17.1 AWS Deployment (EC2, ECS, Lambda, Elastic Beanstalk)

📚 What You'll Learn in This Section

• ✅ Deploy any FastAPI project to AWS EC2 (Free Tier eligible)
• ✅ Configure production-ready environment with Nginx + Gunicorn
• ✅ Set up automatic service restart on server reboot
• ✅ Alternative deployment methods (Elastic Beanstalk, Lambda, ECS)

💰 Understanding AWS Free Tier

📋 Prerequisites - What You Need Before Starting

🚀 Step-by-Step Deployment Guide for Any FastAPI Project

1. Go to https://aws.amazon.com
2. Click "Create an AWS Account"
3. Enter your email address and account name
4. Choose "Personal" account type
5. Enter payment information (no charges for free tier usage)
6. Verify your phone number
7. Choose "Basic" support plan (free)
8. Wait for account activation (usually 5-10 minutes)

📌 Step-by-Step Console Instructions:

1. Login to AWS Console (console.aws.amazon.com)
2. Search for "EC2" in top search bar and click
3. Click the orange "Launch Instance" button
4. Fill in these settings:

   🔹 NAME YOUR INSTANCE:
      - Name: "my-fastapi-app" (or any name you prefer)
   
   🔹 CHOOSE OS IMAGE:
      - Click "Ubuntu"
      - Select "Ubuntu 22.04 LTS (HVM)" - Free tier eligible
   
   🔹 CHOOSE INSTANCE TYPE:
      - Select "t2.micro" (free tier eligible)
   
   🔹 KEY PAIR (LOGIN):
      - Click "Create new key pair"
      - Key pair name: "fastapi-key"
      - Key pair type: "RSA"
      - Private key format: ".pem"
      - Click "Create key pair" (file downloads automatically)
      - ⚠️ SAVE THIS FILE SAFELY! You'll need it to connect
   
   🔹 NETWORK SETTINGS (Security Group - Firewall):
      - Click "Edit"
      - Add these rules one by one:
        
        Rule 1 (SSH - to connect to server):
        - Type: SSH
        - Source: My IP (auto-detects your IP)
        - This allows YOU to connect securely
        
        Rule 2 (HTTP - for web access):
        - Click "Add security group rule"
        - Type: HTTP
        - Source: Anywhere-IPv4 (0.0.0.0/0)
        - This allows everyone to visit your website
        
        Rule 3 (Custom for FastAPI testing):
        - Click "Add security group rule"
        - Type: Custom TCP
        - Port: 8000
        - Source: Anywhere-IPv4 (0.0.0.0/0)
        - This allows testing on port 8000
   
   🔹 STORAGE:
      - Keep default: 20 GB gp2 (free tier includes 30 GB)
   
6. Click "Launch Instance" button
7. Wait 1-2 minutes for instance to start
8. Note down the "Public IPv4 address" (e.g., 54.123.45.67)

Option A: Using PowerShell (Recommended)
1. Open PowerShell (Search in Start Menu)
2. Navigate to where you saved your .pem file:
   cd C:\Users\YourName\Downloads
3. Connect using this command:
   ssh -i "fastapi-key.pem" ubuntu@YOUR_SERVER_IP
   (Replace YOUR_SERVER_IP with actual IP from Step 2)

Option B: Using Git Bash
1. Install Git for Windows (git-scm.com)
2. Open Git Bash
3. Navigate to .pem folder:
   cd /c/Users/YourName/Downloads
4. Run:
   ssh -i "fastapi-key.pem" ubuntu@YOUR_SERVER_IP

1. Open Terminal
2. Navigate to .pem file location:
   cd ~/Downloads
3. Fix permissions (required):
   chmod 400 fastapi-key.pem
4. Connect:
   ssh -i "fastapi-key.pem" ubuntu@YOUR_SERVER_IP

✅ Success! You should see: ubuntu@ip-xxx-xxx:~$

# 1. Update system packages (always do this first)
sudo apt update && sudo apt upgrade -y

# 2. Install Python and essential tools
sudo apt install -y python3-pip python3-venv git nginx curl

# 3. Verify installations
python3 --version    # Should show Python 3.10+
pip3 --version       # Should show pip version
git --version        # Should show git version
nginx -v             # Should show nginx version

# 4. Install production server (Gunicorn)
pip3 install gunicorn

# Navigate to your FastAPI project
cd your-fastapi-project

# Initialize Git repository
git init

# Add all files
git add .
git add .gitignore  # If you have one

# Commit the files
git commit -m "Initial FastAPI application commit"

# Add remote repository (replace with your GitHub URL)
git remote add origin https://github.com/YOUR_USERNAME/YOUR_REPO.git

# Push to GitHub
git push -u origin main
# OR if using master branch:
git push -u origin master

# Clone public repository
git clone https://github.com/YOUR_USERNAME/YOUR_REPO.git
cd YOUR_REPO

# For private repository (using token):
git clone https://YOUR_USERNAME:YOUR_GITHUB_TOKEN@github.com/YOUR_USERNAME/YOUR_REPO.git

# For private repository (using SSH):
git clone git@github.com:YOUR_USERNAME/YOUR_REPO.git

# On your local machine:
git add .
git commit -m "Describe your changes"
git push

# On EC2 server:
git pull

# On YOUR LOCAL machine (open a new terminal):

# Upload entire project folder
scp -i "fastapi-key.pem" -r ./your-fastapi-project ubuntu@YOUR_SERVER_IP:~/

# Example:
scp -i "fastapi-key.pem" -r ./my-fastapi-app ubuntu@54.123.45.67:~/

# Upload specific files only
scp -i "fastapi-key.pem" main.py requirements.txt ubuntu@YOUR_SERVER_IP:~/my-fastapi-app/

# Upload with compression (faster for large files)
scp -i "fastapi-key.pem" -C -r ./your-fastapi-project ubuntu@YOUR_SERVER_IP:~/

# On your EC2 server, navigate to the project:
cd ~/your-fastapi-project

# On YOUR LOCAL machine:

# Sync entire project (only uploads changed files)
rsync -avz -e "ssh -i fastapi-key.pem" ./your-fastapi-project/ ubuntu@YOUR_SERVER_IP:~/your-fastapi-project/

# Exclude specific folders (like venv, __pycache__, .git)
rsync -avz --exclude 'venv' --exclude '__pycache__' --exclude '.git' \
    -e "ssh -i fastapi-key.pem" ./your-fastapi-project/ ubuntu@YOUR_SERVER_IP:~/your-fastapi-project/

# Dry run (see what would be transferred without actually doing it)
rsync -avz --dry-run -e "ssh -i fastapi-key.pem" ./your-fastapi-project/ ubuntu@YOUR_SERVER_IP:~/your-fastapi-project/

# Step 1: Upload to S3 from your local machine
aws s3 cp ./your-fastapi-project s3://your-bucket-name/your-fastapi-project --recursive

# Step 2: On EC2 server, download from S3
aws s3 cp s3://your-bucket-name/your-fastapi-project ./your-fastapi-project --recursive

# Step 3: If you don't have AWS CLI on EC2, install it:
sudo apt update
sudo apt install awscli -y
aws configure  # Add your access keys

# Dockerfile
FROM python:3.11-slim

WORKDIR /app

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

COPY . .

CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"]

# On your local machine:
docker build -t yourusername/fastapi-app:latest .
docker push yourusername/fastapi-app:latest

# On EC2 server:
docker pull yourusername/fastapi-app:latest
docker run -d -p 8000:8000 yourusername/fastapi-app:latest

# On YOUR LOCAL machine (where your code is):
cd your-fastapi-project
python3 -m http.server 8001

# On EC2 server (in a new terminal):
wget http://YOUR_LOCAL_IP:8001/main.py
wget http://YOUR_LOCAL_IP:8001/requirements.txt
# Download each file individually

# Note: Your local machine must be accessible from the internet
# (Use ngrok if behind NAT: https://ngrok.com/)

# 1. Create virtual environment (isolates your project dependencies)
cd ~/YOUR_PROJECT_NAME
python3 -m venv venv

# 2. Activate virtual environment
source venv/bin/activate

# Your prompt should now show (venv) at the beginning

# 3. Install your project dependencies
pip install -r requirements.txt

# 4. If you don't have requirements.txt, create it:
pip freeze > requirements.txt

# Or install common FastAPI packages directly:
pip install fastapi uvicorn sqlalchemy python-multipart

# 5. Verify installation
pip list  # Shows all installed packages

# 6. Test your application (temporary)
uvicorn main:app --host 0.0.0.0 --port 8000

# In your browser, visit: http://YOUR_SERVER_IP:8000
# You should see your API response!

# Press Ctrl+C to stop the test

# 1. Create .env file for production settings
nano .env

# 2. Add your configuration (modify as needed):
DATABASE_URL=sqlite:///./production.db
SECRET_KEY=your-super-secret-key-change-this
DEBUG=False
ALLOWED_HOSTS=YOUR_SERVER_IP,yourdomain.com

# 3. Save file: Ctrl+X, then Y, then Enter

# 4. Verify .env file is ignored by git (should be in .gitignore)
echo ".env" >> .gitignore

# 5. Test that your app reads environment variables
python3 -c "import os; from dotenv import load_dotenv; load_dotenv(); print(os.getenv('DEBUG'))"

# 1. Create service file
sudo nano /etc/systemd/system/fastapi-app.service

# 2. Paste this configuration (UPDATE paths to match your project):
[Unit]
Description=My FastAPI Application
After=network.target

[Service]
User=ubuntu
Group=ubuntu
WorkingDirectory=/home/ubuntu/YOUR_PROJECT_NAME
Environment="PATH=/home/ubuntu/YOUR_PROJECT_NAME/venv/bin"
EnvironmentFile=/home/ubuntu/YOUR_PROJECT_NAME/.env
ExecStart=/home/ubuntu/YOUR_PROJECT_NAME/venv/bin/gunicorn -w 4 -k uvicorn.workers.UvicornWorker main:app
Restart=always
RestartSec=3

[Install]
WantedBy=multi-user.target

# 3. Save file: Ctrl+X, then Y, then Enter

# 4. Reload systemd to recognize new service
sudo systemctl daemon-reload

# 5. Enable service to start on boot
sudo systemctl enable fastapi-app

# 6. Start the service now
sudo systemctl start fastapi-app

# 7. Check if it's running
sudo systemctl status fastapi-app

# You should see "active (running)" in green

# 8. View logs if needed
sudo journalctl -u fastapi-app -f

# 1. Create Nginx configuration
sudo nano /etc/nginx/sites-available/fastapi-app

# 2. Paste this configuration:
server {
    listen 80;
    server_name YOUR_SERVER_IP;
    
    client_max_body_size 100M;
    
    location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
    
    location /static {
        alias /home/ubuntu/YOUR_PROJECT_NAME/static;
        expires 30d;
    }
}

# 3. Save file: Ctrl+X, then Y, then Enter

# 4. Enable the site
sudo ln -s /etc/nginx/sites-available/fastapi-app /etc/nginx/sites-enabled/

# 5. Remove default site (optional)
sudo rm /etc/nginx/sites-enabled/default

# 6. Test Nginx configuration
sudo nginx -t

# 7. Restart Nginx
sudo systemctl restart nginx

# 8. Your app is now available at: http://YOUR_SERVER_IP (no :8000 needed!)

# 1. Install Certbot
sudo apt install -y certbot python3-certbot-nginx

# 2. Get SSL certificate (replace with your domain)
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

# 3. Follow the prompts:
#    - Enter your email
#    - Agree to terms
#    - Choose redirect option (recommended)

# 4. Test auto-renewal
sudo certbot renew --dry-run

# 5. Your site is now available at: https://yourdomain.com

🔧 Troubleshooting Common Issues

📝 Quick Reference - Daily Maintenance Commands

🔄 Alternative AWS Deployment Methods

# Dockerfile
FROM python:3.11-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
CMD ["gunicorn", "-w", "4", "-k", "uvicorn.workers.UvicornWorker", "main:app"]

# Install EB CLI
pip install awsebcli

# Initialize and deploy
eb init -p python-3.11
eb create my-fastapi-env
eb deploy

# Install Mangum
pip install mangum

# In main.py
from mangum import Mangum
handler = Mangum(app)

AWS Elastic Beanstalk Deployment (Simplified)

# Even easier than EC2 - AWS manages everything for you

# 1. Install EB CLI
pip install awsebcli

# 2. Initialize your project
cd your-fastapi-project
eb init -p python-3.11 my-fastapi-app --region us-east-1

# 3. Create environment and deploy
eb create my-fastapi-env --scale 1 --instance-type t2.micro

# 4. Open in browser
eb open

# 5. Update your code
git add .
git commit -m "update"
eb deploy

# 6. View logs
eb logs

AWS Lambda Serverless Deployment (Mangum)

# Perfect for APIs with variable traffic

# 1. Install Mangum
pip install mangum

# 2. Modify your main.py
from fastapi import FastAPI
from mangum import Mangum

app = FastAPI()

# Your routes here...

# Lambda handler
handler = Mangum(app)

# 3. Deploy using Serverless Framework
npm install -g serverless

# Create serverless.yml
service: fastapi-lambda

provider:
  name: aws
  runtime: python3.11
  region: us-east-1

functions:
  api:
    handler: main.handler
    events:
      - httpApi: '*'

# Deploy
serverless deploy

17.2 Google Cloud Platform (GCP) Deployment

Google Cloud Run - Best for Containerized FastAPI Apps

Cloud Run is a fully managed serverless platform that automatically scales your containerized applications.

Prerequisites

• Google Cloud account with billing enabled (free tier includes 2 million requests/month)
• Google Cloud SDK installed
• Docker installed locally

Deployment Steps

# Install and initialize Google Cloud SDK
curl https://sdk.cloud.google.com | bash
exec -l $SHELL
gcloud init

# Enable required services
gcloud services enable run.googleapis.com cloudbuild.googleapis.com

# Create Dockerfile
cat > Dockerfile << 'EOF'
FROM python:3.11-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8080"]
EOF

# Build and deploy
PROJECT_ID=$(gcloud config get-value project)
gcloud builds submit --tag gcr.io/$PROJECT_ID/eduhack-lab

# Deploy to Cloud Run
gcloud run deploy eduhack-lab \
    --image gcr.io/$PROJECT_ID/eduhack-lab \
    --platform managed \
    --region us-central1 \
    --allow-unauthenticated \
    --memory 512Mi \
    --cpu 1 \
    --min-instances 0 \
    --max-instances 10

Google Compute Engine (VM) Deployment

Similar to AWS EC2, GCE provides virtual machines with free tier eligibility (e2-micro instance).

# Create VM instance
gcloud compute instances create eduhack-vm \
    --zone=us-central1-a \
    --machine-type=e2-micro \
    --image-family=ubuntu-2204-lts \
    --image-project=ubuntu-os-cloud \
    --tags=http-server,https-server

# Create firewall rules
gcloud compute firewall-rules create allow-http --allow tcp:80 --source-ranges 0.0.0.0/0
gcloud compute firewall-rules create allow-https --allow tcp:443 --source-ranges 0.0.0.0/0

# SSH into VM
gcloud compute ssh eduhack-vm --zone=us-central1-a

# Follow same setup steps as AWS EC2

Cloud SQL (Managed PostgreSQL)

# Create PostgreSQL instance
gcloud sql instances create eduhack-db \
    --database-version=POSTGRES_15 \
    --tier=db-f1-micro \
    --region=us-central1 \
    --storage-size=10GB

# Set password
gcloud sql users set-password postgres --instance=eduhack-db --password=YourPassword123

# Create database
gcloud sql databases create eduhack --instance=eduhack-db

17.3 Microsoft Azure Deployment

Azure App Service - PaaS for FastAPI

Azure App Service provides a fully managed platform for hosting web applications with built-in scaling and load balancing.

