VannahHealthCloud

Infrastructure

Server setup, Docker containerization, networking, storage, and orchestration for VannahHealthCloud.

Infrastructure Overview

VannahHealthCloud runs on a containerized microservices architecture deployed via CapRover on cloud infrastructure.

Technology Stack

LayerTechnologyPurpose
OrchestrationCapRover / KubernetesContainer management
ContainersDockerService isolation
Web ServerNginx / TraefikReverse proxy, SSL
ApplicationNext.js, Node.jsFrontend & API
DICOM ServerOrthancMedical image management
ViewerMedDreamDICOM image viewing
DatabasePostgreSQL 15+Metadata & user data
Object StorageMinIO / AWS S3DICOM pixel data
Message QueueRabbitMQ / RedisEvent processing
MonitoringPrometheus + GrafanaMetrics & alerting
LoggingLoki / ELK StackCentralized logging

Docker Configuration

Service Definitions

Each component runs as an isolated Docker container:

# docker-compose.yml (simplified)
version: '3.8'

services:
  web:
    image: vhc/web-app:latest
    ports:
      - "3000:3000"
    environment:
      - DATABASE_URL=postgresql://vhc:secret@db:5432/vannahcloud
      - ORTHANC_URL=http://orthanc:8042
    depends_on:
      - db
      - orthanc

  orthanc:
    image: orthancteam/orthanc:latest
    ports:
      - "4242:4242"
      - "8042:8042"
    volumes:
      - orthanc-data:/var/lib/orthanc/db
    environment:
      - ORTHANC__POSTGRESQL__HOST=db
      - ORTHANC__POSTGRESQL__DATABASE=orthanc

  meddream:
    image: vhc/meddream:latest
    ports:
      - "8080:8080"
    environment:
      - ORTHANC_URL=http://orthanc:8042

  db:
    image: postgres:15
    environment:
      - POSTGRES_DB=vannahcloud
      - POSTGRES_USER=vhc
      - POSTGRES_PASSWORD=secret
    volumes:
      - pg-data:/var/lib/postgresql/data

  minio:
    image: minio/minio:latest
    command: server /data --console-address ":9001"
    ports:
      - "9000:9000"
      - "9001:9001"
    volumes:
      - minio-data:/data

  rabbitmq:
    image: rabbitmq:3-management
    ports:
      - "5672:5672"
      - "15672:15672"

volumes:
  orthanc-data:
  pg-data:
  minio-data:

CapRover Deployment

VannahHealthCloud uses CapRover as its primary container orchestration platform for production deployments.

CapRover Setup

# Install CapRover on your server
docker run -p 80:80 -p 443:443 -p 3000:3000 \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v /captain:/captain \
  caprover/caprover

# Configure domain
# Point *.app.yourdomain.com to your server IP

Application Deployment

Each service is deployed as a separate CapRover app:

App NameImagePortDomain
vhc-webvhc/web-app3000dev.teledokta.co.tz
vhc-orthancorthancteam/orthanc8042pacs.teledokta.co.tz
vhc-meddreamvhc/meddream8080viewer.teledokta.co.tz
vhc-apivhc/api-server4000api.teledokta.co.tz
vhc-miniominio/minio9000storage.teledokta.co.tz

Networking

Port Allocation

PortServiceProtocol
80/443Web ApplicationHTTPS
4242DICOM GatewayDICOM TLS
8042Orthanc REST APIHTTPS
8080MedDream ViewerHTTPS
5432PostgreSQLTCP (internal)
9000MinIO APIHTTPS
5672RabbitMQAMQP (internal)
15672RabbitMQ ManagementHTTPS

SSL/TLS Configuration

All external-facing services are secured with TLS certificates:

  • Let's Encrypt — Automatic certificate provisioning via CapRover
  • DICOM TLS — Orthanc configured with mutual TLS for DICOM connections
  • Internal TLS — Service-to-service encryption within the Docker network

Storage Architecture

PostgreSQL Database

  • Primary database for all structured data
  • Stores study metadata, patient records, user accounts, audit logs
  • Configured with streaming replication for high availability
  • Daily automated backups with point-in-time recovery

MinIO Object Storage

  • S3-compatible object storage for DICOM pixel data
  • Erasure coding for data durability
  • Bucket lifecycle policies for tiered storage
  • Server-side encryption (SSE-S3)

Backup Strategy

┌─────────────┐    Daily     ┌──────────────┐    Weekly    ┌──────────────┐
│  Production │  ─────────→  │  Backup      │  ─────────→  │  Off-site    │
│  Storage    │              │  Server      │              │  Archive     │
└─────────────┘              └──────────────┘              └──────────────┘
                              (Incremental)                 (Full backup)

Monitoring & Alerting

Prometheus Metrics

Key metrics collected:

  • DICOM throughput — Images received/sent per minute
  • Storage utilization — Disk usage across all tiers
  • API latency — Response times for REST endpoints
  • Database connections — Active and idle connections
  • Container health — CPU, memory, restart counts

Grafana Dashboards

Pre-configured dashboards for:

  • System overview (all services at a glance)
  • DICOM traffic analysis
  • Storage capacity planning
  • User activity metrics
  • Error rate monitoring

Alert Rules

AlertConditionSeverity
High CPU> 85% for 5 minutesWarning
Low Disk< 10% free spaceCritical
DICOM DownNo heartbeat for 2 minutesCritical
High LatencyAPI p99 > 2 secondsWarning
Backup FailedNo successful backup in 24hCritical

DICOM Workflows

End-to-end DICOM imaging data flows — acquisition, routing, storage, retrieval, and viewing in VannahHealthCloud.

Integrations

Connect VannahHealthCloud with RIS, EMR/EHR, HMS, and diagnostic devices using HL7, FHIR, and DICOM protocols.

On this page

Infrastructure OverviewTechnology StackDocker ConfigurationService DefinitionsCapRover DeploymentCapRover SetupApplication DeploymentNetworkingPort AllocationSSL/TLS ConfigurationStorage ArchitecturePostgreSQL DatabaseMinIO Object StorageBackup StrategyMonitoring & AlertingPrometheus MetricsGrafana DashboardsAlert Rules