Localstack setup

Deployment, Devops & Disaster Recovery for Ruby on Rails web applications

ToC

The running application, even in development, must have access to an s3 service.

One possibility for this is to have a production-grade instance of s3 (a bucket) available in the development environment. There are several disadvantages to doing so. First, it carries a cost: production-grade S3 is not free, and even if the cost is minimal, it's still a cost, subject to budget approval, permissions, etc.

Second, an s3 instance is a security risk. If you have dozens of contractors working on a project, and especially if you have volunteers working on a project, you don't want to be giving each contributor an s3 instance. Managing access may become tedious, and if one contributor "accidentally" incurs hundreds of dollars (or more) of cost - that is precisely the security risk that we are trying to avoid.

One of the possible solutions is localstack. NOTE: although localstack offers a paid service, we are using only the free application that they offer.

Localstack runs very well from a docker container. Here is an example docker-compose.yml file:

version: '3.2'

services:

  localstack_development:
    image: localstack/localstack:3.7.0
    # container_name: localstack_development
    environment:
      - SERVICES=s3:5002
      - DEFAULT_REGION=us-east-1
      - DATA_DIR=/opt/localstack/data
    ports:
      - 4566:4566 # LocalStack Gateway. host:container
      - "127.0.0.1:4510-4559:4510-4559"  # external services port range
    volumes:
      - type: bind
        source: ./volumes/localstack_development_data
        target: /var/lib/localstack
      - type: bind
        source: ./tmp
        target: /opt/tmp
      - "/var/run/docker.sock:/var/run/docker.sock"
      - ./aws:/etc/localstack/init/ready.d
    # environment:
      ## LocalStack configuration: https://docs.localstack.cloud/references/configuration/
      # - DEBUG=${DEBUG:-0}
    restart: 'no'

Start the service, login to the container and create a bucket:

  dc up -d localstack_development
  ./scripts/login_mac  localstack
  awslocal s3 mb s3://wco-email-development

The matching configuration for s3 (paperclip, active storage) would be as follows:


::S3_CREDENTIALS ||= {
  access_key_id: "test",
  secret_access_key: "test",
  bucket: "<the bucket>",
  region: 'us-east-1',
  endpoint: "http://localhost:4566/",
  force_path_style: true,
}

.

.^.

Please log in to post comments:  
Login with Google