A complete microservice API built with FastAPI, providing full REST support for user and widget resources. It features JWT authentication, role-based access control, Redis caching, and MongoDB as the data store. Monitoring is handled via Prometheus and Grafana. The system is containerized with Docker and deployed using Kubernetes.
- Python 3.13+
- FastAPI – high-performance async web framework
- MongoDB – data persistence
- Redis – in-memory cache store
- Prometheus + Grafana – monitoring and visualization
- Docker Desktop – image containerization
- Kubernetes – container orchestration
- uv – Python dependency manager
project/
├── microservice/
│ ├── api/ # FastAPI logic
│ │ ├── .cert/ # Certificate files (SSL)
│ │ ├── core/ # Configuration, DB, RBAC
│ │ ├── models/ # MongoDB models
│ │ ├── schemas/ # Pydantic schemas
│ │ ├── scripts/ # Grafana dashboard
│ │ ├── utils/ # Utilities (e.g., sanitizer)
│ │ ├── Dockerfile # API image definition
│ │ └── main.py # App entry point
│ ├── .k8s/ # Kubernetes manifests
│ │ ├── mongodb.yml
│ │ ├── redis.yml
│ │ ├── secret.yml
│ │ ├── service.yml
│ │ ├── deployment.yml
│ │ └── prometheus/
└── README.md- User registration and login (with password hashing)
- JWT-based authentication
- Role-Based Access Control (RBAC)
- Widget CRUD functionality
- Redis-based caching
- MongoDB database backend
- Prometheus + Grafana monitoring
- Kubernetes-based deployment
git clone git@github.com:Kinetics20/project.git
cd project/microservice/apiuv syncNavigate to the .cert directory and run:
cd microservice/api/.cert
openssl req -x509 --nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pemThese are used for secure authorization.
Go back to the api directory and build the Docker image:
cd ..
docker build -t fast:9 .If you change the image name (
fast:9), update it in.k8s/deployment.ymlundercontainers.image.
Ensure you have kubectl installed:
sudo snap install kubectl --classicApply manifests in the .k8s directory:
cd ../.k8s
kubectl apply -f mongodb.yml
kubectl apply -f redis.yml
kubectl apply -f secret.yml
kubectl apply -f service.yml
kubectl apply -f deployment.ymlkubectl get podsExample output:
NAME READY STATUS RESTARTS AGE
mongodb-0 1/1 Running ... ...
redis-xxxxxxx 1/1 Running ... ...
widget-api-xxxxxxx 1/1 Running ... ...
For monitoring (namespace monitoring):
kubectl get pods -n monitoringOnce the application is running, you can access the interactive documentation at:
http://localhost/docs
To successfully use all CRUD operations on users and widgets, follow these steps:
-
Create an admin user
- Go to the
userssection →POST /users/ - Provide user details and set the
statusfield toadmin - Example payload:
{ "username": "adminuser", "password": "yourpassword", "status": "admin" }
- Go to the
-
Authorize the session
- Click the Authorize button in the top right of the Swagger UI
- Enter the JWT token you received after logging in as the admin user
-
Start making authenticated requests
- After successful authorization, you can now:
- Create, read, update, and delete users
- Perform all widget operations (CRUD)
- Access endpoints protected by authentication
- After successful authorization, you can now:
⚠️ Note: If the user is not created with"status": "admin", access to certain endpoints will be restricted.
This project includes a full monitoring setup using Prometheus and Grafana, deployed via Helm.
First, install Helm on your system:
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null
sudo apt-get install apt-transport-https --yes
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helmhelm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add grafana https://grafana.github.io/helm-charts
helm repo updatekubectl create namespace monitoringhelm install prometheus prometheus-community/prometheus \
--namespace monitoring \
--set alertmanager.persistentVolume.storageClass=hostpath \
--set server.persistentVolume.storageClass=hostpath \
--values - <<EOF
server:
additionalScrapeConfigs:
- job_name: 'widget-api'
static_configs:
- targets: ['widget-api:80']
EOFThis configures Prometheus to scrape metrics from the widget-api container.
helm install grafana grafana/grafana \
--namespace monitoring \
--set persistence.storageClassName=hostpath \
--set persistence.enabled=true \
--set adminPassword='admin' \
--values - <<EOF
datasources:
datasources.yaml:
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
url: http://prometheus-server.monitoring.svc.cluster.local
access: proxy
isDefault: true
EOFLogin credentials:
- Username:
admin - Password:
admin
Forward ports locally to access both dashboards in your browser:
kubectl port-forward -n monitoring svc/grafana 3000:80Grafana will be available at:
http://localhost:3000
kubectl port-forward -n monitoring svc/prometheus-server 3001:80Prometheus will be available at:
http://localhost:3001
To visualize metrics from the widget-api, import the preconfigured dashboard:
-
Open Grafana → Dashboards → Create → Import
-
Use the file located at:
microservice/api/scripts/grafana-dashboard.json -
You can upload the file or paste the raw JSON into the text editor.
✅ The dashboard will show live metrics from Prometheus such as pod health, API performance, and request frequency.
👤 Piotr Lipiński 🗓 Finished: July 2025 📫 Contributions welcome!