from Hacker News

The architecture behind a one-person tech startup

by ksahin on 4/8/21, 12:14 PM with 320 comments

  • by rory on 4/8/21, 1:33 PM

    My one-man-SaaS setup:

    - Static frontend hosted on Netlify (free unlimited scale)

    - Backend server on Google App Engine (connecting to Gcloud storage and managed DB via magic)

    I realize I'm opening myself up to vendor lock-in and increased costs down the road (if I even get that far), but I've wrangled enough Docker/k8s/Ingress setups in the past to know it's just not worth the time and effort for a non-master.

  • by anonymouse008 on 4/8/21, 1:34 PM

    Anthony - if you're reading this, thank you!! To arrive at this architecture takes 100s if not 100s of hours, and to share it with the community is dang inspiring.

    I was feeling a bit down on my projects, but this has me amped up seeing how the ultimate goal of working on features rather than deployment is possible, and very real!

    Best of luck with Panelbear!

  • by sa1 on 4/8/21, 2:36 PM

    The author almost seems to apologize for having a django monolith.

    But it's worth realising that one purpose of code organisation in larger companies is to mirror the team organisation. That's a constraint on code that can interfere with the best technical architecture.

    You can do better with a monolith in a one-man team!

  • by wmichelin on 4/8/21, 1:08 PM

    How do you start learning this breadth of software engineering? I consider myself good in the python / django space, but where do I start with learning these infrastructure technologies? I find that I use them once or twice periodically, and then don't touch them for so long, so I forget much of what I have learned.

  • by wakatime on 4/8/21, 4:41 PM

    My one-person SaaS architecture with over 250k users:

    * Flask + Flask-Login + Flask-SQLAlchemy [1]

    * uWSGI app servers [2]

    * Nginx web servers [3]

    * Dramatiq/Celery with RabbitMQ for background tasks

    * Combination of Postgres, S3, and DigitalOcean Spaces for storing customer data [4]

    * SSDB (disk-based Redis) for caching, global locks, rate limiting, queues and counters used in application logic, etc [5]

    I like how OP shows the service providers he uses, and why he decides not to self-host those parts of his infra. Also, there's a large up front cost involved for any stack (Rails, Django, k8s). I'd be interested in a more detailed writeup with configs, to try out OP's auto-scaling setup. My configs are linked in the gist below [2] for my non-auto-scaling Flask setup.

    I spend about $4,000/mo on infra costs. S3 is $400/mo, Mailgun $600/mo, and DigitalOcean is $3,000/mo. Our scale/server load might be different, but I'm still interested in what the costs would be with your setup.

    [1] https://wakatime.com/blog/33-flask-part-2-building-a-restful...

    [2] https://gist.github.com/alanhamlett/ac34e683efec731990a75ab6...

    [3] https://wakatime.com/blog/23-how-to-scale-ssl-with-haproxy-a...

    [4] https://wakatime.com/blog/46-latency-of-digitalocean-spaces-...

    [5] https://wakatime.com/blog/45-using-a-diskbased-redis-clone-t...

  • by hardwaresofton on 4/8/21, 2:59 PM

    I'd argue that just about every infrastructure that looks like this benefits from Kubernetes (that you're not setting up and managing), and that's a lot of them. The biggest problem is that not enough people have boiled down Kubernetes enough to look like heroku yet. Google Cloud Run is possibly the best example of what Kubernetes can look like/run like -- it runs on (probably a relatively heavily modified) KNative, a project that runs on top of kubernetes.

    The "point" of Kubernetes is to drop the difficulty of building a service like Cloud Run to zero. It drops the cost of building a Heroku down to zero. I'd bet my bottom dollar that fly.io and render are running on Kubernetes (maybe they mentioned it somewhere already and I just missed it). With the right cluster set up, building one of those platforms (or others that I won't mention) is almost as simple as setting up stripe checkout and writing a web interface to turn form fields into JSON fields and send them to a kubernetes cluster (possibly with hard multi-tenancy! not to get too into it, but you can literally provision kubernetes clusters from kubernetes clusters, ephemeral or otherwise).

