Deployment
Deployment options and configurations for the FastAPI Boilerplate.
Docker Deployment
Docker Configuration
# Dockerfile
FROM python:3.9-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]
Docker Compose
# docker-compose.yml
version: '3.8'
services:
app:
build: .
ports:
- "8000:8000"
environment:
- DATABASE_URL=postgresql://user:password@db:5432/dbname
depends_on:
- db
db:
image: postgres:13
environment:
- POSTGRES_USER=user
- POSTGRES_PASSWORD=password
- POSTGRES_DB=dbname
volumes:
- postgres_data:/var/lib/postgresql/data
volumes:
postgres_data:
Kubernetes Deployment
Deployment Configuration
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: fastapi-app
spec:
replicas: 3
selector:
matchLabels:
app: fastapi
template:
metadata:
labels:
app: fastapi
spec:
containers:
- name: fastapi
image: your-registry/fastapi-app:latest
ports:
- containerPort: 8000
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: db-credentials
key: database-url
Service Configuration
# service.yaml
apiVersion: v1
kind: Service
metadata:
name: fastapi-service
spec:
selector:
app: fastapi
ports:
- protocol: TCP
port: 80
targetPort: 8000
type: LoadBalancer
Serverless Deployment
AWS Lambda Configuration
# serverless.yml
service: fastapi-app
provider:
name: aws
runtime: python3.9
region: us-east-1
functions:
app:
handler: handler.handler
events:
- http:
path: /{proxy+}
method: any
plugins:
- serverless-wsgi
- serverless-python-requirements
custom:
wsgi:
app: app.main:app
pythonRequirements:
dockerizePip: true
Environment Configuration
Environment Variables
# .env.production
APP_ENV=production
DEBUG=false
SECRET_KEY=your-secret-key
DATABASE_URL=postgresql://user:password@host:5432/dbname
REDIS_URL=redis://redis:6379/0
CORS_ORIGINS=https://your-domain.com
JWT_SECRET_KEY=your-jwt-secret
JWT_ALGORITHM=HS256
JWT_ACCESS_TOKEN_EXPIRE_MINUTES=30
Monitoring and Logging
Prometheus Configuration
Note: Prometheus metrics are optional. Ensure
ENABLE_METRICS=truein your.envfile and themetricsoptional dependency group is installed.
# prometheus.yml
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'fastapi'
static_configs:
- targets: ['app:8000']
Logging Configuration
# logging.yaml
version: 1
disable_existing_loggers: false
formatters:
standard:
format: '%(asctime)s [%(levelname)s] %(name)s: %(message)s'
handlers:
console:
class: logging.StreamHandler
formatter: standard
stream: ext://sys.stdout
file:
class: logging.handlers.RotatingFileHandler
formatter: standard
filename: /var/log/fastapi/app.log
maxBytes: 10485760
backupCount: 10
root:
level: INFO
handlers: [console, file]
Security Considerations
SSL/TLS Configuration
# nginx.conf
server {
listen 443 ssl;
server_name your-domain.com;
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
location / {
proxy_pass http://app:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Security Headers
# security.py
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from fastapi.middleware.trustedhost import TrustedHostMiddleware
from fastapi.middleware.gzip import GZipMiddleware
app = FastAPI()
# CORS
app.add_middleware(
CORSMiddleware,
allow_origins=["https://your-domain.com"],
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
# Trusted Hosts
app.add_middleware(
TrustedHostMiddleware,
allowed_hosts=["your-domain.com"]
)
# GZip Compression
app.add_middleware(GZipMiddleware, minimum_size=1000)