QEWD Update

1. WorldVistA 36th VistA Community Meeting June 2018 QEWD Update Rob Tweed Director, M/Gateway Developments Ltd Twitter: @rtweed

2. What is QEWD.js? • Middle-tier Multi-purpose Server Platform – Web Server – REST API Server platform – Federation / Integration Platform – JSON Transformation Platform – MicroService Platform – 100% JavaScript / Node.js – Open Source (Apache 2 License) – Includes a High-performance embedded JSON database for User Sessions and data caching

3. What is QEWD.js? • Integrates Server-side JavaScript with Global Storage databases: – YottaDB – Caché / Ensemble – Redis-based emulation • https://github.com/robtweed/ewd-redis-globals • Allows JavaScript to be a primary language for accessing Global Storage databases – ie a modern alternative to the Mumps/M language • Uses NodeM and cache.node to provide the low-level integration with YottaDB and Caché respectively • Adds a JSON database abstraction – "the JavaScript equivalent of ^"

4. Latest Developments • Support for JSON Web Tokens (JWTs) • Allows the creation of MicroService architectures – Instead of a monolithic application, you can break it down into many function-specific, self- contained units • Integration with OpenId Connect for authentication / single sign-on • Dockerised version

5. The QEWD Container • "Shrink-wrapped" as a Docker Container – Will run on Windows, Linux, OS X and even Raspberry Pi – All you need is Docker installed • "Disposable" – Fire it up. If it fails, restart a new one – Nothing to back-up or maintain – Completely self-contained run-time component • "Replicable" – Fire up as many instances as you need, each running as a MicroService, on the same or different servers • "Configurable" – The individual behavior / role of a QEWD Container instance is defined by simple text / JSON / JavaScript files on the host

6. QEWD Containers ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process • Linux – Ubuntu 16.04 • Node.js – Currently version 8.x • QEWD.js • YottaDB – Embedded JSON database • But to you, it's a middle-tier "black box"

7. QEWD Containers ewd-qoper8 queue Expre ss Nod e.js socke t.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Host Server Mapped files Reside on host. Accessible to Container as if they were its own files

8. QEWD Containers ewd-qoper8 queue Expre ss Nod e.js socke t.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Host Server Mapped files Reside on host. Accessible to Container as if they were its own files - Configuration JSON files - JavaScript modules - "Node-less" - You can use these to customize how each QEWD MicroService behaves

9. Example • The Helm Person Held Record (PHR) – Initial implementation in Leeds • Interest growing in other areas of the NHS – Uses the Ripple Foundation's Open Source Ripple Health IT stack • PulseTile (UI) • QEWD.js (Middle-tier) • EtherCIS (Open Source OpenEHR database) • https://ripple.foundation/ • https://ripple.foundation/2017/10/leeds-trail-blazing-way-forward-open-platform-based-person-held-record/

10. The Helm PHR • Relies on all the latest QEWD.js developments

11. The Helm PHR • Relies on all the latest QEWD.js developments • So, looking at Helm is a good way to see these latest developments in action, and understand their significance and purpose

12. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Secret QEWD-Managed JSON Web Token (JWT) REST over HTTPS Internet

13. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Secret QEWD-Managed JSON Web Token (JWT) REST over HTTPS Internet JWTs are created by the QEWD MicroService, but reside on the Browser. Can be used for: - Authentication - Session data JWTs are digitally-signed using a "secret key"

14. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Secret QEWD-Managed JSON Web Token (JWT) REST over HTTPS Internet The browser sends the JWT with Every request it sends to the QEWD Conductor MicroService The MicroService updates the JWT and returns it with its response

15. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Secret QEWD-Managed JSON Web Token (JWT) REST over HTTPS Internet Browser can read/use the contents of the JWT, but cannot modify it without creating a digital signature mismatch MicroService Container includes a Secret key which allows JWT to be: - Created - Validated (signature conforms to content) - Modified

16. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process (a) QEWD User Authentication MicroService Container ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Shared Secret QEWD-Managed JWT REST over HTTPS Internet WebSockets over HTTPS

17. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process (a) QEWD User Authentication MicroService Container ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Shared Secret QEWD-Managed JWT REST over HTTPS Internet WebSockets over HTTPS All MicroService Containers share the same Secret key. So the JWT on each MicroService can be - Validated (signature conforms to content) - Modified

18. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process (a) QEWD User Authentication MicroService Container ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Shared Secret QEWD-Managed JWT REST over HTTPS Internet WebSockets over HTTPS QEWD MicroServices automatically connect themselves via WebSocket connections. These are bi-directional and persistent, and can work over HTTPS/SSL. Avoids costly setup and teardown of SSL Connections for each interaction Automatically re-connect if a MicroService is restarted

19. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Shared Secret ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process (b) QEWD Clinical Data Repository (CDR) Access MicroService Container QEWD-Managed JWT REST over HTTPS Internet WebSockets over HTTPS

20. QEWD MicroService Fabric ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PulseTile QEWD Conductor MicroService Container QEWD-Managed Shared Secret QEWD-Managed JWT ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process (c) QEWD MicroService Container: Integration Engine And/or Local Records REST over HTTPS Internet WebSockets over HTTPS

21. (a) Authentication Micro-Service QEWD Container QEWD-Managed Shared Secret ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process NHS Digital Citizen Id Authentication Service OpenId Connect over REST Internet

22. (a) Authentication Micro-Service QEWD Container QEWD-Managed Shared Secret ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process NHS Digital Citizen Id Authentication Service OpenId Connect over REST Internet Citizen Id id_token Is added as a claim to QEWD JWT Can be separately authenticated against Citizen Id by other services

23. (b) CDR Micro-Service QEWD Server QEWD-Managed Shared Secret ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process JSON Over REST eg UKCloud PHR Data Server (EtherCIS) CDR Data Session Cache QEWD Jumper QEWD Server has privileged access to OpenEHR Servers CDR User access controlled by QEWD JWTs

24. (b) CDR Micro-Service QEWD Server QEWD-Managed Shared Secret ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process JSON Over REST eg UKCloud PHR Data Server (EtherCIS) CDR Data Session Cache OpenEHR Jumper "OpenEHR Jumper" technology automates fetching and updating OpenEHR data

25. (b) CDR Micro-Service QEWD-Managed Shared Secret eg UKCloud PHR Data Server (EtherCIS) ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process PHR Data Session Cache Fire-walled to allow only HTTPS traffic on specified port to/from primary QEWD Server

26. (c) Integration Engine / Local Records Micro-Service QEWD Server QEWD-Managed Shared Secret ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Local Care Record Systems REST over HSCN Ensemble Ensemble access Authentication to be agreed, but can be either: - Privileged access for QEWD Server - Via access token / JWT

27. (c) Integration Engine / Local Records Micro-Service ewd-qoper8 queue Express Node.j s socket.i o Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Local Care Record Systems HSCN Ensemble Fire-walled to allow only HTTPS traffic on specified port to/from primary QEWD Server QEWD Container

28. (d) JSON Database MicroService QEWD Server ewd-qoper8 queue Express Node.js socket.io Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Cache GT.M, YottaDB Redis Node.js Worker Process Embedded JSON Database (YottaDB) Further options possible: Data can be maintained in and served up from the embedded JSON database within the QEWD Container Long-term persistence is either via: - Mapping database files to Docker host - Container writing out data updates to JSON file on host

29. Helm PHR Demo

30. Note • Although each QEWD MicroService Container is using YottaDB as a JSON database, Helm is 100% JavaScript code • No M code anywhere • Allows the power and flexibility of a Global Storage database to be available to JavaScript developers, and in their terms

31. Watch out for… • Faster access to YottaDB – When NodeM uses the new C APIs – Optimisations of the V8 APIs? • QEWD-ready OpenId Connect server – Configuration and authentication data held in YottaDB

32. More information • https://qewdjs.com • Training materials: – http://docs.qewdjs.com/qewd_training.html • Forum: – https://groups.google.com/forum/#!forum/enterprise-web-developer-community • Try out the QEWD Docker Container: – https://github.com/robtweed/qewd-server-rest-examples • Helm MicroServices code: – https://github.com/RippleOSI/Ripple-QEWD-Microservices • Background reading: – https://medium.com/the-node-js-collection/having-your-node-js-cake-and-eating-it-too-799e90d40186 – https://www.slideshare.net/robtweed/lnug-having-your-nodejs-cake-and-eating-it-too – https://www.slideshare.net/robtweed/data-persistence-as-a-language-feature

QEWD Update

QEWD Update

Recommended

More Related Content

What's hot

What's hot(20)

Similar to QEWD Update

Similar to QEWD Update(20)

More from Rob Tweed

More from Rob Tweed(14)

Recently uploaded

Recently uploaded(20)

QEWD Update