    No other tool in the devops world except for maybe the initial orchestrator wave (ansible/puppet/salt/chef) has been this much of a force multiplier. Ok, maybe that's hyperbole, but if adhoc-bash-scripts->ansible is 1->2, Ansible->Kubernetes is similarly 1->2, especially if you consider baked in cloud provider support/innovation.

    But here's the secret -- perversely, I'm happy deep down that everyone thinks k8s is too complicated/is a buzzword/isn't worth the effort. All it means to me is that I'm still ahead of the curve.

  • by ernsheong on 4/8/21, 3:10 PM

    I am also a one-man SaaS (though not a successful one). The following tends to be my stack (on Google Cloud, if you will):

    - Cloud Run (serverless containers)

    - Cloud SQL (via proxy)

    - Cloud Monitoring & Logging (formerly Stackdriver)

    - Compute Engine (if necessary, e.g. websockets)

    - Cloud Build for GitOps (deploy on push)

    It's clean and simple (to me). Billing is in one place, nicely separated by projects. Monitoring & Logging is already built in. No need to span multiple dev SaaS tools. So far managed to avoid Redis caching because Golang + Postgres is fast enough, so far. But if you need Redis you can DIY on Compute Engine or try Cloud Memorystore (configure the memory to a low amount for cost savings).

    Google Cloud drawbacks: Additional charges necessary to connect Cloud Run to VPC (via proxy instances). Load balancing on GCP ain't cheap ($18/month, though to a larger enterprise that is a rounding error). But in my setup I didn't need these things.

    As shown above, I have heavily optimized for cost and simplicity in my setup.

  • by biztos on 4/8/21, 5:05 PM

    Good article. My comment might be off topic in which case, please ignore.

    If you have a one-person SaaS company, how do you get past customers’ resistance to a single point of failure, namely you?

    Do you pretend you’re not just one person? Do you only have customers who could handle losing the service when you, say, run away to meditate on the mountaintop? (Or get run over by a beer truck, or whatever.) Is there some non-obvious solution?

    And — back on topic — is the architecture part of that sales pitch? “I’m just one dude, but look how simple this is, it can run itself if I am devoured by mice!”

  • by tptacek on 4/9/21, 12:01 AM

    This is really well done.

    A suggestion, hopefully helpful: a better approach to securing your admin console than simply layering 2FA onto it would be to expose it to a private WireGuard network. One very easy way to do that is with Tailscale, which will hook up to your GSuite authentication --- Google's 2FA stack will be far better than anything you'd likely build on your own.

    Tailscale is disgustingly simple to set up. If you're a product person, it's actually upsetting how easy they've made it to get set up.

  • by michaelbuckbee on 4/8/21, 1:57 PM

    An important distinction here is that PanelBear (OP's One Man SAAS) is something I would define as an "analytics" SAAS and as such has requirements that are way above what a typical CRUD SaaS might have.

    That's not to take anything away from the excellent writeup, but more so that someone who is thinking about starting a SaaS maybe doesn't jump to the conclusion of "I should go learn Kubernetes".

  • by _gjrn on 4/8/21, 1:23 PM

    Then reality hits, and most SaaS's typically only need to handle about ~10 reqs/day, those of the "founder".

  • by yalogin on 4/8/21, 4:02 PM

    This is probably not the best place to ask this question, but as a solo founder or just to reduce costs/time are there some standard free software packages that are used when creating sites? For example most sites need a user sign up mechaism, a authN and authX mechanism to gate access to different pages. Are there open source projects that provide this? Or do site owners develop these from scratch every time?

  • by efortis on 4/8/21, 4:33 PM

    My infrastructure is $2,800/year.

    There are two Servers load balanced with DNS.

    Each Server has 3 jails (Nginx, App, DB) and 2 NICs

    The internal NIC is for replicating the DB, and for the App Servers to target the Primary one.

    Diagram and Configs: https://blog.uidrafter.com/engineering/freebsd-jails-network...

  • by dimeatree on 4/8/21, 1:54 PM

    Good on them. I wish I could use K8 as effectively as the author, it is an incredibly overwhelming list and an impressive range of knowledge.

