Korthweb provides three approaches to deploy Orthanc on Kubernetes. Orthanc is an open-source application to ingest, store, display and distribute medical images. Korthweb focues on the deployment. It is a sister project of Orthweb, an deployment automation project for Orthanc on AWS.
To deploy Orthanc (stateless app + database) on Kubernetes, and to securely host DICOM and web workloads, we have incorporated the following configurations:
- Ingress (Istio or Traefik) TLS termination on HTTP and TCP ports
- Use Cert Manager to provision self-signed certificate
- Traffic routing with Istio (Gateway, Virtual Serivce)
- Istio Installation (using Helm charts or Istioctl)
- Security with Istio (Peer Authentication/mTLS, Authorization Policy)
- Deploy observability addons (Prometheus, Grafana) for Istio
- Use bitnami Helm chart to deploy PostgreSQL
- Build your own Helm Chart to deploy Orthanc
- GitOps with FluxCD for Continuous Deployment
The Korthweb documentation includes a step-by-step guide for each deployment approach.