Introduction

This document lists the current preferred tech stack recommended by FP Complete for clients and customers.

The choices listed here are based on the engineering experience at FP Complete working with various clients.

Cloud Environment
Deployment Environment (Server-side)
Deployment Environment (Client-side)
DNS Provider
IaC (Infrastructure as Code) tool
Secret Management
Programming Languages
- Server-side
- Client-side
Nix/Docker
Continuous Deployment
Kubernetes YAML Management Tool

Cloud Environment

Usually, clients come with their own preferred cloud environment, so this is something we don't often have a say in. We at FP Complete are primarily an AWS-based shop, but we also have significant experience with Azure.

Alternatives:

AWS
Azure
Google Cloud

Recommendation:

Although we have experience with multiple providers, we slightly prefer AWS over Azure due to its market share and our extensive in-house experience.

Deployment Environment (Server-side)

This section covers our preferred environment for deploying server-side applications.

Alternatives:

Kubernetes
ECS / Fargate (AWS) / Azure Containers (Azure)
VM machine
Serverless (AWS Lambda, Azure Functions etc)

Recommendation:

Amazon ECS

Reasons:

Historically, we used to prefer Kubernetes, but we have recently started using the vendor's native container solution more often because of:

Lower costs
Easier on-going maintenance.

For an architecture based on ECS, read this doc.

Deployment Environment (Client-side)

This refers to the deployment of your frontend application.

Alternatives:

Cloudflare Pages
AWS
Vercel

Recommendation:

Cloudflare

Reasons:

Low cost.
Provides good support for Terraform.

DNS Provider

Alternatives:

Cloudflare
AWS Route 53
GCP Cloud DNS

Recommendation:

Cloudflare

Reasons:

Easier integration with other Cloudflare products like Zero Trust when needed.
Provides easy and affordable DDoS protection. This is particularly relevant for our blockchain projects.

IaC (Infrastructure as Code) tool

Alternatives:

Terraform
Pulumi
AWS CloudFormation
Azure Resource Manager

Recommendation:

Terraform

Reasons:

Its simpler language makes it easier to onboard and train new team members quickly.
Terraform has providers for all major cloud platforms, including less common ones like Oracle.
The community is active and provides a good number of high-quality modules.

We have our eye on Pulumi and will consider it for future projects. We generally avoid vendor-specific solutions like CloudFormation or ARM to prevent vendor lock-in.

Secret Management

Depending on the use case, we recommend various solutions:

CI pipeline integration: amber
Kubernetes manifests: sealed-secrets or external secrets operator if you want to integrate with a cloud provider's secret system.
Storing in the cloud: AWS SecretManager / Azure KeyVault
Sharing secrets with customers: Bitwarden

Alternatives:

Docker
Podman
Nix

Recommendation:

Docker

Reasons:

High market share.
Easier to train and onboard new team members.
Nix has a steep learning curve.

We might also want to use FPCo's pid1 docker image for proper reaping of orphan processes. Another better alternative is running health-check as the PID 1 process.

Continuous Deployment

This section applies when using Kubernetes.

Alternatives:

ArgoCD
Flux
Spinnaker

Recommendation:

ArgoCD

Reasons:

It is relatively simple to set up and has a reasonable web UI.
It supports various tools (Helm, Kustomize, etc.) and allows for the integration of custom tools.
The community is active and has been responsive to bug reports.

Kubernetes YAML Management Tool

This section applies when using Kubernetes.

Alternatives:

Kustomize
Helm
Jsonnet

Recommendation:

Kustomize

Reasons:

We have used Helm in the past, but found that using template directives to inject values can be fragile.
Kustomize is an official tool sponsored by the Kubernetes CLI SIG.
It makes patching Kubernetes resources for different environments straightforward.

FP Complete Internal Engineering Docs