    In my situation I am finding the lack of consistent environment a reoccuring issue, the developer environment does not match production. However I kept it simple with Google App Engine Standard and Flex environments, I found the deployment process simple and was enough for me (at the time) - however I am finding we are going to step into dockerland; however I feel like it is very over my head!

  • by rufusroflpunch on 4/8/21, 1:13 PM

    I always feel like these write-ups about SaaS's are written by people who make SaaS's for other SaaS's. Application monitoring, email marketing, etc.

  • by bellttyler on 4/12/21, 3:22 PM

    In the beginning my startup only had 2 people. A designer (my friend) and me (a developer).

    For our frontend we used Webflow. My friend was able to create the entire marketting site, and all the app UI's without needing help from me. Webflow is an awesome tool for that sort of thing.

    For the backend, I built a simple Node/Express API and hosted via Heroku.

    To this day, everything is still running fine and the API is processing roughly 200 million requests a month. The total cost to host that on heroku is $50/mo.

    You can definitely have a simple stack but have it be highly scaleable!

  • by ijustwanttovote on 4/8/21, 3:35 PM

    I really enjoy reading these to learn the infra behind one man bands.

    Another good read is Wenbin from Listen notes. https://www.listennotes.com/blog/how-i-accidentally-built-a-...

  • by eandre on 4/8/21, 1:02 PM

    Super interesting! Definitely feels like a lot of fairly low-level tech to have to deal with for a one-person company, but I guess that doesn't surprise me any more :)

  • by 0xdba on 4/8/21, 1:41 PM

    For my typing SaaS, I found firebase hosting/realtime DB a ginormous time saver.

    And since it hasn't taken off (and probably won't ever), it just costs me a pennies a month since I'm under their free limits, plus the domain.

  • by say_it_as_it_is on 4/8/21, 1:21 PM

    I was under the impression that Kubernetes was a complicated beast not meant for small teams / startups. What is the value of it in this monolith environment? Is the key to using it in a startup context to use it as a basic monolith auto-scaling orchestrator but no more than that? If you or anyone else here can comment about how to use Kubernetes strategically without falling into an unnecessary over-engineering rabbit hole, I'm willing to learn from you.

    Regarding the rate limiting, you're load balancing into nginx services that you've configured to limit requests. Are they synchronizing rate limiting state? I can't seem to find nginx documentation supporting this. What value is there in this style of rate limiting, considering User X can send a sequence of requests into a load balancer that routes them to nginx boxes A, B, and C? The big picture that 3 requests were processed for user X gets lost. Your endpoint-level rate limiting, however, may potentially be achieving the synchronized rates if the redis servers in a cluster are synchronizing. I guess I'm asking about the strategy of using multiple lines of rate limiting defense. Is nginx-level rate limiting primarily for denial of service?

    The horizontal autoscaler should be based on throughput rather than hardware consumption, shouldn't it? If the req/sec goes below a threshold, spawn a new service. Can anyone comment?

  • by chrisandchris on 4/8/21, 1:00 PM

    > From a technical point of view, this SaaS processes a large amount of requests per second from anywhere in the world, and stores the data in an efficient format for real time querying.

    That is the closes thing to a number of requests I could find. So this architecture, no matter how solid, is somewhere between „way to large“ and „matches perfect“.

    It seems like a solid breakdown on how to deploy your services to k8s and how to properly do CD deployments. But it does never mention whether it actually makes sense at the scale he actually has.

  • by rajatsx on 4/8/21, 5:57 PM

    My one-man-SaaS setup:

    - A single VPS server to host the app. I love DigitalOcean.

    - A single docker-compose file to bring up the entire stack containing the front-end, the back-end and the database.

    - Caddy for automatic SSL certificates and proxying.

    - JavaScript/TypeScript for building stuff.

    - Cloudflare For DNS

  • by tluyben2 on 4/8/21, 4:45 PM

    I am running a few one man saas's on a 2.99$ vps (1 per project) with php, mysql and nginx.

