Tony Messias

March 26, 2023

MRSK and Laravel

I've recorded a video version of this article which you can find on my YouTube channel.


The 37signals folks released a new tool for deploying containerized web apps called MRSK. When we think about deploying containerized apps, we might think of Kubernetes, Docker Swarm, Hashicorp's Nomad, or any container service our cloud provider may have. But MRSK is much, much simpler than that. It's minimalistic by design.

MRSK is inspired by another deployment tool called Capistrano. While most container deployment tools (aka. Orchestrators) work in a declarative approach, MRSK is designed around imperative commands. You can think of it as a thin layer on top of Docker CLI commands.

Even though we need Ruby in our host machine to install and run MRSK, you can use it to deploy web apps built in other languages or frameworks. If you wrap your app in a container, you could run it with MRSK.

Designed for VMs

MRSK was designed to run on any infrastructure setup you may have. You can use MRSK to run your app in the cloud or on-prem.

All you have to do is run `mrsk init` at the root of your project, configure the `config/deploy.yml` file generated by the `init` command, and deploy your app to your servers.

You can configure VMs for your apps and use MRSK to package the app in a container image, SSH into the servers, pull the new version and swap the running containers in a zero-downtime way. Your app will run behind a Traefik container that will forward the requests to the new container after it passes the health check.

Since resource management (CPU, memory, etc.) can be configured at the VM level, the idea is that you'll provision your VMs based on the needed resources your app needs. If you need more resources, you either scale up your VM, provision a bigger one, or more VMs if you can horizontally scale the work.

However, MRSK does have a way to pass container options which will be passed along to the `docker run ...` command. We can probably use it to specify container runtime resource constraints if necessary. This may be needed to run multiple containers in the same VM. Say your app runs in different roles: web, worker, and cron. You'd have to set up a VM for each role because we cannot run multiple instances of the same container in the same host. But that will change very soon as the work has been merged already. Currently, the role names and destinations are considered when deploying your apps! You could even run multiple environments on the same server, and everything would work.

Destination Environments

We could configure everything in our `config/deploy.yml` file, but I prefer a destination config file instead. We still need the base `config/deploy.yml` file, which we can use for the basic configuration of our app, and we could create a "production" config file by creating a `config/deploy.production.yml` file where we could only have the server's configuration and other things specific to production.

Using a destination environment also lets us keep using the base `.env` for local development and have a specific `.env.production` file that will be used for our production destination. This way, we can keep developing locally and still have the production config environment variables around when necessary.

Managing Environment Secrets

Since MRSK uses the dotenv approach, managing secrets is a matter of ensuring our `.env.production` file is never committed in plain-text to our repository and adding it to our `.dockerignore` so we don't accidentally push it inside our image either. Here's the `.dockerignore` I use:


We can use Laravel's encrypted environment files to keep the configs in the repository. This way, we could use something like 1Password to share the encryption key with our teammates, and they would be able to decrypt the env file for deployment.

# Creates a .env.production.encrypted
php artisan env:encrypt --env=production --key={MY_SECRET_KEY}

# Recreates the .env.production from the encrypted file
php artisan key:decrypt --env=production --key={MY_SECRET_KEY}


That's it. Really. MRSK is so simple. I'll be using it more and more for my personal projects.

About Tony Messias