Introduction
Welcome to HealthFlow NDP Infrastructure
This documentation provides comprehensive guidance for deploying and managing the Kubernetes infrastructure that powers Egypt's National Digital Prescription (NDP) system - "Rousheta Raqamya".
What is HealthFlow NDP?
The HealthFlow NDP platform is a cloud-native, microservices-based system designed to digitize the prescription and dispensing workflow across Egypt's healthcare ecosystem. It connects:
- Healthcare Providers - Doctors and hospitals creating prescriptions
- Patients - Citizens receiving and managing their prescriptions
- Pharmacies - Dispensing facilities fulfilling prescriptions
- Regulatory Bodies - EDA and MOH for oversight and compliance
- Insurance Companies - For claims and reimbursement processing
Platform Goals
1. Accessibility
Enable prescription access through multiple channels:
- Mobile applications
- QR codes on printed prescriptions
- National ID lookup
- SMS notifications
2. Safety
Ensure patient safety through:
- Drug-drug interaction checking
- Allergy warnings
- Duplicate prescription detection
- Controlled substance monitoring
3. Efficiency
Streamline healthcare delivery via:
- Reduced prescription errors
- Faster dispensing process
- Digital audit trails
- Real-time analytics
4. Compliance
Meet regulatory requirements:
- GDPR-like data protection
- EDA regulations adherence
- Healthcare data standards (FHIR)
- Audit and traceability
Architecture Philosophy
Technology Stack
Infrastructure Layer
- Orchestration: Kubernetes 1.28+
- Container Runtime: containerd
- Network: Calico CNI
- Storage: NFS / Ceph RBD
- Load Balancer: MetalLB / Cloud Provider LB
Gateway Layer
- Ingress: Traefik v3
- API Gateway: Traefik with rate limiting
- SSL/TLS: Let's Encrypt + cert-manager
- WAF: ModSecurity (optional)
Service Discovery & Config
- Service Mesh: Consul
- Secrets Management: HashiCorp Vault
- Configuration: ConfigMaps + Vault
- DNS: CoreDNS
Data Layer
- Primary Database: PostgreSQL 15
- Legacy Database: MySQL 8
- Document Store: MongoDB 6
- Cache: Redis 7
- Message Queue: Apache Kafka
Observability
- Metrics: Prometheus + Thanos
- Visualization: Grafana
- Logging: Loki + Promtail
- Tracing: Jaeger (planned)
- Alerting: AlertManager
Application Layer
- Language: Node.js / Go / Python
- Framework: Express / Gin / FastAPI
- API Standard: REST + GraphQL
- Health Data: FHIR R4
System Capacity
Initial Phase (Year 1)
- Prescriptions/Day: 100,000
- Dispenses/Day: 80,000
- Concurrent Users: 5,000
- Response Time: < 500ms (p95)
- Availability: 99.5%
Target Phase (Year 3)
- Prescriptions/Day: 1,000,000
- Dispenses/Day: 800,000
- Concurrent Users: 50,000
- Response Time: < 300ms (p95)
- Availability: 99.9%
Documentation Structure
This documentation is organized into the following sections:
Architecture
Deep dive into system design, service interactions, and network topology.
Infrastructure Stacks
Step-by-step guides for deploying each infrastructure layer:
- Gateway (Traefik, Portainer)
- Data (PostgreSQL, MySQL, Redis)
- Monitoring (Prometheus, Grafana, Loki)
- Discovery (Consul, Vault)
- Applications (NDP Services)
Services Reference
Detailed documentation for each infrastructure service including configuration, environment variables, and troubleshooting.
NDP Services
Application-specific documentation for each microservice in the NDP platform.
Deployment
Installation guides, prerequisites, and operational procedures.
Quick Start
For those eager to get started:
- Architecture Overview - Understand the system
- Prerequisites - Prepare your environment
- Gateway Stack - Deploy the first stack
- Installation Guide - Complete deployment
Standards & Compliance
This infrastructure is designed to comply with:
- ISO 27001: Information Security Management
- HIPAA: Health Insurance Portability and Accountability Act
- Egyptian Data Protection Law: Law No. 151 of 2020
- EDA Regulations: Egyptian Drug Authority guidelines
- HL7 FHIR R4: Healthcare data exchange standard
Next Steps
Ready to begin? Start with:
- Architecture Principles - Core design concepts
- High-Level Architecture - System overview
- Gateway Stack - First deployment step