  • by Sodman on 4/8/21, 2:27 PM

    A lot of people are going to jump on the "he used k8s and he doesn't even work at Google scale!" part of this writeup, but I think it's a perfect demonstration of the concept of innovation tokens [1]. He admits in TFA that clickhouse was the only new piece of tech in his stack, and he was already familiar with k8s et al - so he's able to focus on actually building the products he wants. I could see somebody unfamiliar with k8s (but very familiar with all other pieces of tech in the system they want to build) being able to learn it as part of a side project, if it's the only new thing. Where the wheels come off is when you've never touched k8s, postgres, aws, rust, graphQL or vue - and you try to mash them all together in one ambitious project.

    [1] https://mcfunley.com/choose-boring-technology

  • by dpweb on 4/8/21, 8:00 PM

    As a one person company I find it not just helpful but a core principle to minimize the number of stacks/tools/services being used. Overhead of task switching and learning curves.

  • by pier25 on 4/8/21, 3:20 PM

    Since you're in Germany, how do you handle VAT, EU tax returns, invoices, etc?

    What about taxes and invoices to other countries?

  • by throwaway78123 on 4/8/21, 1:45 PM

    This goes against the HN trope that "you don't need Kubernetes unless you are Google-size".

    It turns out Kubernetes is actually perfect for small teams as it solves many hard operational issues, allowing you to focus on the important part of the stack: the application.

    The key is to stick to a simple setup (try not to mess with networking config) and use a managed offering such as GKE. We may need a Kubernetes, The Good Parts guide.

  • by eruci on 4/8/21, 2:28 PM

    My one man SaaS setup: t4g.micro (Free Trial) on AWS Ec2 - one mod_perl module + a bunch of python/perl scripts. ( https://poidata.xyz ). Startup costs so far=$1 (domain registration).

  • by singhrac on 4/8/21, 8:14 PM

  • by igammarays on 4/8/21, 2:55 PM

    Anyone heard of a One Man SaaS unicorn, i.e. a product that scaled to $10m+ ARR with only a single founder right till the end?

  • by anurag on 4/8/21, 4:40 PM

    (Render founder) This is incredible work, and underscores the reason Render exists and is recommended by OP. Everything mentioned in the post is baked into Render already:

    * Automatic DNS, SSL, and Load Balancing

    * Automated rollouts and rollbacks

    * Health checks and zero downtime deploys (let it crash)

    * Horizontal autoscaling (in early access!)

    * Application data caching (one-click ClickHouse and Redis)

    * Built-in cron jobs

    * Zero-config secrets and environment variable management

    * Managed PostgreSQL

    * DNS-based service discovery with private networking

    * Infrastructure-as-Code

    * Native logging and monitoring and 3rd-party integrations (LogDNA, Datadog, more coming this month!)

    * Slack notifications

    More at https://render.com.

  • by throwaway823882 on 4/8/21, 1:08 PM

    Cool write-up. I am a K8s hater, but I can see how this can work well for small projects with 1 developer. EKS definitely takes a lot of the maintenance headache, but there'll still be some down the line.

  • by staticelf on 4/8/21, 2:51 PM

    Interesting post. I would advice people against running a kubernetes / docker setup if you don't know it well. It's quite complicated and most small companies don't really need it.

    As the author say, he already got a lot of experience of it so it worked out great for him but it is probably easier just to install the tech needed for a small company.

    Unless you have something very special going on, the dependencies (like databases) are probably not going to be that many.

  • by alexellisuk on 4/9/21, 8:15 AM

    I was just reading the beginning of Arvid Kahl's Zero to Sold. He recommends using a tech stack that you already know and have lots of muscle memory with. I couldn't agree with him more. [1]

    This tech stack looks over-engineered upon first glance, but I don't know much about the author or his product.

    I use Kubernetes a fair bit whilst developing OpenFaaS and teaching people about K3s, but there is a whole world of development teams who aren't prepared to consider it as an option. One of the reasons we created "faasd" [2] (single-node OpenFaaS) was to help people who just wanted to run some code, but didn't want to take "Kubernetes mastery 101"

    For a small app using a managed service like Cloud Run plus some cloud storage should get you very far. I saw that Heroku is still popular with the indie community, with the author of Bannerbear getting a lot of value from the managed platform.

