Part 4: Middleware & Azure application Insights
Middleware moderates communication between the client and the API, in this case, client can be a web app or a http client (a web browser). In simplified terms, it is a `Translation Layer`. In the context of Fast API, once the API request is made, middleware runs before all the other functions.
For instructions on how to create requests, refer to Part 3 Creating GET, POST, PUT, DELETE requests
In Part1 Getting Started with FastAPI, I mentioned one of the key advantages of choosing Fast API is it’s documentation that offers many possible customizations and additional capabilities to middleware.
In this blog, I would explain how to use CORS middleware and integrating Azure application insights to monitor API telemetry & diagnosis data in FastAPI.
In the above image, showed an example of how middleware plays a role in allowing https but blocks http requests. You may also choose domain/ports that are allowed to access API.
CORS middleware: (Cross-Origin Resource Sharing):
CORS would allow only those requests that are permitted to access resource. Starting with CORS is straightforward as `fastapi` library offers `CORSMiddleware` right out of box.
from fastapi.middleware.cors import CORSMiddleware
Anatomy of CORS middleware:
CORS offers a lot of customization, Below I showed the most used options / parameters.
Symbol Asterix * offers a wild card feature to let middleware allow all incoming requests. You may replace `*` to allow only specific http/https or domains or ports etc.
Code Explanation:
- allow_origins, lists protocols (http, https), domain names and ports permitted
- allow_methods, lists methods (default method is [‘GET’])
- allow_headers, lists HTTP request headers that should be supported (parameters: `Accept`, `Accept-Language`, `Content-Language` and `Content-Type`)
- allow_credentials, Indicates that cookies should be supported for cross-origin requests. (Default = False)
- max_age, Sets a maximum time in seconds for browsers to cache CORS response
- (Default = 600 sec)
Azure Application Insights:
Application Insights provides performance management and monitoring live app capabilities to APIs and Web Apps.
Key capabilities:
- Live stats to detect performance anomalies and telemetry data
- Highlights diagnose issues, that can be used to improve API performance and usability
- Measure user engagement with API
- Integrates into DevSecOps process
How to setup:
You may choose one of the three ways to integrate Application Insights. You may access telemetry in `Azure Monitor` in `Azure Portal`.
- Install a small instrumentation package (SDK) in your app
- Enable app insights using application insights agent
- Add `Instrumentation Key` to your API
My preferred is option 3 since FastAPI works seamlessly with `opencensus` library and `Azure Instrumentation Key`
Code Explanation:
`Opencensus` uses `trace` and `span` to perform application insight operations.
- `Tracer` to export insight to azure monitor using instrumentation key and set the sampler time 1.0 using a `probabilistic sampler`.
- Create one group of span with two child spans to perform HTTP_STATUS_CODE and HTTP_URL operations and send to azure monitor.
Trace can have a tracer and a group of spans
- Tracer helps in exporting application insights to the Instrumentation key
- Span represents a single operation in a `trace`. It can be a HTTP request or a database query.
Conclusion:
There is a lot more we can do with Middleware and Application Insights in Fast API, for simplicity detailed the most used implementation of the two functionalities.
In my upcoming posts, will detail basic and advanced concepts in
Part 1: Getting started with FastAPI
Part 2: Concepts needed to build routes
Part 3: Creating GET, POST, PUT, DELETE requests
Part 5: Pydantic data models
Part 6: Define schemas
Part 7: Connect with SQL server to pull real-time data
Part 8: Secure your FastAPI & adding authentication
Part 9: Deploy using docker & AKS
Part 10: Bringing it all together
Thank you for reading !!