Information for system integrators

Warning

These notes are a work-in-progress. This page provides an overview as guidance only, and not a series of definite instructions. We plan to further expand on this information.

Audience

This page is aimed at people who want to run their own installation of OpenSAFELY as a proof-of-concept trial prior to integrating into the live system.

These people are likely to have one of the following professional roles:

• software developers
• clinical data providers
• system integrators

Assumed knowledge

It is taken that you have some familiarity with OpenSAFELY.

If not, you should first refer to:

• this general overview of OpenSAFELY
• the typical researcher workflow
• the introductory tutorial

Software components

The OpenSAFELY technical architecture diagram shows all of the platform software components and how they interact.

The specific steps required to create a minimal setup are:

1. Deploy a RAP Agent within your secure environment. A minimal configuration simply runs Docker containers and stores any resulting container output on a local disk.

2. Deploy a RAP Controller. This provides a service that creates tasks for the RAP Agent to run, and a Django web application that provides a RAP API that the RAP Agent polls for tasks, and the job server (see below) uses to submit jobs.

   It is possible to use our existing RAP Controller instance; contact us if you would like us to configure this for you.

3. Deploy a job server that uses the RAP API to submit jobs that end users request to be run, and to obtain updates on the output of jobs.

   It is possible to use our existing instance of this server at our jobs site; contact us if you would like us to configure this for you.

4. Create a secure network with our GitHub proxy. This provides access to repositories with research study code to run and Docker images used to run the code.

5. To provide access to your database from within your setup, integrate into our ehrQL ETL tool:

   • via an implementation of a backend interface; this is an example for TPP
   • and, if you are using an as-yet unsupported database, a query engine; this is an example for Trino

6. To enable viewing and releasing job outputs, deploy Airlock within your secure environment.

Deployment

We use Ubuntu in our deployments. Our deployments use deploy scripts that you can refer to.

Support

See our support page for details of how to get more assistance on integration.