Prerequisites

• Azure account with free tier (F1 plan offers 1 hour/day free compute)
• Azure CLI installed

Deployment Steps

# Login to Azure
az login

# Create resource group
az group create --name eduhack-rg --location eastus

# Create App Service plan (Linux)
az appservice plan create \
    --name eduhack-plan \
    --resource-group eduhack-rg \
    --sku F1 \
    --is-linux

# Create web app
az webapp create \
    --resource-group eduhack-rg \
    --plan eduhack-plan \
    --name eduhack-lab-app \
    --runtime "PYTHON:3.11"

# Configure startup command
az webapp config set \
    --resource-group eduhack-rg \
    --name eduhack-lab-app \
    --startup-file "gunicorn -w 2 -k uvicorn.workers.UvicornWorker app.main:app"

# Deploy from GitHub
az webapp deployment source config \
    --name eduhack-lab-app \
    --resource-group eduhack-rg \
    --repo-url https://github.com/yourusername/EduHack-Lab \
    --branch main \
    --manual-integration

# Set environment variables
az webapp config appsettings set \
    --resource-group eduhack-rg \
    --name eduhack-lab-app \
    --settings DATABASE_URL="sqlite:///./test.db" DEBUG="False"

Azure Container Instances

# Deploy container directly
az container create \
    --resource-group eduhack-rg \
    --name eduhack-container \
    --image yourdockerhub/eduhack-lab:latest \
    --dns-name-label eduhack-lab \
    --ports 8000 \
    --cpu 1 \
    --memory 1.5

17.4 DigitalOcean Deployment (Droplets & App Platform)

DigitalOcean Droplet - Simple VPS Hosting

DigitalOcean offers simple, predictable pricing starting at $4/month for basic droplets.

Quick Deployment with One-Click Apps

# Install doctl CLI
snap install doctl
doctl auth init

# Create droplet
doctl compute droplet create eduhack-droplet \
    --region nyc3 \
    --image ubuntu-22-04-x64 \
    --size s-1vcpu-1gb \
    --ssh-keys 

# SSH into droplet
ssh root@droplet-ip

# Use the same setup script as AWS EC2

DigitalOcean App Platform (PaaS)

# app.yaml
name: eduhack-lab
region: nyc
services:
  - name: api
    github:
      repo: yourusername/EduHack-Lab
      branch: main
    build_command: pip install -r requirements.txt
    run_command: gunicorn -w 2 -k uvicorn.workers.UvicornWorker app.main:app
    http_port: 8000
    instance_count: 1
    instance_size_slug: basic-xxs

# Deploy
doctl apps create --spec app.yaml

17.5 Heroku Deployment (Legacy & Alternatives)

Modern Heroku Alternatives

Railway.app - Best Free Tier Alternative

# Install Railway CLI
npm install -g @railway/cli

# Login and deploy
railway login
railway init
railway up

# Add PostgreSQL database
railway add -p postgresql

Render.com - Excellent Free Tier

# render.yaml
services:
  - type: web
    name: eduhack-lab
    runtime: python
    repo: https://github.com/yourusername/EduHack-Lab
    plan: free
    buildCommand: pip install -r requirements.txt
    startCommand: gunicorn app.main:app -w 2 -k uvicorn.workers.UvicornWorker
    envVars:
      - key: PYTHON_VERSION
        value: 3.11.0

databases:
  - name: eduhack-db
    databaseName: eduhack
    user: eduhack
    plan: free

17.6 Railway.app & Render.com Deployment

Railway.app Complete Setup

# Project structure for Railway
EduHack-Lab/
├── app/
│   └── main.py
├── requirements.txt
├── runtime.txt (python-3.11.0)
└── railway.json

# railway.json
{
  "build": {
    "builder": "NIXPACKS"
  },
  "deploy": {
    "startCommand": "uvicorn app.main:app --host 0.0.0.0 --port 8000",
    "healthcheckPath": "/health"
  }
}

Render.com Complete Setup

# .render/Dockerfile
FROM python:3.11-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
CMD ["gunicorn", "app.main:app", "-w", "2", "-k", "uvicorn.workers.UvicornWorker", "--bind", "0.0.0.0:8000"]

17.7 PythonAnywhere & Shared Hosting

Better Budget Alternatives (Under $5/month)

Hetzner Cloud - Best Performance for Price

# CX11 instance: €4.15/month
# 1 vCPU, 2GB RAM, 20GB SSD

# Quick deploy with Docker
curl -fsSL https://get.docker.com | sh
docker run -d -p 80:8000 yourusername/eduhack-lab:latest

Oracle Cloud Free Tier - Best Free Option

# Always free: 4 ARM cores, 24GB RAM, 200GB storage
# Create VM.Standard.A1.Fire instance
# Follow standard Ubuntu setup

Vultr Cloud Compute - Cheapest Option

# $2.50/month for IPv6-only
# $5/month for IPv4
# Use same setup as AWS EC2

17.8 VPS Deployment (Linode, Vultr, UpCloud)

Universal VPS Setup Script

#!/bin/bash
# deploy.sh - Run on fresh Ubuntu 22.04 VPS

set -e

echo "🚀 Starting EduHack-Lab deployment..."

# Update system
sudo apt update && sudo apt upgrade -y

# Install dependencies
sudo apt install -y python3-pip python3-venv nginx git

# Clone application
git clone https://github.com/yourusername/EduHack-Lab.git /var/www/eduhack
cd /var/www/eduhack

# Setup Python environment
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt

# Create .env file
cat > .env << EOF
DATABASE_URL=sqlite:///./test.db
SECRET_KEY=$(openssl rand -hex 32)
DEBUG=False
EOF

# Setup systemd service
sudo tee /etc/systemd/system/eduhack.service << 'EOF'
[Unit]
Description=EduHack-Lab FastAPI App
After=network.target

[Service]
User=www-data
Group=www-data
WorkingDirectory=/var/www/eduhack
Environment="PATH=/var/www/eduhack/venv/bin"
ExecStart=/var/www/eduhack/venv/bin/uvicorn app.main:app --host 127.0.0.1 --port 8000
Restart=always

[Install]
WantedBy=multi-user.target
EOF

# Setup Nginx
sudo tee /etc/nginx/sites-available/eduhack << 'EOF'
server {
    listen 80;
    server_name _;
    
    location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
EOF

# Enable services
sudo systemctl daemon-reload
sudo systemctl enable eduhack
sudo systemctl start eduhack
sudo ln -s /etc/nginx/sites-available/eduhack /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl restart nginx

echo "✅ Deployment complete!"
echo "🌐 Visit: http://$(curl -s ifconfig.me)"

Linode Specific Setup

# Using Linode CLI
linode-cli linodes create \
    --label eduhack-lab \
    --region us-east \
    --type g6-nanode-1 \
    --image linode/ubuntu22.04 \
    --root_pass YourPassword123

17.9 Serverless Deployment (AWS Lambda + Mangum)

Complete Serverless Setup for FastAPI

Installation and Configuration

# Install required packages
pip install mangum

# Modify app/main.py
from fastapi import FastAPI
from mangum import Mangum

app = FastAPI(title="EduHack-Lab API")

@app.get("/")
async def root():
    return {"message": "Hello from Serverless FastAPI!"}

# Lambda handler
handler = Mangum(app)

Serverless Framework Configuration

# serverless.yml
service: eduhack-lab-serverless

provider:
  name: aws
  runtime: python3.11
  region: us-east-1
  memorySize: 512
  timeout: 30
  environment:
    DATABASE_URL: ${env:DATABASE_URL}

functions:
  api:
    handler: app.main.handler
    events:
      - httpApi:
          method: ANY
          path: /{proxy+}

plugins:
  - serverless-python-requirements

custom:
  pythonRequirements:
    dockerizePip: true
    layer: true

# Deploy
npm install -g serverless
serverless plugin install -n serverless-python-requirements
serverless deploy --stage production