    [1] https://thebootstrappedfounder.com/ [2] https://github.com/openfaas/faasd

  • by aaronbrethorst on 4/8/21, 3:34 PM

    My one-person SaaS architecture:

    It’s a Rails monolith deployed on Heroku.

    I’d rather have the time to build new features for my user base than spend it learning how to use k8s or wrangling AWS through its abysmal console website.

  • by reubens on 4/8/21, 8:40 PM

    I love your landing page. Accessible, well-balanced... you clearly have garnered a degree of frontend experience to complement the work on the backend

  • by dimitrios1 on 4/8/21, 7:33 PM

    One thing I noticed a lot with indie or "one-man" startups is they make ample use of other SaaS tooling, often lesser heard of or known ones as well.

    I am not sure what the right answer is, but I at least appreciate that there founders out there willing to give the little-er shops a chance. A healthy ecosystem with competition is good for the most amount of people.

  • by omarhaneef on 4/8/21, 1:57 PM

    I hate to give homework to other people but I suggest you expand this out: udemy class, booklet, or a series of blog posts with tasteful ads.

    Ideally, you would get it to the point where a newbie can use it as a reference.

  • by nicioan on 4/12/21, 7:38 AM

    Great write up! Reminded me of the "The boring technology behind a one-person Internet company" [0] and the HN discussion [1]. [0] https://www.listennotes.com/blog/the-boring-technology-behin... [1] https://news.ycombinator.com/item?id=20985875

  • by plnii on 4/14/21, 11:43 PM

    I run a one-person SaaS company supporting three products. One is an iOS and Android all-local storage app so that costs me nothing to run. I have two projects running on Django sharing the same RDS DB. I can support two apps with just a single EC2 each. One runs docker containers. The other I did not dockerize yet. For me, the total costs are about $40/month. I have looked at Netlify and other “easy options” but they double or more my costs due to their costly basic tiers.

  • by albertTJames on 4/8/21, 7:22 PM

  • by kparaju on 4/8/21, 4:17 PM

    Thanks for a great post! It was super detailed and I loved reading it. I had a quick question about your pg setup. You mentioned that you use EBS for your persistence storage, which is locked by zone . You can't have an EC2 instance in Zone 1 mount a storage in Zone 3. Does this cause issues with your db? Especially as you have HPA and ClusterAutoscaler, your k8s nodes could be spun up in Zone 1 for pg autoscaling but your data is in Zone 3.

  • by ilovefood on 4/8/21, 2:32 PM

    I use Nomad for this after 2 years Kubernetes and it has been a revelation that things shouldn't be complicated. Won't change back again.

  • by de6u99er on 4/8/21, 12:54 PM

    This looks solid. And k8s makes total sense, since you are avoiding vendor lock-in.

    I'm just wondering why you don't also run your managed services in k8s?

  • by peter_d_sherman on 4/9/21, 4:13 AM

    Panelbear's homepage:

    https://panelbear.com/

    >"Web Performance and Traffic Insights

    From the small stuff to the big picture, Panelbear gives you the insights you need while respecting the privacy of your visitors. It's simple, and fast."

    Price is based on client websites' page views per month, with free tier to 5K page views.

  • by knodi on 4/8/21, 2:22 PM

    I have done with before, ran and one man b2b saas platform with 30clients from around the world. Infrastructure was the easiest part. We where processing roughly 100million messages a day, about 5 nodes. Monitoring was good, application performance tracking was good. Business ran for close to 7 years, making about 1.3mill a year on an average year.

  • by cadbox1 on 4/8/21, 11:33 PM

    I don't have the startup part yet but here's my one-person stack with Postgres, Node and React deployed on AWS with CDK using RDS, Lambda, S3 and Cloudfront. It's 100% in the free tier.

    https://github.com/cadbox1/prawn-stack

  • by ccmcarey on 4/8/21, 2:06 PM

    Great writeup.

    How do you handle database migrations when using an otherwise automated CI/CD flow with gradual deployment?

