A complete microservice API built with FastAPI, providing full REST support for user and widget resources. It features JWT authentication, role-based access control, Redis caching, and MongoDB as the data store. Monitoring is handled via Prometheus and Grafana. The system is containerized with Docker and deployed using Kubernetes.
- Python 3.13+
- FastAPI โ high-performance async web framework
- MongoDB โ data persistence
- Redis โ in-memory cache store
- Prometheus + Grafana โ monitoring and visualization
- Docker Desktop โ image containerization
- Kubernetes โ container orchestration
- uv โ Python dependency manager
project/
โโโ microservice/
โ โโโ api/ # FastAPI logic
โ โ โโโ .cert/ # Certificate files (SSL)
โ โ โโโ core/ # Configuration, DB, RBAC
โ โ โโโ models/ # MongoDB models
โ โ โโโ schemas/ # Pydantic schemas
โ โ โโโ scripts/ # Grafana dashboard
โ โ โโโ utils/ # Utilities (e.g., sanitizer)
โ โ โโโ Dockerfile # API image definition
โ โ โโโ main.py # App entry point
โ โโโ .k8s/ # Kubernetes manifests
โ โ โโโ mongodb.yml
โ โ โโโ redis.yml
โ โ โโโ secret.yml
โ โ โโโ service.yml
โ โ โโโ deployment.yml
โ โ โโโ prometheus/
โโโ README.md- User registration and login (with password hashing)
- JWT-based authentication
- Role-Based Access Control (RBAC)
- Widget CRUD functionality
- Redis-based caching
- MongoDB database backend
- Prometheus + Grafana monitoring
- Kubernetes-based deployment
git clone git@github.com:Kinetics20/project.git
cd project/microservice/apiuv syncNavigate to the .cert directory and run:
cd microservice/api/.cert
openssl req -x509 --nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pemThese are used for secure authorization.
Go back to the api directory and build the Docker image:
cd ..
docker build -t fast:9 .If you change the image name (
fast:9), update it in.k8s/deployment.ymlundercontainers.image.
Ensure you have kubectl installed:
sudo snap install kubectl --classicApply manifests in the .k8s directory:
cd ../.k8s
kubectl apply -f mongodb.yml
kubectl apply -f redis.yml
kubectl apply -f secret.yml
kubectl apply -f service.yml
kubectl apply -f deployment.ymlkubectl get podsExample output:
NAME READY STATUS RESTARTS AGE
mongodb-0 1/1 Running ... ...
redis-xxxxxxx 1/1 Running ... ...
widget-api-xxxxxxx 1/1 Running ... ...
For monitoring (namespace monitoring):
kubectl get pods -n monitoringOnce the application is running, you can access the interactive documentation at:
http://localhost/docs
To successfully use all CRUD operations on users and widgets, follow these steps:
-
Create an admin user
- Go to the
userssection โPOST /users/ - Provide user details and set the
statusfield toadmin - Example payload:
{ "username": "adminuser", "password": "yourpassword", "status": "admin" }
- Go to the
-
Authorize the session
- Click the Authorize button in the top right of the Swagger UI
- Enter the JWT token you received after logging in as the admin user
-
Start making authenticated requests
- After successful authorization, you can now:
- Create, read, update, and delete users
- Perform all widget operations (CRUD)
- Access endpoints protected by authentication
- After successful authorization, you can now:
โ ๏ธ Note: If the user is not created with"status": "admin", access to certain endpoints will be restricted.
This project includes a full monitoring setup using Prometheus and Grafana, deployed via Helm.
First, install Helm on your system:
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null
sudo apt-get install apt-transport-https --yes
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helmhelm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add grafana https://grafana.github.io/helm-charts
helm repo updatekubectl create namespace monitoringhelm install prometheus prometheus-community/prometheus \
--namespace monitoring \
--set alertmanager.persistentVolume.storageClass=hostpath \
--set server.persistentVolume.storageClass=hostpath \
--values - <<EOF
server:
additionalScrapeConfigs:
- job_name: 'widget-api'
static_configs:
- targets: ['widget-api:80']
EOFThis configures Prometheus to scrape metrics from the widget-api container.
helm install grafana grafana/grafana \
--namespace monitoring \
--set persistence.storageClassName=hostpath \
--set persistence.enabled=true \
--set adminPassword='admin' \
--values - <<EOF
datasources:
datasources.yaml:
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
url: http://prometheus-server.monitoring.svc.cluster.local
access: proxy
isDefault: true
EOFLogin credentials:
- Username:
admin - Password:
admin
Forward ports locally to access both dashboards in your browser:
kubectl port-forward -n monitoring svc/grafana 3000:80Grafana will be available at:
http://localhost:3000
kubectl port-forward -n monitoring svc/prometheus-server 3001:80Prometheus will be available at:
http://localhost:3001
To visualize metrics from the widget-api, import the preconfigured dashboard:
-
Open Grafana โ Dashboards โ Create โ Import
-
Use the file located at:
microservice/api/scripts/grafana-dashboard.json -
You can upload the file or paste the raw JSON into the text editor.
โ The dashboard will show live metrics from Prometheus such as pod health, API performance, and request frequency.
๐ค Piotr Lipiลski ๐ Finished: July 2025 ๐ซ Contributions welcome!