Architecture

Building Scalable Microservices with Python and FastAPI

Md. Abul Bashar

Md. Abul Bashar

April 15, 2024 • 15 min read

Python FastAPI Microservices Docker API Design
Featured Image

Table of Contents

Introduction

In today's fast-paced software development landscape, building scalable and maintainable applications is more important than ever. Microservices architecture has emerged as a powerful approach to building complex systems that can scale independently and be maintained by different teams.

In this article, we'll explore how to build a robust microservices architecture using Python and FastAPI, a modern, fast (high-performance) web framework for building APIs with Python 3.7+ based on standard Python type hints.

What Are Microservices?

Microservices are a software architecture style that structures an application as a collection of loosely coupled services. Each service is:

  • Highly maintainable and testable
  • Loosely coupled with other services
  • Independently deployable
  • Organized around business capabilities
  • Owned by a small team

This approach contrasts with traditional monolithic architectures, where all components of an application are tightly integrated and deployed as a single unit.

Microservices vs Monolith
Microservices Architecture vs Monolithic Architecture

Why FastAPI?

FastAPI offers several advantages that make it an excellent choice for building microservices:

  • Performance: FastAPI is one of the fastest Python frameworks available, on par with NodeJS and Go.
  • Easy to use: It's designed to be easy to use and learn, with intuitive syntax and comprehensive documentation.
  • Type hints: FastAPI leverages Python's type hints for request validation, serialization, and documentation.
  • Automatic documentation: It generates interactive API documentation (Swagger UI and ReDoc) automatically.
  • Standards-based: Built on open standards like OpenAPI and JSON Schema.

Project Setup

Let's start by setting up our project structure. We'll create a simple e-commerce system with the following microservices:

  • User Service: Handles user authentication and profile management
  • Product Service: Manages product catalog and inventory
  • Order Service: Processes orders and payments
  • API Gateway: Routes requests to appropriate services

Here's our project structure:

microservices/
├── api-gateway/
│   ├── Dockerfile
│   ├── requirements.txt
│   └── app/
│       ├── main.py
│       └── routes/
├── user-service/
│   ├── Dockerfile
│   ├── requirements.txt
│   └── app/
│       ├── main.py
│       ├── models.py
│       └── routes/
├── product-service/
│   ├── Dockerfile
│   ├── requirements.txt
│   └── app/
│       ├── main.py
│       ├── models.py
│       └── routes/
├── order-service/
│   ├── Dockerfile
│   ├── requirements.txt
│   └── app/
│       ├── main.py
│       ├── models.py
│       └── routes/
└── docker-compose.yml

Service Architecture

Our microservices will communicate with each other through HTTP/REST APIs. Each service will have its own database and will be responsible for its own data.

Service Architecture
Microservices Architecture Diagram

Implementation

Let's implement a simple version of our User Service to demonstrate how to build a microservice with FastAPI.

First, let's create our requirements.txt file:

fastapi==0.95.0
uvicorn==0.21.1
pydantic==1.10.7
sqlalchemy==2.0.9
python-jose==3.3.0
passlib==1.7.4
python-multipart==0.0.6

Now, let's create our main.py file:

from fastapi import FastAPI, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from sqlalchemy import create_engine, Column, Integer, String, Boolean
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import sessionmaker, Session
from pydantic import BaseModel
from passlib.context import CryptContext
from jose import JWTError, jwt
from datetime import datetime, timedelta
import os

# Database setup
SQLALCHEMY_DATABASE_URL = os.getenv("DATABASE_URL", "sqlite:///./users.db")
engine = create_engine(SQLALCHEMY_DATABASE_URL)
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
Base = declarative_base()

# Security
SECRET_KEY = os.getenv("SECRET_KEY", "your-secret-key")
ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 30

pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

# Models
class User(Base):
    __tablename__ = "users"
    
    id = Column(Integer, primary_key=True, index=True)
    email = Column(String, unique=True, index=True)
    username = Column(String, unique=True, index=True)
    hashed_password = Column(String)
    is_active = Column(Boolean, default=True)

# Create tables
Base.metadata.create_all(bind=engine)

# Schemas
class UserBase(BaseModel):
    email: str
    username: str

class UserCreate(UserBase):
    password: str

class UserResponse(UserBase):
    id: int
    is_active: bool
    
    class Config:
        orm_mode = True

class Token(BaseModel):
    access_token: str
    token_type: str

# Helper functions
def get_db():
    db = SessionLocal()
    try:
        yield db
    finally:
        db.close()

def verify_password(plain_password, hashed_password):
    return pwd_context.verify(plain_password, hashed_password)

def get_password_hash(password):
    return pwd_context.hash(password)

def get_user(db: Session, username: str):
    return db.query(User).filter(User.username == username).first()

def create_user(db: Session, user: UserCreate):
    hashed_password = get_password_hash(user.password)
    db_user = User(email=user.email, username=user.username, hashed_password=hashed_password)
    db.add(db_user)
    db.commit()
    db.refresh(db_user)
    return db_user

def authenticate_user(db: Session, username: str, password: str):
    user = get_user(db, username)
    if not user or not verify_password(password, user.hashed_password):
        return False
    return user

def create_access_token(data: dict, expires_delta: timedelta = None):
    to_encode = data.copy()
    expire = datetime.utcnow() + (expires_delta or timedelta(minutes=15))
    to_encode.update({"exp": expire})
    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
    return encoded_jwt

async def get_current_user(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)):
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
    try:
        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
        username: str = payload.get("sub")
        if username is None:
            raise credentials_exception
    except JWTError:
        raise credentials_exception
    user = get_user(db, username=username)
    if user is None:
        raise credentials_exception
    return user

