Patient Chart Service — Deployment Topology

Status: populated Owner: TBD Last updated: 2026-04-18 Companion: Service Template · 03 platform-services

1. Runtime

Attribute	Value
Runtime	NestJS 11 / Node 22 LTS / TypeScript 5.x
Container image	ghasi/patient-chart-service:latest
Base image	node:22-alpine
Port	3010 (internal)
Health endpoint	GET /health (liveness + readiness)
Readiness probe	DB connectivity + NATS connection

2. Kubernetes deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  name: patient-chart-service
  namespace: ghasi-ehealth
spec:
  replicas: 3          # minimum; HPA scales to 10
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  template:
    spec:
      containers:
        - name: patient-chart-service
          image: ghasi/patient-chart-service
          resources:
            requests: { cpu: 250m, memory: 512Mi }
            limits:   { cpu: 1000m, memory: 1Gi }
          env:
            - name: DATABASE_URL
              valueFrom:
                secretKeyRef:
                  name: patient-chart-db-secret
                  key: url
            - name: NATS_URL
              valueFrom:
                configMapKeyRef:
                  name: nats-config
                  key: url

3. Scaling

Metric	Target	Min replicas	Max replicas
CPU utilisation	70 %	3	10
NATS consumer lag	> 500 msgs	—	Triggers alert
HTTP P95 latency	< 800 ms	—	Triggers alert

HPA (Horizontal Pod Autoscaler) monitors CPU and custom patient_chart_http_request_duration_p95 metric via KEDA if available.

4. Regions and data residency

Deployment	Region	Notes
Primary	Afghanistan (AF)	MoPH data-residency requirement; Postgres and NATS co-located in-country
DR passive	Backup cloud region (UAE or on-prem secondary)	Async replica; activated via DNS failover
Dev / staging	Shared cloud environment	No real patient data; synthetic seed data only

5. Database topology

Component	Technology	Notes
Primary DB	PostgreSQL 16	Single logical schema patient_chart; monthly range partitions on time-series tables
Replica	Postgres streaming replica (1 async)	Read queries for summary/timeline widgets may be directed here
Migrations	Drizzle Kit	Applied by CI pipeline before pod rollout; never auto-run on startup
Backup	Daily pg_dump + WAL archiving	7-year retention per MoPH policy

6. NATS JetStream streams

Stream	Subjects	Retention	Consumers
PATIENT_CHART	patient_chart.>	WorkQueue 7 days	audit-service, medication-service, communication-service, population-health-service, patient-portal-service
REGISTRATION (consume)	registration.patient.*, registration.encounter.created.v1	WorkQueue	patient-chart-service inbox consumer
GDPR (consume)	gdpr.subject_request.received.v1	WorkQueue	patient-chart-service inbox consumer

7. External HTTP dependencies (sync)

Dependency	Pattern	Timeout	Retry
terminology-service	Sync REST	2 s	3x exponential
registration-service	Sync REST	2 s	3x
provider-directory-service	Sync REST	2 s	2x
facility-service	Sync REST	2 s	2x
ai-gateway-service	Sync REST	30 s	No retry (AI assist; timeout ≠ retry)
document-service	Sync REST	5 s	3x
medication-service	Sync REST (summary widget)	3 s	2x
laboratory-service	Sync REST (summary widget)	3 s	2x
radiology-service	Sync REST (summary widget)	3 s	2x
immunizations-service	Sync REST (summary widget)	3 s	2x
care-plan-service	Sync REST (summary widget)	3 s	2x

All downstream calls wrapped in HttpClientAdapter with per-service circuit breaker.

8. Security and network

Control	Value
Ingress	Kong edge gateway only; no direct pod access
mTLS	Enabled in-cluster (Linkerd or Istio mesh)
Secrets	Kubernetes Secrets backed by Vault (Vault Agent Injector)
RLS	PostgreSQL RLS; app.tenant_id set per-request from JWT
Network policy	Deny-all default; allow list per service

9. Canary and rollout strategy

Stage	Traffic %	Duration	Validation
Canary	5 %	30 min	Error rate < 0.1 %; P99 < 1.5 s; NATS event count stable
Progressive	25 % → 50 % → 100 %	15 min each	Same SLO gates
Rollback trigger	Error rate > 1 % or P99 > 2 s	Automated via Argo Rollouts

10. Open questions

• Confirm DR region (UAE cloud vs. second on-prem site for AF MoPH).
• Read replica enablement for summary/timeline queries — decision needed before M1.