  • by mikestaub on 4/9/21, 8:05 AM

    I created a similar post a while back for the GRANTS stack. ( GraphQL, React, ArangoDB, Nodejs, Typescript, Serverless ) https://github.com/mikestaub/slack-lunch-club

  • by lmarcos on 4/8/21, 2:46 PM

    Nice read. I haven't seen any references to Ansible or similar tools. For the ones who know: given the architecture described in the article, does Ansible fit in the picture? I don't know a lot of k8s but I wonder how VMs are provisioned (e.g., how docker is installed?)

  • by chpmrc on 4/8/21, 7:33 PM

    Hey great post! Thanks for sharing so many details. Just one question: how do you approach profiling in production? Specifically in those cases where copying whatever slice of data from the prod DB would be too much to handle.

  • by system2 on 4/9/21, 8:11 PM

    Digital Ocean / Vultr + Ubuntu droplets solve everything for us. We slap a sucuri in front of it, or for cheaper projects Cloudflare. I can't understand the complexity people come up with like this.

  • by urashidmalik on 4/8/21, 2:39 PM

    Amazing!. How long did it take to reach this point from envisioning the idea.

  • by undeadsushi on 4/8/21, 3:00 PM

    I'm currently using zappa and lambda for supporting about 25 b2b users. It's a django / react application and I use cloudwatch for scheduled cron jobs. My overall cost is <$20 a month.

  • by lemarchr on 4/8/21, 9:28 PM

    It's probably fine, but reading about a single Postgres container in a Kubernetes cluster with backups to S3 gives me sweaty palms. I hope the author has fully tested their disaster recovery plan.

  • by nodamage on 4/8/21, 8:45 PM

    If you're using Stripe for billing how do you handle tax compliance, specifically related to the VAT requirements in each EU country as well as sales tax requirements in each US state?

  • by sillycube on 4/8/21, 2:54 PM

    I use docker compose on a DO droplet, 1 container for python / django, 1 for postgresql, 1 for nginx.

    Kubernetes is too complicated for me

  • by yumraj on 4/8/21, 4:57 PM

    Does anyone know how those diagrams are drawn?

  • by mjgs on 4/9/21, 12:34 AM

    Impressive Tony Stark level solo dev setup :)

  • by nickthemagicman on 4/8/21, 10:41 PM

    Who was the very successful startup guy who ran all of his services from a single digital ocean VPS?

  • by umen on 4/9/21, 5:44 AM

    Does some one here build multiplayer game mobile or web setup and can share ?

  • by msmagh on 4/9/21, 3:06 AM

    Loved reading this, thanks for putting in the effort to share with community.

  • by siruva07 on 4/8/21, 1:20 PM

    Has there ever been a one-wo(man) SaaS founder to take a company public?

  • by btbuildem on 4/8/21, 2:44 PM

    Leading with a little blurb about WHAT the solution does would be nice.

  • by wenbin on 4/8/21, 3:42 PM

    Anthony, this is awesome!

  • by mrwnmonm on 4/8/21, 2:50 PM

    Anyone knows the chart lib he is using in the frontend?

  • by dikaio on 4/8/21, 6:41 PM

    Wow what a great post, thanks for sharing!

  • by eweise on 4/8/21, 6:13 PM

    This looks way too complicated.

  • by ThePhysicist on 4/8/21, 12:54 PM

    It's a great writeup, I just find it weird that the author runs his "privacy-focused" analytics service on AWS and Cloudflare. From a GDPR perspective it's not even clear if this is lawful (Schrems-II), and there are some good alternative cloud services available in the EU (e.g. Hetzner or OVH). Also, Cloudflare still sets the __cf* cookie on every request, so it's not really cookieless tracking (I'm aware that Cloudflare is planning to get rid off this cookie though).

    Edit: Maybe the downvoters can explain what they're disagreeing with?

  • by riantogo on 4/8/21, 6:40 PM

    One person forum platform setup:

    -Inmotion shared hosting (some $10/mo fixed)

    -PHP (codeigniter framework) with MySQL

    Not very proud in the age of Cloud, but I can’t deal with all the complexities. Command line scares me (which seems to be the requirement these days for any development). Now I have a simple ftp folder mapped directly in VS Code.

  • by 1hakr on 4/8/21, 3:31 PM

    Thanks for sharing, very detailed. i might use some ideas for my own SaaS https://simpleops.io/