Limitations and Considerations

• ❌ Cold starts (5-10 seconds for Python)
• ❌ 15-minute maximum execution time
• ❌ 250MB deployment package limit
• ❌ Limited WebSocket support
• ✅ Pay-per-request (can be cheaper for low traffic)
• ✅ Automatic scaling to zero

17.10 Kubernetes Deployment (EKS, GKE, AKS)

Complete Kubernetes Configuration

Deployment YAML

# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: eduhack-lab
spec:
  replicas: 3
  selector:
    matchLabels:
      app: eduhack
  template:
    metadata:
      labels:
        app: eduhack
    spec:
      containers:
      - name: fastapi
        image: yourregistry/eduhack-lab:latest
        ports:
        - containerPort: 8000
        env:
        - name: DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: db-secret
              key: DATABASE_URL
        resources:
          requests:
            memory: "256Mi"
            cpu: "250m"
          limits:
            memory: "512Mi"
            cpu: "500m"
        livenessProbe:
          httpGet:
            path: /health
            port: 8000
          initialDelaySeconds: 30
        readinessProbe:
          httpGet:
            path: /ready
            port: 8000
          initialDelaySeconds: 5

---
apiVersion: v1
kind: Service
metadata:
  name: eduhack-service
spec:
  selector:
    app: eduhack
  ports:
  - port: 80
    targetPort: 8000
  type: LoadBalancer

---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: eduhack-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: eduhack-lab
  minReplicas: 2
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 70

Deploy Commands

# Apply configurations
kubectl apply -f deployment.yaml

# Check status
kubectl get pods
kubectl get services

# Get external IP
kubectl get service eduhack-service --watch

17.11 Platform Comparison & Cost Analysis

Cloud Platform Comparison Table

Cost Optimization Strategies

• ✅ Use ARM instances (AWS Graviton, Hetzner ARM) - 20% cheaper
• ✅ Right-size instances based on actual usage
• ✅ Use spot/preemptible instances for non-critical workloads
• ✅ Implement auto-scaling to reduce idle resources
• ✅ Consider serverless for variable traffic patterns
• ✅ Use CDN (CloudFront, Cloudflare) to reduce origin traffic

17.12 CI/CD Pipeline Setup for Each Platform

GitHub Actions for AWS EC2

# .github/workflows/deploy-aws.yml
name: Deploy to AWS EC2

on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      
      - name: Deploy to EC2
        uses: appleboy/ssh-action@v0.1.5
        with:
          host: ${{ secrets.EC2_HOST }}
          username: ubuntu
          key: ${{ secrets.EC2_SSH_KEY }}
          script: |
            cd /var/www/EduHack-Lab
            git pull origin main
            source venv/bin/activate
            pip install -r requirements.txt
            sudo systemctl restart eduhack

GitLab CI/CD for Any Platform

# .gitlab-ci.yml
stages:
  - test
  - build
  - deploy

variables:
  DOCKER_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHORT_SHA

test:
  stage: test
  script:
    - pip install pytest
    - pytest tests/

build:
  stage: build
  script:
    - docker build -t $DOCKER_IMAGE .
    - docker push $DOCKER_IMAGE

deploy:
  stage: deploy
  script:
    - ssh user@server "docker pull $DOCKER_IMAGE && docker-compose up -d"
  only:
    - main

17.13 Environment Variables & Secrets Management

Best Practices for Managing Secrets

Using AWS Secrets Manager

# Store secret
aws secretsmanager create-secret \
    --name eduhack-secrets \
    --secret-string '{"DATABASE_URL":"postgresql://...","SECRET_KEY":"..."}'

# Retrieve in code
import boto3
session = boto3.session.Session()
client = session.client('secretsmanager')
response = client.get_secret_value(SecretId='eduhack-secrets')

Using .env Files (Development Only)

# .env.example (commit to git)
DATABASE_URL=postgresql://user:password@localhost/db
SECRET_KEY=your-secret-key-here
DEBUG=True

# .env (never commit - add to .gitignore)
DATABASE_URL=postgresql://prod_user:prod_pass@prod-db/prod_db
SECRET_KEY=actual-production-secret-key
DEBUG=False

Using GitHub Secrets

# Store secrets in GitHub
# Settings → Secrets and variables → Actions

# Use in workflows
- name: Deploy
  env:
    DATABASE_URL: ${{ secrets.DATABASE_URL }}
    SECRET_KEY: ${{ secrets.SECRET_KEY }}
  run: python deploy.py

17.14 Database Hosting Options (RDS, Cloud SQL, Cosmos DB)

Managed Database Services Comparison

Connecting to Managed Databases

# AWS RDS Connection
DATABASE_URL=postgresql://username:password@database-1.xxxxxx.us-east-1.rds.amazonaws.com:5432/eduhack

# GCP Cloud SQL Connection
DATABASE_URL=postgresql://username:password@/eduhack?host=/cloudsql/INSTANCE_CONNECTION_NAME

# Azure Cosmos DB (PostgreSQL)
DATABASE_URL=postgresql://username:password@server.postgres.database.azure.com:5432/eduhack

17.15 Domain & SSL Configuration

Setting Up Custom Domain

DNS Configuration Examples

# A Record (for IP-based hosting)
Type: A
Name: @ or api
Value: 123.123.123.123 (your server IP)
TTL: 3600

# CNAME Record (for platform hosting)
Type: CNAME
Name: api
Value: your-app.railway.app or your-service.onrender.com
TTL: 3600

SSL with Let's Encrypt (Certbot)

# Install Certbot
sudo apt install certbot python3-certbot-nginx -y

# Get SSL certificate
sudo certbot --nginx -d api.yourdomain.com -d www.api.yourdomain.com

# Auto-renewal
sudo certbot renew --dry-run

# Manual renewal
sudo certbot renew

SSL for Cloud Platforms

# AWS (via Load Balancer or CloudFront)
# GCP (Managed SSL via Cloud Run)
gcloud run services update eduhack-lab --ingress=all

# Azure (Automatic SSL with App Service)
az webapp config ssl bind --certificate-thumbprint 

# DigitalOcean (App Platform auto SSL)
# Automatic with custom domain

17.16 Monitoring & Logging on Cloud Platforms

Setting Up Application Monitoring

AWS CloudWatch Setup

# Install CloudWatch agent
sudo wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
sudo dpkg -i -E ./amazon-cloudwatch-agent.deb

# Configure CloudWatch agent
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard

# Start CloudWatch agent
sudo systemctl start amazon-cloudwatch-agent

Structured Logging in FastAPI

# app/core/logging.py
import logging
import json
from datetime import datetime

class JSONFormatter(logging.Formatter):
    def format(self, record):
        log_entry = {
            "timestamp": datetime.utcnow().isoformat(),
            "level": record.levelname,
            "message": record.getMessage(),
            "module": record.module,
            "function": record.funcName
        }
        return json.dumps(log_entry)

# Configure logger
logger = logging.getLogger(__name__)
handler = logging.StreamHandler()
handler.setFormatter(JSONFormatter())
logger.addHandler(handler)

Prometheus Metrics for FastAPI

# Install prometheus-fastapi-instrumentator
pip install prometheus-fastapi-instrumentator

# app/main.py
from prometheus_fastapi_instrumentator import Instrumentator

app = FastAPI()
Instrumentator().instrument(app).expose(app)

# Access metrics at: http://your-app/metrics

17.17 Auto-scaling & Load Balancing

Implementing Auto-scaling

AWS Auto Scaling Group

# Create launch template
aws ec2 create-launch-template \
    --launch-template-name eduhack-template \
    --image-id ami-0c55b159cbfafe1f0 \
    --instance-type t3.micro

# Create auto scaling group
aws autoscaling create-auto-scaling-group \
    --auto-scaling-group-name eduhack-asg \
    --launch-template LaunchTemplateName=eduhack-template \
    --min-size 2 \
    --max-size 5 \
    --desired-capacity 2 \
    --vpc-zone-identifier "subnet-xxx,subnet-yyy"

