Currently, I work primarily with the following technology stack, with the stack ordered from low (closer to hardware) to high (end user interfaces). I've found this stack to be very good and typically recommend it for most use cases. I work more closely with the lower end of the cloud stack and utilize AI tools such as LLMs for rapid delivery of the stack.
The design choices of stack have lead to the following selection criteria:
- general-purpose, platform agnostic (e.g. cross-platform)
- declarative instead of imperative (e.g. YAML vs. CLI commands)
- microservice as opposed to monolith
- offers a good developer experience for rapid development (e.g. low boilerplate code requirements, scaffolding tools, DRY principles)
- reasonably performant, scalable
- future-proof, minimizing technical debt
- lean rather than kitchen-sink
- avoiding vendor lock-in (e.g. open standards, open source libraries)
There are also multiple technologies that I've previously worked with, detailed in their own blog article.
IaaS, PaaS, BaaS
Depending on the project and workload, I most often work with cloud vendors such as AWS, Cloudflare, DigitalOcean, TransIP and Hetzner. The components I typically use are firewalls, compute instances like VPSs, app platforms, serverless lambda functions, block and object storage, load balancers and CI/CD pipelines. EC2 AMIs are generated using Packer.
For serverless deployments I also use Vercel.
I've chosen Supabase as a BaaS provider because it integrates very nicely with the rest of the stack.
OS: Linux
The obvious operating system choice for the cloud - mature, well-supported and with a very high market share in the web environment. I've been actively using Linux since the release of Red Hat 5.0 in 1998. The distributions I favor nowadays are Ubuntu and Debian, both APT-based distributions, with Ubuntu offering enterprise-level support for those that require it, though in the case of containerized workloads, I tend to go towards a distroless approach.
IaC: Pulumi
An infrastructure-as-code (IaC) software tool, which also allows for the use of Python to describe cloud environments. I've chosen Pulumi over HashiCorp's Terraform because the Terraform DSL (called HCL) can be convoluted at times, especially in larger repositories that are heavy on loops, which may also suffer from low code reuse, making it hard to refactor the codebase.
Pulumi is an obvious choice for me as I prefer using general-purpose programming languages, require the advanced logic and abstraction capabilities it offers, and look for a tool that integrates well with software development workflows e.g. using CI/CD pipelines.
IaC: Salt
For managing operating system level deployments I use Salt, which is a YAML and Python-based tool for infrastructure management and automation.
After several mergers and acquisitions, Salt has had some serious code quality issues in mid-2020s, and I may be looking to replace Salt with Ansible or Rudder.
Orchestration: Kubernetes
k8s is a container orchestration system, which solves many problems that relate to scaling of microservices, but on the other hand adds some complexity to the stack. I'm a certified Kubernetes Application Developer (CKAD) and I prefer to use managed k8s offerings from the cloud vendors previously listed, in order to keep the infrastructure maintenance burden low.
I most often use ArgoCD for GitOps-based continuous deployment and nginx for ingress controllers.
For bare-metal deployments, I use PureLB, which is the spiritual successor of MetalLB, but with added features such as support for dual stack IP.
Runtime performance monitoring is handled by metrics-server.
Database: PostgreSQL
A very mature, well-supported and feature-rich RDBMS, with excellent support for Python and with many vendors such as DigitalOcean that offer managed PostgreSQL instances in the cloud.
SMS/WAP: Kannel
For project requiring SMS or WAP connectivity, I've used Kannel. While WAP is mostly obsolete, SMS is still very much used in many parts of the world, even though message volumes are rapidly declining in the mid-2020s due to the increasing availability of mobile data and popularity of messaging apps such as Signal and WhatsApp.
I typically deploy Kannel and its SQLBox module containerized on top of Kubernetes.
SCM: Git
Git is the de facto distributed version control system, with excellent support from vendors such as GitLab and GitHub, allowing for collaboration between small and large software development teams alike as well as automation solutions via CI/CD pipelines.
Backend: Python
Python is an excellent general-purpose programming language that can be run almost anywhere. Allows for the development of web, CLI, IoT applications among other things. While not suitable for applications where speed is the most critical component, it offers a wide variety of libraries e.g. for financial systems.
Python packages
I prefer to use loguru for logging.
For unit testing I use pytest and for linting and code formatting ruff. For rapid scaffolding, cookiecutter.
The PostgreSQL adapters I use are asyncpg and psycopg2, depending on whether async connectivity is needed or not. For projects requiring MySQL or MariaDB connectivity, I've used the PyMySQL adapter for environments where the C library for mysqlclient cannot be installed. For database migrations, I use Atlas.
Where PGP signing or encryption of e-mail is needed, I use envelope.
Templates are Jinja2.
Framework: FastAPI, SQLModel
A popular and mature web framework for developing JSON-based REST APIs using Python. The main reasons for using this are support for asynchronous operations, the performance and a good balance between features and speed of development. Paired with an application server such as uvicorn, makes an excellent choice for containerized workloads e.g. on top of k8s. I tend to pair FastAPI with its sister project SQLModel when a database ORM is required.
For rate limiting I use slowapi.
Frontend: TypeScript
For the frontend side of things, I use primarily vue.js-based frameworks using TypeScript, which brings static typing and type annotations to JavaScript, both features which increase code quality.
Framework: Nuxt, HTML5, TailwindCSS
A very good choice e.g. for static websites and this combination is what I use to deliver JAMStack-based projects. For example this website is based on Nuxt and HTML5 coupled with TailwindCSS, a framework for rapid website frontend development using responsive features.
Framework: Quasar
The Quasar Framework, which is also built on top of vue.js, is excellent for generating cross-platform desktop, Android and iOS apps and PWAs from a single codebase.
Debugging
KCachegrind for runtime profiling.
Monitoring
Sentry for application performance monitoring and error capturing.
Security
JSON Web Tokens (JWT) for implementing OAuth 2.0 authentication flows.
Let's Encrypt for public-facing TLS certificates that don't need extended validation. The OpenPGP standard via GnuPG. Mutual TLS for services that need it, e.g. for k8s ingresses. When feasible, YubiKeys as HSMs instead of TOTP for second-factor authentication.
Methodologies
In addition to technology, we obviously operate in a human-centric field as well. While I am a Certified Scrum Master (CSM), the teams I typically work with are too small for full-blown Scrum or even heavy ITIL processes. Instead, I use almost always Kanban to visualize the work and for more sprint-oriented small teams, Scrumban is a viable option.
Documentation
Markdown as markup language. Developer documentation should be close to the code, i.e. ideally checked in to the same repository as the code.
For diagrams and charts, Mermaid.
Development environment
Reproducible VMs using Vagrant with Podman and Salt provisioners. The main selling point with this is that this way you can provision a production environment using the same manifests if your project so requires.