Before you build

Application requirements and recommendations for running on MedStack Control.

Application requirements

In order to be able to deploy your applications to environments on MedStack Control, you'll need to ensure your applications:

  • Have been containerized and capable of running in a Docker environment.
  • Have container images stored in a private registry.
  • Are built upon a Linux-based framework.


Not containerized yet?

To get started with containerization and running on Docker, we recommend reviewing Docker's quickstart guide.


Designing modular applications that hinge at the application layer make for the easiest migration to MedStack Control. We recommend you:

  • Build your applications using Docker Compose.

    The MedStack Control interface is a translation of the way Docker Compose builds applications with inputs for services, configs, secrets, and volumes.

  • Design your applications to run in a way that is independent of orchestration technologies.

    MedStack Control leverages Docker's orchestration layer, Docker Swarm, to run your containerized applications at scale. This layer is configured for privacy compliance by design. As such, Docker environment settings are not accessible. As a developer, you'll be able to SSH into containers, communicate over the Docker network, and perform actions within the capabilities of the containers.

The chain of responsibility

It's important to understand the chain of responsibility when running your applications on MedStack Control. MedStack's products and services fit between the cloud provider's services and your application stack. In MedStack Control, the many systems and services that power your application in the cloud are provisioned and maintained with compliance by design. We achieve this by implementing security protocols and reliability measures that ensure the integrity, confidentiality, and availability of your applications and the data they handle.


The MedStack Control chain of responsibility. Last updated August 19, 2020.

Application layer

The application layer covers the responsibilities for the whole application stack and design of custom services and dependencies that run within Docker environments provisioned via MedStack Control. Some of these responsibilities include:

  • Application development
  • Selecting and maintaining code repositories and container image registries
  • Managing a CI/CD process. Additionally, see our Ebook on CI/CD with MedStack Control.
  • Scheduling deployments and planning service periods with application users
  • Troubleshooting Docker services
  • Monitoring resources utilization

MedStack layer

The MedStack layer covers the responsibilities for the compliance of systems and services. Some of these responsibilities include:


  • Managing a security information and event management system (SIEM)
  • Managing an activity log for security information and system events
  • Managing the monitoring system of cloud resources and managed services
  • Establishing a backup and restore system for Docker and for databases
  • Change management of cloud resources and Docker services
  • Enforcing platform access by two-factor authentication (2FA)
  • Implementing role-based access control (RBAC)
  • Automatic renewal of SSL certificates


Virtual machines

Cloud provider layer

The cloud provider layer covers the responsibilities for infrastructure and physical safeguards of data. Some of the cloud provider responsibilities include:

  • Secure disposal of physical resources including hard drives, solid state drives, memory, and CPUs among others
  • Security protocols around access to physical machines
  • IP spoofing and DDOS mitigation on virtual networks

What's next

Learn about our system design or setup your team to get started in MedStack Control.