# Create scaling policy
aws autoscaling put-scaling-policy \
    --auto-scaling-group-name eduhack-asg \
    --policy-name cpu-scale-out \
    --policy-type TargetTrackingScaling \
    --target-tracking-configuration file://config.json

Load Balancer Configuration

# AWS Application Load Balancer
# 1. Create target group
# 2. Register EC2 instances
# 3. Create listener on port 80/443
# 4. Forward to target group

# Nginx as Load Balancer
upstream eduhack_backend {
    least_conn;
    server 10.0.1.1:8000;
    server 10.0.1.2:8000;
    server 10.0.1.3:8000;
}

server {
    listen 80;
    location / {
        proxy_pass http://eduhack_backend;
        proxy_set_header Host $host;
    }
}

17.18 Cost Optimization Strategies

Reduce Cloud Costs Without Sacrificing Performance

Compute Optimization

• Use Spot/Preemptible Instances: Save 60-90% on non-critical workloads
• Right-size Instances: Monitor CPU/memory usage and scale down
• Use ARM Architecture: AWS Graviton, Hetzner ARM (20-30% cheaper)
• Auto-scaling to Zero: Use serverless for development/staging environments

Storage Optimization

• Use S3 Glacier for backups and logs
• Delete unattached EBS volumes
• Use EBS gp3 instead of gp2 (lower cost per GB)
• Implement data lifecycle policies

Database Optimization

• Use reserved instances for production databases
• Implement read replicas only when needed
• Use SQLite for development, managed DB for production
• Clean up old database snapshots

Network Optimization

• Use CloudFlare free tier as CDN
• Implement caching to reduce origin traffic
• Use internal load balancers instead of public
• Monitor data transfer costs between regions

Free Tier Strategies for Learning

# Best free tier combination for learning:
1. AWS Free Tier: 750 hrs EC2 + RDS (12 months)
2. Google Cloud: 2 million requests on Cloud Run
3. Railway.app: $5 credit (good for testing)
4. Render.com: 750 hrs free web service
5. GitHub Actions: 2000 mins/month for CI/CD
6. CloudFlare: Free CDN + SSL + DDoS protection

# Multi-cloud strategy for maximum free tier:
- Frontend: Vercel/Netlify (free)
- Backend: Render.com (free tier)
- Database: Supabase (free PostgreSQL)
- Storage: CloudFlare R2 (10GB free)
- CI/CD: GitHub Actions (free)

Topic 1: FastAPI Fundamentals (10 Questions)

Q1. What is FastAPI and what makes it unique?

Answer: FastAPI is a modern, high-performance web framework for building APIs with Python 3.7+.

• High Performance: On par with Node.js and Go
• Fast to Code: Increase development speed by 200-300%
• Fewer Bugs: Reduce human-induced errors by about 40%
• Intuitive: Great editor support with autocomplete
• Standards-based: Based on OpenAPI and JSON Schema

Q2. Who created FastAPI and when?

Answer: Sebastián Ramírez created FastAPI in 2018. He was inspired by Flask, Django, and previous work on API frameworks.

Q3. What are the main features of FastAPI?

• Automatic interactive API documentation (Swagger UI and ReDoc)
• Data validation using Pydantic
• Dependency injection system
• Security and authentication built-in
• WebSocket support
• Background tasks
• GraphQL support via additional libraries

Q4. What companies use FastAPI in production?

Answer: Microsoft (Azure services), Uber, Netflix, Discord, and thousands of startups use FastAPI for high-performance microservices.

Q5. What are the disadvantages of FastAPI?

• Relatively new (less community resources than Django/Flask)
• Async can be complex for beginners
• Smaller ecosystem of third-party packages
• May be overkill for simple APIs

Q6. How does FastAPI compare to Flask?

Q7. How does FastAPI compare to Django?

• Django: Full-featured framework (ORM, admin, templates, auth) - better for monolithic applications
• FastAPI: Microframework focused on APIs - better for microservices and high-performance APIs

Q8. What Python versions support FastAPI?

Answer: FastAPI requires Python 3.7+ and works with Python 3.8, 3.9, 3.10, 3.11, and 3.12.

Q9. What are the core libraries FastAPI is built on?

• Starlette: For web routing and ASGI functionality
• Pydantic: For data validation and serialization
• Uvicorn: For ASGI server (production)

Q10. How do you install FastAPI?

pip install fastapi
pip install "uvicorn[standard]"  # ASGI server

# Or with all dependencies
pip install fastapi[all]

Topic 2: ASGI vs WSGI & Performance (8 Questions)

Q1. What is WSGI and what are its limitations?

Answer: WSGI (Web Server Gateway Interface) is a specification for synchronous Python web applications.

• Limitations: Cannot handle WebSockets, long-polling, or HTTP/2
• Concurrency: One request per worker at a time
• Examples: Flask, Django (traditional), Pyramid

Q2. What is ASGI and how is it different from WSGI?

Answer: ASGI (Asynchronous Server Gateway Interface) is the spiritual successor to WSGI supporting async operations.

• Supports: HTTP/1.1, HTTP/2, WebSockets, gRPC
• Concurrency: Multiple requests per worker using async/await
• Examples: FastAPI, Starlette, Django (ASGI mode)

Q3. Why does FastAPI use ASGI instead of WSGI?

• Better performance with async I/O operations
• WebSocket support for real-time features
• HTTP/2 support for improved efficiency
• Can handle thousands of concurrent connections

Q4. How does FastAPI achieve 70,000+ requests per second?

• Starlette (high-performance ASGI framework)
• Pydantic (Rust-based validation)
• Uvicorn with uvloop (asyncio event loop)
• Minimal overhead in request processing

Q5. What is Uvicorn and why is it recommended for FastAPI?

Answer: Uvicorn is a lightning-fast ASGI server implementation using uvloop and httptools.

# Run with Uvicorn
uvicorn main:app --host 0.0.0.0 --port 8000 --workers 4

Q6. What is the difference between Uvicorn, Hypercorn, and Daphne?

Q7. How do you run FastAPI in production with Gunicorn?

# Install
pip install gunicorn uvicorn

# Run with Uvicorn workers
gunicorn main:app -w 4 -k uvicorn.workers.UvicornWorker

# With custom options
gunicorn main:app --workers 4 --worker-class uvicorn.workers.UvicornWorker --bind 0.0.0.0:8000

Q8. What is the request lifecycle in FastAPI?

1. Client sends HTTP request
2. ASGI server (Uvicorn) receives request
3. Middleware stack processes request
4. Route matching and parameter extraction
5. Dependency injection resolution
6. Path operation function execution
7. Response validation and serialization
8. Middleware processes response (reverse order)
9. Response sent back to client

Topic 3: Dependency Injection & Pydantic (12 Questions)

Q1. What is Dependency Injection in FastAPI?

Answer: A design pattern where objects receive their dependencies from an external source rather than creating them internally.

from fastapi import Depends

def get_db():
    db = Database()
    try:
        yield db
    finally:
        db.close()

@app.get("/users")
def get_users(db = Depends(get_db)):
    return db.query()

Q2. What are the benefits of Dependency Injection?

• Decoupling: Classes don't need to create dependencies
• Testability: Easy to mock dependencies in tests
• Reusability: Same dependency across multiple endpoints
• Automatic documentation: Dependencies appear in OpenAPI docs

Q3. How do you create nested dependencies?

async def get_current_user(token: str = Depends(oauth2_scheme)):
    return verify_token(token)

async def get_current_active_user(
    current_user = Depends(get_current_user)
):
    if not current_user.is_active:
        raise HTTPException(status_code=400)
    return current_user

@app.get("/users/me")
async def get_me(user = Depends(get_current_active_user)):
    return user

Q4. What is the difference between Depends() and using regular parameters?

