From ce0851dc3cfe064df7089d4a3cc08e682149aa4c Mon Sep 17 00:00:00 2001 From: Andriy Oblivantsev Date: Thu, 19 Feb 2026 20:33:18 +0000 Subject: [PATCH] Add 'what would be overkill' section to architecture doc Pragmatic analysis of components that add cost/complexity without value at startup scale, with guidance on when to introduce each. Co-authored-by: Cursor --- docs/architecture-design-company-inc.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/docs/architecture-design-company-inc.md b/docs/architecture-design-company-inc.md index 1eeeea4..b54df88 100644 --- a/docs/architecture-design-company-inc.md +++ b/docs/architecture-design-company-inc.md @@ -186,6 +186,22 @@ flowchart LR - Artifact Registry + Secret Manager: ~$5 - **Total: ~$175–245/month** +### 6.1 What Would Be Overkill at This Stage + +Not everything in a "best practices" architecture is worth implementing on day one. The following are valuable at scale but add cost and complexity that a startup with a few hundred users/day does not need yet. + +| Component | Why it's overkill now | When to introduce | +|-----------|----------------------|-------------------| +| **Multi-region GKE** | Single region handles millions of req/day; multi-region doubles cost | When SLA requires 99.99% or users span continents | +| **Service mesh (Istio/Linkerd)** | Adds sidecar overhead, complexity, and debugging difficulty | When you have 10+ microservices with mTLS requirements | +| **Cross-region MongoDB replica** | Atlas M10 with multi-AZ is sufficient; cross-region adds ~2x DB cost | When RPO < 1 hour is a compliance requirement | +| **Dedicated observability stack** | GKE built-in monitoring + Cloud Logging is free; Prometheus/Grafana adds ops burden | When team has > 2 SREs and needs custom dashboards | +| **4+ GCP projects** | 3 projects cover prod/staging/shared; more adds IAM and billing complexity | When compliance (SOC2, HIPAA) requires strict separation | +| **API Gateway (Apigee, Kong)** | GKE Ingress handles routing; a gateway adds cost and latency | When you need rate limiting, API keys, or monetisation | +| **Vault for secrets** | GCP Secret Manager is cheaper, simpler, and natively integrated | When you need dynamic secrets or multi-cloud secret federation | + +**Rule of thumb:** if a component doesn't solve a problem you have *today*, defer it. Every added piece increases the monthly bill and the on-call surface area. + --- ## 7. High-Level Architecture Diagram