# FastAPI app
app = FastAPI(title="User Service", description="User management microservice")

@app.post("/token", response_model=Token)
async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):
    user = authenticate_user(db, form_data.username, form_data.password)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Incorrect username or password",
            headers={"WWW-Authenticate": "Bearer"},
        )
    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
    access_token = create_access_token(
        data={"sub": user.username}, expires_delta=access_token_expires
    )
    return {"access_token": access_token, "token_type": "bearer"}

@app.post("/users/", response_model=UserResponse)
async def register_user(user: UserCreate, db: Session = Depends(get_db)):
    db_user = get_user(db, username=user.username)
    if db_user:
        raise HTTPException(status_code=400, detail="Username already registered")
    return create_user(db=db, user=user)

@app.get("/users/me/", response_model=UserResponse)
async def read_users_me(current_user: User = Depends(get_current_user)):
    return current_user

if __name__ == "__main__":
    import uvicorn
    uvicorn.run(app, host="0.0.0.0", port=8000)

Deployment with Docker

Let's create a Dockerfile for our User Service:

FROM python:3.9-slim

WORKDIR /app

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

COPY ./app /app

CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"]

And finally, let's create a docker-compose.yml file to orchestrate all our services:

version: '3'

services:
  api-gateway:
    build: ./api-gateway
    ports:
      - "8000:8000"
    environment:
      - USER_SERVICE_URL=http://user-service:8001
      - PRODUCT_SERVICE_URL=http://product-service:8002
      - ORDER_SERVICE_URL=http://order-service:8003
    depends_on:
      - user-service
      - product-service
      - order-service

  user-service:
    build: ./user-service
    ports:
      - "8001:8000"
    environment:
      - DATABASE_URL=postgresql://postgres:postgres@user-db:5432/users
      - SECRET_KEY=your-secret-key
    depends_on:
      - user-db

  product-service:
    build: ./product-service
    ports:
      - "8002:8000"
    environment:
      - DATABASE_URL=postgresql://postgres:postgres@product-db:5432/products
    depends_on:
      - product-db

  order-service:
    build: ./order-service
    ports:
      - "8003:8000"
    environment:
      - DATABASE_URL=postgresql://postgres:postgres@order-db:5432/orders
      - USER_SERVICE_URL=http://user-service:8000
      - PRODUCT_SERVICE_URL=http://product-service:8000
    depends_on:
      - order-db
      - user-service
      - product-service

  user-db:
    image: postgres:13
    environment:
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=postgres
      - POSTGRES_DB=users
    volumes:
      - user-db-data:/var/lib/postgresql/data

  product-db:
    image: postgres:13
    environment:
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=postgres
      - POSTGRES_DB=products
    volumes:
      - product-db-data:/var/lib/postgresql/data

  order-db:
    image: postgres:13
    environment:
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=postgres
      - POSTGRES_DB=orders
    volumes:
      - order-db-data:/var/lib/postgresql/data

volumes:
  user-db-data:
  product-db-data:
  order-db-data:

Conclusion

In this article, we've explored how to build scalable microservices using Python and FastAPI. We've covered:

  • The basics of microservices architecture
  • Why FastAPI is a great choice for building microservices
  • How to implement a user service with authentication
  • How to containerize and orchestrate our services with Docker

This approach allows you to build systems that are scalable, maintainable, and resilient. Each service can be developed, deployed, and scaled independently, making it easier to manage complex applications.

In future articles, we'll explore more advanced topics such as service discovery, API gateways, and event-driven communication between microservices.

Share This Article

Related Articles

Docker Compose Tutorial
Tutorial

Docker Compose for Local Development Environments

Step-by-step guide to setting up a consistent development environment using Docker Compose for Python applications.

Read More
Microservices vs Monolith
Architecture

Microservices vs Monolith: Making the Right Choice

A practical guide to deciding between microservices and monolithic architecture based on project requirements.

Read More
Md. Abul Bashar

About the Author

Md. Abul Bashar is a Senior Software Developer with over 7 years of experience specializing in backend development with Python, Django, and FastAPI. He has extensive experience in building scalable microservices architectures and optimizing application performance.

Subscribe to My Newsletter

Get notified when I publish new articles and tutorials. No spam, just valuable content delivered straight to your inbox.