Answer: Depends() tells FastAPI to use the dependency injection system, allowing for caching, sub-dependencies, and better testability.

Q5. Can you use classes as dependencies?

class CommonParams:
    def __init__(self, q: str = None, skip: int = 0, limit: int = 100):
        self.q = q
        self.skip = skip
        self.limit = limit

@app.get("/items")
def get_items(params: CommonParams = Depends()):
    return {"q": params.q, "skip": params.skip}

Q6. What are Pydantic models?

Answer: Pydantic uses Python type hints for data validation and settings management.

from pydantic import BaseModel, Field

class User(BaseModel):
    name: str = Field(..., min_length=2, max_length=50)
    email: str
    age: int = Field(ge=0, le=150)

Q7. How do you create custom validators in Pydantic?

from pydantic import BaseModel, validator

class User(BaseModel):
    name: str
    email: str
    
    @validator('email')
    def validate_email(cls, v):
        if '@' not in v:
            raise ValueError('Invalid email')
        return v

Q8. What is the difference between Optional and default values?

from typing import Optional

class Item(BaseModel):
    name: str                    # Required
    description: str = None      # Optional with default None
    price: Optional[float] = None # Optional with default None
    tax: float = 0.0             # Optional with default 0.0

Q9. What is ORM mode in Pydantic?

Answer: ORM mode allows Pydantic to read data from ORM objects (like SQLAlchemy models).

class UserSchema(BaseModel):
    id: int
    name: str
    
    class Config:
        from_attributes = True  # orm_mode in older versions

Q10. How do you handle nested Pydantic models?

class Address(BaseModel):
    street: str
    city: str

class User(BaseModel):
    name: str
    address: Address  # Nested model

class UserList(BaseModel):
    users: List[User]  # List of models

Q11. What is Pydantic Settings?

from pydantic_settings import BaseSettings

class Settings(BaseSettings):
    app_name: str = "My API"
    database_url: str
    secret_key: str
    
    class Config:
        env_file = ".env"

settings = Settings()

Q12. How does FastAPI use Pydantic for request/response validation?

• Request body automatically validated against Pydantic model
• Response automatically validated against response_model
• Automatic 422 error responses for invalid data
• OpenAPI schema generated from Pydantic models

Topic 4: Authentication & Security (10 Questions)

Q1. What authentication methods does FastAPI support?

• OAuth2 with Password Flow (JWT tokens)
• HTTP Basic Authentication
• API Keys (header, query, or cookie)
• Custom authentication schemes
• OAuth2 with external providers (Google, GitHub)

Q2. How do you implement JWT authentication in FastAPI?

from jose import JWTError, jwt
from passlib.context import CryptContext

SECRET_KEY = "your-secret-key"
ALGORITHM = "HS256"
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

def create_access_token(data: dict):
    return jwt.encode(data, SECRET_KEY, algorithm=ALGORITHM)

def verify_password(plain_password, hashed_password):
    return pwd_context.verify(plain_password, hashed_password)

Q3. What is OAuth2PasswordBearer and how does it work?

from fastapi.security import OAuth2PasswordBearer

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

@app.post("/token")
async def login(form_data: OAuth2PasswordRequestForm = Depends()):
    # Validate credentials and return token
    return {"access_token": token, "token_type": "bearer"}

@app.get("/users/me")
async def get_user(token: str = Depends(oauth2_scheme)):
    # Token automatically extracted from Authorization header
    return decode_token(token)

Q4. How do you implement Role-Based Access Control (RBAC)?

def get_current_user(token: str = Depends(oauth2_scheme)):
    user = decode_token(token)
    if not user:
        raise HTTPException(status_code=401)
    return user

def require_role(role: str):
    def role_checker(current_user = Depends(get_current_user)):
        if current_user.role != role:
            raise HTTPException(status_code=403)
        return current_user
    return role_checker

@app.get("/admin")
async def admin_only(user = Depends(require_role("admin"))):
    return {"message": "Admin access granted"}

Q5. How do you hash passwords securely?

from passlib.context import CryptContext

pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

# Hash password
hashed = pwd_context.hash("mypassword")

# Verify password
is_valid = pwd_context.verify("mypassword", hashed)

Q6. How do you implement CORS in FastAPI?

from fastapi.middleware.cors import CORSMiddleware

app.add_middleware(
    CORSMiddleware,
    allow_origins=["https://example.com"],
    allow_credentials=True,
    allow_methods=["*"],
    allow_headers=["*"],
)

Q7. What are common security headers you should set?

• Strict-Transport-Security (HSTS) - Force HTTPS
• X-Frame-Options - Prevent clickjacking
• X-Content-Type-Options - Prevent MIME sniffing
• X-XSS-Protection - Cross-site scripting protection
• Content-Security-Policy - Control resource loading

Q8. How do you implement rate limiting?

from slowapi import Limiter, _rate_limit_exceeded_handler
from slowapi.util import get_remote_address

limiter = Limiter(key_func=get_remote_address)
app.state.limiter = limiter

@app.get("/api")
@limiter.limit("5/minute")
async def api_endpoint(request: Request):
    return {"message": "Rate limited to 5 requests per minute"}

Q9. How do you protect against SQL injection?

• Use ORM (SQLAlchemy) with parameterized queries
• Never concatenate user input directly into SQL strings
• Use Pydantic for input validation
• Escape special characters when necessary

Q10. How do you implement API key authentication?

from fastapi.security import APIKeyHeader

api_key_header = APIKeyHeader(name="X-API-Key")

def verify_api_key(api_key: str = Depends(api_key_header)):
    if api_key not in valid_keys:
        raise HTTPException(status_code=403)
    return api_key

@app.get("/secure-data")
async def get_data(api_key: str = Depends(verify_api_key)):
    return {"data": "sensitive information"}

Topic 5: Async/Await & Concurrency (8 Questions)

Q1. What is the difference between synchronous and asynchronous code?

• Synchronous: Code executes sequentially, blocking until each operation completes
• Asynchronous: Code can run concurrently, non-blocking I/O operations

Q2. When should you use async/await in FastAPI?

• ✅ Use async for: Database calls, API requests, file I/O, network operations
• ❌ Don't use async for: CPU-intensive calculations, image processing, complex algorithms

Q3. How do you call async functions from sync code?

import asyncio

def sync_function():
    # Run async function synchronously
    result = asyncio.run(async_function())
    return result

Q4. How do you run blocking operations in async endpoints?

from fastapi.concurrency import run_in_threadpool

@app.get("/compute")
async def compute():
    # Run CPU-bound function in thread pool
    result = await run_in_threadpool(cpu_intensive_function, data)
    return result

Q5. What is the Global Interpreter Lock (GIL) and how does it affect async?

Answer: The GIL allows only one thread to execute Python bytecode at a time. Async/await helps with I/O concurrency, not CPU parallelism.

Q6. How do you run multiple async tasks concurrently?

async def fetch_data():
    # Run multiple API calls concurrently
    results = await asyncio.gather(
        fetch_user(),
        fetch_orders(),
        fetch_products()
    )
    return results

Q7. What is an event loop in asyncio?

Answer: The event loop manages and distributes the execution of different tasks, allowing for concurrent I/O operations.

Q8. Can you mix async and sync endpoints in FastAPI?

Answer: Yes, FastAPI handles both automatically. Sync endpoints run in a thread pool to avoid blocking the event loop.

@app.get("/async")
async def async_endpoint():
    await asyncio.sleep(1)
    return {"type": "async"}

@app.get("/sync")
def sync_endpoint():
    time.sleep(1)
    return {"type": "sync"}

Topic 6: Database Integration & SQLAlchemy (10 Questions)

Q1. How do you integrate SQLAlchemy with FastAPI?

# database.py
from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker, declarative_base

SQLALCHEMY_DATABASE_URL = "postgresql://user:pass@localhost/db"
engine = create_engine(SQLALCHEMY_DATABASE_URL)
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
Base = declarative_base()

def get_db():
    db = SessionLocal()
    try:
        yield db
    finally:
        db.close()

Q2. How do you handle database sessions properly?

