Immunizations Service — Deployment Topology
Status: populated Owner: TBD Last updated: 2026-04-18 Companion: Service Template
1. Runtime Specification
| Property | Value |
|---|---|
| Runtime | Node.js 22 LTS |
| Framework | NestJS 11 |
| Container base image | node:22-alpine |
| Port | 3007 |
| Liveness probe | GET /health/live |
| Readiness probe | GET /health/ready |
| Startup probe | GET /health/startup |
2. Replicas
| Environment | Min replicas | Max replicas | HPA trigger |
|---|---|---|---|
| Development | 1 | 1 | — |
| Staging | 1 | 2 | CPU > 60% |
| Production | 2 | 6 | CPU > 65% or RPS > 200 |
3. Kubernetes Resource Requests/Limits
| Resource | Request | Limit |
|---|---|---|
| CPU | 100m | 500m |
| Memory | 256Mi | 512Mi |
4. Dependencies
| Dependency | Type | Purpose | Startup-required |
|---|---|---|---|
| PostgreSQL 16 | Database | Primary data store; RLS tenant isolation | Yes |
| NATS JetStream | Message broker | Event publish + consume | Yes |
| Redis 7 | Cache / queue | BullMQ forecast queue; idempotency cache | Yes |
| Keycloak | Auth | JWT validation | Yes |
| terminology-service | Internal service | EPI schedule definitions | On startup (cached) |
| registration-service | Internal service | Patient active status check | No (fault-tolerant) |
| interop-service | Internal service | Registry sync dispatch | No (async) |
| ai-gateway-service | Internal service | AI risk-score (S3, future) | No |
5. Deployment Diagram
6. Background Workers
| Worker | Trigger | Purpose |
|---|---|---|
ForecastRefreshWorker | BullMQ job (enqueued on record create) | Recompute patient forecast |
OutboxRelayWorker | Polling (500ms interval) | Publish pending outbox events to NATS |
RegistrySyncCronWorker | Cron (configurable, default 0 2 * * *) | Batch sync modified records to national registry |
CoverageMaterializedViewWorker | Cron (hourly) or event-driven | Refresh coverage_by_antigen materialized view |
7. Regional Considerations
- Primary deployment: Afghanistan MoPH data centre.
- All data must remain within jurisdiction; no cross-region replication of PII.
- If multi-region is added in future, use active-passive with async replication (not multi-active) for immunization records.