For Operators

Running OpenELIS Global in production — backups, monitoring, upgrades, high availability, day-to-day operational issues.

Who this is for

You operate one or more OpenELIS Global installations. Your concerns are uptime, data integrity, security, recovery, and keeping users productive. You don't necessarily write code, but you read logs, restart containers, configure backups, plan upgrades, and triage incidents. If you're installing OpenELIS for the first time at a new site, see For Implementers first.

Runbook — your first week with a new install

1. Backup Configuration — set up backups immediately. Test restoration before going live.

2. Troubleshooting — restart containers, log file management, infohighway diagnostics. Read this once cold so you know it exists when something breaks.

3. Setup High Availability Fail Over — if your deployment requires high uptime.

4. Password Migration — needed once if you're operating an instance migrated from a legacy OE 1.x installation.

Upgrades

Upgrade documentation:

• Upgrading OpenELIS 3.x and 2.x — current minor / patch upgrade flow

• Upgrade from 2.x to 2.7 — DB migration including FHIR BLOB → relational conversion

• Update From OpenELIS Global 1.x to 2.x — major-version migration

Always test the upgrade procedure on a non-production environment that mirrors your prod data first. Always take a verified backup before starting.

Consolidated Server operations

If you operate the central Consolidated Server that aggregates from multiple lab sites:

• Deploy Consolidated Server — architecture, firewall, OpenHIM setup

• Adding Facilities to the Consolidated Server

• Adding a Requester to the Consolidated Server

• Database Profile Mass Facility and Test Catalog Updates

Common incident playbook

Container won't start

First step is always: sudo docker restart. If that doesn't help, check container logs (sudo docker logs openelisglobal-webapp). The Troubleshooting page has the longer diagnostic flow.

Disk filling up

OE log files at /var/lib/openelis-global/logs/ and /var/lib/openelis-global/tomcatLogs/. Docker daemon logs at /var/lib/docker/. The Troubleshooting page has the recommended daemon.json log-rotation config.

Login broken

If users can't log in after an upgrade, check Keycloak first (logs, realm import status). The RBAC Troubleshooting Guide has a 15-symptom diagnostic table.

Security & data integrity checklist

• SSL certs valid and renewed before expiry

• Database password rotated periodically and stored in 1Password or equivalent

• Backup tested for restoration (not just "is the file there", actually restore to staging)

• HA failover validated quarterly if HA is required

• Audit log review for unusual access patterns

• Patch cadence for the host OS (Ubuntu)

Where to get help

• OpenMRS Talk — community forum, operators from other deployments often respond

• GitHub Issues — file bugs you suspect are in the product

• 1Password vault — your team's password store for any OE credentials

Stay current

Watch the Releases page for upgrade announcements and security patches.