Answer: Use dependency injection to create and close sessions automatically.

@app.get("/users")
def get_users(db: Session = Depends(get_db)):
    return db.query(User).all()
# Session automatically closed after request

Q3. How do you implement async database operations?

from sqlalchemy.ext.asyncio import create_async_engine, AsyncSession

ASYNC_DATABASE_URL = "postgresql+asyncpg://user:pass@localhost/db"
engine = create_async_engine(ASYNC_DATABASE_URL)

async def get_db():
    async with AsyncSession(engine) as session:
        yield session

@app.get("/users")
async def get_users(db: AsyncSession = Depends(get_db)):
    result = await db.execute(select(User))
    return result.scalars().all()

Q4. What is Alembic and how do you use it?

Answer: Alembic is a database migration tool for SQLAlchemy.

# Install
pip install alembic

# Initialize
alembic init alembic

# Create migration
alembic revision --autogenerate -m "create users table"

# Apply migration
alembic upgrade head

Q5. How do you handle the N+1 query problem?

• Use joinedload() or selectinload() for eager loading
• Use subqueryload() for complex relationships
• Denormalize data when appropriate

Q6. What is the difference between lazy and eager loading?

• Lazy Loading: Relationships loaded only when accessed (can cause N+1)
• Eager Loading: Relationships loaded upfront in same query

Q7. How do you implement database transactions?

@app.post("/transfer")
def transfer_money(db: Session = Depends(get_db)):
    try:
        db.add(withdrawal)
        db.add(deposit)
        db.commit()  # Both operations succeed or fail together
    except Exception:
        db.rollback()  # Revert both operations
        raise

Q8. What is connection pooling and how do you configure it?

engine = create_engine(
    DATABASE_URL,
    pool_size=5,        # Number of connections to maintain
    max_overflow=10,    # Extra connections when needed
    pool_timeout=30,    # Time to wait for connection
    pool_recycle=1800   # Recycle connections after 30 minutes
)

Q9. How do you optimize database queries in FastAPI?

• Add indexes on frequently queried columns
• Use selectinload() for collections
• Limit columns with with_entities()
• Use pagination for large result sets
• Implement query caching with Redis

Q10. How do you set up database migrations in production?

# Docker entrypoint script
#!/bin/bash
alembic upgrade head
uvicorn main:app --host 0.0.0.0 --port 8000

# Or as a separate job in CI/CD
alembic upgrade head

Topic 7: Routing, Middleware & WebSockets (10 Questions)

Q1. What are path and query parameters in FastAPI?

# Path parameters (required, part of URL)
@app.get("/users/{user_id}")
def get_user(user_id: int):
    return {"user_id": user_id}

# Query parameters (optional, after ?)
@app.get("/search")
def search(q: str, page: int = 1, limit: int = 10):
    return {"query": q, "page": page}

Q2. How do you use APIRouter for modular routing?

# routers/users.py
router = APIRouter(prefix="/users", tags=["users"])

@router.get("/")
def get_users():
    return [{"name": "John"}]

# main.py
from routers import users
app.include_router(users.router)

Q3. How do you create custom middleware?

from starlette.middleware.base import BaseHTTPMiddleware

class CustomMiddleware(BaseHTTPMiddleware):
    async def dispatch(self, request, call_next):
        # Before request
        start_time = time.time()
        
        response = await call_next(request)
        
        # After request
        response.headers["X-Process-Time"] = str(time.time() - start_time)
        return response

app.add_middleware(CustomMiddleware)

Q4. What is the difference between middleware and dependencies?

• Middleware: Processes all requests globally, can modify request/response
• Dependencies: Can be applied per endpoint, more granular control

Q5. How do you implement WebSocket endpoints?

@app.websocket("/ws/{client_id}")
async def websocket_endpoint(websocket: WebSocket, client_id: int):
    await websocket.accept()
    try:
        while True:
            data = await websocket.receive_text()
            await websocket.send_text(f"Echo: {data}")
    except WebSocketDisconnect:
        print(f"Client {client_id} disconnected")

Q6. How do you handle WebSocket disconnections?

@app.websocket("/ws")
async def ws_endpoint(websocket: WebSocket):
    await websocket.accept()
    try:
        while True:
            data = await websocket.receive_text()
            await manager.broadcast(data)
    except WebSocketDisconnect:
        manager.remove_client(websocket)

Q7. How do you set custom response headers?

from fastapi import Response

@app.get("/custom-header")
def get_data(response: Response):
    response.headers["X-Custom-Header"] = "Custom Value"
    return {"message": "Success"}

Q8. How do you return different response types?

from fastapi.responses import HTMLResponse, JSONResponse, PlainTextResponse

@app.get("/html", response_class=HTMLResponse)
def get_html():
    return "
Hello World
"

@app.get("/json")
def get_json():
    return {"message": "Hello"}  # Auto-converted to JSON

@app.get("/text", response_class=PlainTextResponse)
def get_text():
    return "Hello World"

Q9. How do you handle redirects?

from fastapi.responses import RedirectResponse

@app.get("/old-path")
def redirect():
    return RedirectResponse(url="/new-path", status_code=301)

Q10. How do you customize Swagger UI?

app = FastAPI(
    title="My API",
    description="API documentation",
    version="1.0.0",
    docs_url="/docs",
    redoc_url="/redoc",
    openapi_url="/openapi.json"
)

Topic 8: Testing, Deployment & DevOps (12 Questions)

Q1. How do you test FastAPI applications?

from fastapi.testclient import TestClient
from main import app

client = TestClient(app)

def test_read_main():
    response = client.get("/")
    assert response.status_code == 200
    assert response.json() == {"message": "Hello World"}

Q2. How do you test endpoints that require authentication?

def test_protected_endpoint():
    # First get token
    token_response = client.post("/token", data={
        "username": "testuser",
        "password": "testpass"
    })
    token = token_response.json()["access_token"]
    
    # Use token
    response = client.get(
        "/protected",
        headers={"Authorization": f"Bearer {token}"}
    )
    assert response.status_code == 200

Q3. How do you test database operations?

@pytest.fixture
def db_session():
    engine = create_engine("sqlite:///:memory:")
    TestingSessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
    Base.metadata.create_all(bind=engine)
    db = TestingSessionLocal()
    try:
        yield db
    finally:
        db.close()

def test_create_user(db_session):
    user = User(name="Test")
    db_session.add(user)
    db_session.commit()
    assert user.id is not None

Q4. How do you run FastAPI in production?

# Using Gunicorn + Uvicorn (recommended)
gunicorn main:app -w 4 -k uvicorn.workers.UvicornWorker

# Using Uvicorn directly
uvicorn main:app --host 0.0.0.0 --port 8000 --workers 4

Q5. How do you Dockerize a FastAPI application?

FROM python:3.11-slim
WORKDIR /app
COPY requirements.txt .
RUN pip install -r requirements.txt
COPY . .
CMD ["gunicorn", "-w", "4", "-k", "uvicorn.workers.UvicornWorker", "main:app"]

Q6. How do you set up CI/CD for FastAPI?

# .github/workflows/deploy.yml
name: Deploy
on:
  push:
    branches: [main]
jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Deploy to server
        run: |
          ssh user@server "cd /app && git pull && docker-compose up -d --build"

Q7. How do you configure environment variables?

# .env file
DATABASE_URL=postgresql://localhost/db
SECRET_KEY=your-secret-key

# config.py
from pydantic_settings import BaseSettings

class Settings(BaseSettings):
    database_url: str
    secret_key: str
    
    class Config:
        env_file = ".env"

Q8. How do you set up logging in production?

import logging

logging.basicConfig(
    level=logging.INFO,
    format='%(asctime)s - %(name)s - %(levelname)s - %(message)s',
    handlers=[
        logging.FileHandler('app.log'),
        logging.StreamHandler()
    ]
)

Q9. How do you monitor FastAPI applications?

