

  name = "openemr-vpc"
  cidr = "10.0.0.0/16"

  azs             = ["us-east-1a", "us-east-1b"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24"]

  enable_nat_gateway = true

}

# RDS Module
module "db" {
  source = "terraform-aws-modules/rds/aws"

  identifier = "openemr-db"

  engine            = "postgres"
  engine_version    = "11.10"
  instance_class    = "db.t3.large"
  allocated_storage = 20

  db_name  = "openemr"
  username = "openemr"
  port     = "5432"

  iam_database_authentication_enabled = true

  vpc_security_group_ids = [module.vpc.default_security_group_id]
  
  maintenance_window = "Mon:00:00-Mon:03:00"
  backup_window      = "03:00-06:00"

  # DB subnet group
  subnet_ids = module.vpc.private_subnets

  # DB Parameter group
  family = "postgres11"

  # DB Option group
  major_engine_version = "11"

}

# EC2 Module
module "ec2" {
  source = "..."

  name = "openemr-web"

  ami                    = data.aws_ami.ubuntu.id
  instance_type          = "t3.micro"
  key_name               = aws_key_pair.my_key.key_name
  monitoring             = true
  vpc_security_group_ids = [module.vpc.default_security_group_id]
  subnet_id              = module.vpc.public_subnets[0]

}

The above modules allow provisioning a full OpenEMR infrastructure with just a terraform application. Module composition and reuse is a powerful paradigm for managing infrastructure as code.

Automating Deployments with Ansible

Once the base infrastructure is provisioned, the OpenEMR application still needs to be deployed and configured. Ansible is a popular automation tool that can install software and configure systems over SSH.

Here is a sample playbook to deploy OpenEMR from the GitHub source:

---
- hosts: webservers
  become: yes
 
  tasks:
    - name: Install dependencies
      ansible.builtin.apt:
        name:
          - git
          - apache2
          - php
          - mysql-client
          - postgresql-client

    - name: Clone OpenEMR code  
      ansible.builtin.git:
        repo: 'https://github.com/openemr/openemr.git'
        dest: /var/www/openemr
        version: release-6.0

    - name: Set permissions
      ansible.builtin.file:
        path: /var/www/openemr
        owner: www-data
        group: www-data
        recurse: yes

    - name: Install php extensions  
      ansible.builtin.apt:
        name:
          - php-pdo  
          - php-ldap
          - php-gd

    - name: Generate config file
      template: 
        src: config.php.j2
        dest: /var/www/openemr/sites/default/config.php

Building CI/CD Pipelines with GitHub Actions

Managing infrastructure as code and automated deployments allows the implementation of continuous delivery pipelines for EMR systems. As developers commit code changes, these can kick off automated builds, tests, and deployments to QA/staging environments for verification before releasing them to production.

Here is a sample GitHub Actions workflow for OpenEMR CI/CD:

on:
  push:
    branches: [ "main" ]

jobs:

  build:

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3
    - name: Build front-end assets 
      run: |
        npm install
        npm run build
    - name: Archive artifacts  
      uses: actions/upload-artifact@v3
      with:
        name: openemr-files
        path: |
          interface/themes/ 

  deploy-test:
    needs: build
    runs-on: ubuntu-latest

    steps:  
    - uses: actions/checkout@v3
    - uses: actions/download-artifact@v3
      with: 
        name: openemr-files
        path: interface/themes
    - name: Deploy to Test
      uses: ansible-actions/ansible-playbook@v9
      with:
        playbook: deploy-playbook.yml
        inventory: test-inventory.ini
        private-key: ${{ secrets.TEST_SSH_KEY }}
        
  # Approve promotion from Test
  deploy-prod:
    needs: deploy-test

    # run deploy steps to Production

Transform OpenEMR Delivery with CapMinds’ DevOps Specialists

CapMinds provides best-in-class services to take your business to the next level. Our experts bring decades of experience guiding organizations of all sizes through digital transformation and technology optimization.

Want all the benefits with none of the headaches? CapMinds offers fully-managed OpenEMR on AWS with end-to-end DevOps built in. Gain a high-performance EMR backend supporting unlimited scaling and cutting-edge delivery pipelines for new features in just days or weeks.

Let our automation experts handle the platform while you focus on patients. Simply move in your data and get back to business transformed.

Contact CapMinds today for a free consultation on migrating your OpenEMR instance onto our blazing-fast, infinitely scalable cloud

Let’s Connect!
Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Schedule a Free Consultation!

Book Now

You may also like