• Prometheus + Grafana: For metrics and visualization
• ELK Stack: For log aggregation
• Sentry: For error tracking
• New Relic/DataDog: For APM monitoring

Q10. How do you implement health checks?

@app.get("/health")
async def health_check(db: Session = Depends(get_db)):
    # Check database
    db.execute("SELECT 1")
    
    # Check Redis
    redis_client.ping()
    
    return {
        "status": "healthy",
        "timestamp": datetime.now().isoformat()
    }

Q11. How do you scale FastAPI horizontally?

• Run multiple Uvicorn workers on a single server
• Use a load balancer (Nginx, AWS ALB) to distribute traffic
• Deploy multiple instances behind a load balancer
• Use container orchestration (Kubernetes, Docker Swarm)

Q12. What are common performance bottlenecks in FastAPI?

• Synchronous database calls blocking the event loop
• CPU-intensive operations in async endpoints
• N+1 query problems
• Missing database indexes
• Large file uploads without streaming

Topic 9: Advanced Concepts & Best Practices (10 Questions)

Q1. What is OpenAPI and how does FastAPI use it?

Answer: OpenAPI is a specification for describing REST APIs. FastAPI automatically generates OpenAPI schema from your code.

Q2. How do you add custom metadata to OpenAPI?

app = FastAPI(
    title="My API",
    description="Custom description",
    version="2.0.0",
    terms_of_service="http://example.com/terms/",
    contact={
        "name": "API Support",
        "url": "http://example.com/support",
        "email": "support@example.com",
    },
    license_info={
        "name": "MIT",
        "url": "https://opensource.org/licenses/MIT",
    },
)

Q3. How do you implement background tasks?

from fastapi import BackgroundTasks

def send_email(email: str):
    # Time-consuming operation
    time.sleep(10)
    print(f"Email sent to {email}")

@app.post("/notify")
async def notify(email: str, background_tasks: BackgroundTasks):
    background_tasks.add_task(send_email, email)
    return {"message": "Email will be sent in background"}

Q4. How do you handle file uploads?

from fastapi import File, UploadFile

@app.post("/upload")
async def upload_file(file: UploadFile = File(...)):
    contents = await file.read()
    # Process file
    return {"filename": file.filename, "size": len(contents)}

Q5. How do you stream large files?

from fastapi.responses import StreamingResponse

@app.get("/large-file")
def get_large_file():
    def file_generator():
        with open("large-file.zip", "rb") as f:
            yield from f
    return StreamingResponse(file_generator(), media_type="application/zip")

Q6. How do you implement caching in FastAPI?

from fastapi_cache import FastAPICache
from fastapi_cache.decorator import cache

@app.get("/expensive")
@cache(expire=60)  # Cache for 60 seconds
async def expensive_operation():
    # Expensive computation
    return result

Q7. How do you version APIs in FastAPI?

# Option 1: URL versioning
app.include_router(v1_router, prefix="/api/v1")
app.include_router(v2_router, prefix="/api/v2")

# Option 2: Header versioning
@app.get("/users")
def get_users(version: str = Header("1.0")):
    if version == "2.0":
        return new_response
    return old_response

Q8. How do you implement GraphQL with FastAPI?

from strawberry.fastapi import GraphQLRouter
import strawberry

@strawberry.type
class Query:
    @strawberry.field
    def hello(self) -> str:
        return "Hello World"

schema = strawberry.Schema(query=Query)
graphql_app = GraphQLRouter(schema)
app.include_router(graphql_app, prefix="/graphql")

Q9. What are FastAPI events (startup/shutdown)?

@app.on_event("startup")
async def startup_event():
    # Initialize database connections
    await database.connect()
    print("Application starting up")

@app.on_event("shutdown")
async def shutdown_event():
    # Clean up resources
    await database.disconnect()
    print("Application shutting down")

Q10. What are common security best practices in FastAPI?

• Use HTTPS in production
• Implement rate limiting
• Validate all user inputs with Pydantic
• Use environment variables for secrets
• Implement proper authentication and authorization
• Set secure HTTP headers (HSTS, CSP, X-Frame-Options)
• Keep dependencies updated
• Use parameterized queries to prevent SQL injection

Topic 10: Scenario-Based & Problem Solving (10 Questions)

Q1. How would you build a scalable e-commerce API with FastAPI?

• Use APIRouter for modular organization (products, orders, users, carts)
• Implement JWT authentication for users
• Use PostgreSQL with SQLAlchemy for data persistence
• Implement Redis caching for product catalog
• Use Celery for order processing and email notifications
• Implement rate limiting for API endpoints
• Deploy with Docker and Kubernetes for scaling

Q2. How do you debug a slow endpoint in production?

• Add timing middleware to log request duration
• Check database query performance (N+1 problem)
• Profile the endpoint using cProfile or py-spy
• Check if sync code is blocking the event loop
• Review database indexes and query plans
• Check external API call latencies

Q3. How do you handle database migrations without downtime?

• Use Alembic with backward-compatible migrations
• Add columns as nullable first, backfill data, then make non-nullable
• Use blue-green deployment strategy
• Keep old API version until all clients migrate
• Use feature flags to control rollout

Q4. How would you implement real-time notifications?

# Use WebSockets for real-time
@router.websocket("/ws/{user_id}")
async def websocket_endpoint(websocket: WebSocket, user_id: str):
    await manager.connect(user_id, websocket)
    try:
        while True:
            data = await websocket.receive_text()
            await manager.send_personal_message(f"Notification: {data}", user_id)
    except WebSocketDisconnect:
        manager.disconnect(user_id)

# Or use Server-Sent Events (SSE)
from sse_starlette.sse import EventSourceResponse

@app.get("/stream")
async def stream_notifications():
    async def event_generator():
        while True:
            yield {"data": "Notification"}
            await asyncio.sleep(1)
    return EventSourceResponse(event_generator())

Q5. How do you handle third-party API rate limits?

• Implement request queuing with exponential backoff
• Use circuit breaker pattern to stop requests when API is down
• Cache responses when possible
• Implement retry logic with jitter
• Use message queue (RabbitMQ, Redis) for async processing

Q6. How would you implement search functionality?

@app.get("/search")
async def search(
    q: str,
    page: int = 1,
    limit: int = 20,
    sort: str = "relevance",
    filters: dict = None
):
    # Use PostgreSQL full-text search
    # Or integrate Elasticsearch
    # Or use vector search for semantic search
    results = await search_service.search(q, page, limit, sort, filters)
    return {"results": results, "total": len(results)}

Q7. How do you secure a FastAPI microservice?

• Implement JWT or OAuth2 authentication
• Use API gateway for external access
• Implement mutual TLS for service-to-service auth
• Validate all inputs and outputs
• Use environment variables for secrets
• Implement audit logging
• Regular security updates and dependency scanning

Q8. How do you handle large dataset exports?

@app.get("/export")
async def export_data():
    def generate():
        # Stream results to avoid memory issues
        for batch in fetch_in_batches(1000):
            yield json.dumps(batch) + "\n"
    
    return StreamingResponse(
        generate(),
        media_type="application/x-ndjson",
        headers={"Content-Disposition": "attachment; filename=export.ndjson"}
    )

Q9. How do you implement A/B testing in FastAPI?

def ab_test_middleware(request: Request):
    user_id = request.headers.get("X-User-ID")
    variant = "A" if hash(user_id) % 2 == 0 else "B"
    request.state.variant = variant

@app.get("/feature")
async def test_feature(request: Request):
    variant = request.state.variant
    if variant == "A":
        return {"result": variant_a_logic()}
    return {"result": variant_b_logic()}

Q10. How do you troubleshoot memory leaks in FastAPI?

• Use memory profiling tools (memory-profiler, tracemalloc)
• Check for global variables accumulating data
• Review database session management (ensure sessions are closed)
• Check for circular references in dependencies
• Monitor with Prometheus + Grafana
• Use object counting to identify leaking types