Skip to main content
HashnodeNirjar Goswami

Command Palette

Search for a command to run...

Containerized AegisMesh with Docker, Kubernetes, and Jenkins

Published
3 min read
N
NirjarGoswami
Associate Cloud Engineer

I'd been putting off Docker on AegisMesh for a while. The project had enough going on already — IAM, MFA, OAuth, a policy engine. Adding containers felt like picking up extra work for no immediate reason.

Eventually I just did it.

Starting with Docker

The backend Dockerfile is three stages because of Prisma. It needs to generate a client at build time and needs a DATABASE_URL for that, even though nothing actually connects. One stage for prod dependencies, one for prisma generate with a placeholder URL, one final stage that combines both.

dumb-init was an afterthought. npm start as PID 1 doesn't forward signals, so docker stop would hang indefinitely. Annoying to debug, obvious in hindsight.

The frontend was straightforward. Vite builds, Nginx serves. Separate dev Dockerfile that skips the build and runs the dev server directly.

Startup Order

The backend kept dying because Postgres wasn't ready. The container being up and the database being ready aren't the same thing — took me longer than it should have to work that out. Added a healthcheck so the backend actually waits for connections.

The dev setup had one thing I missed until it broke. The host was overwriting files inside the container with no warning. One line to isolate them.

Moving to Kubernetes

Didn't touch Kubernetes until Docker was stable.

Same problem, different tool. You can run tasks before the main container starts — one waits for the database, one runs migrations. The app doesn't deal with any of it.

Decide where config lives before writing anything. I changed my mind halfway through and lost time I didn't need to lose.

Jenkins

I thought it would take a few hours. It took most of a week.

First: npm not found. Jenkins had no Node on PATH. Then Prisma rejected the Node version — added a validation stage that fails immediately if it's not 20.19+, 22.12+, or 24+.

Then lint ran for the first time. 20+ errors. Bad setState in effects, stale references, broken hook dependencies — none of it was new, it had just never been checked. Fixed all of it.

The thing that ate the most time wasn't any of that. A plugin I didn't install and didn't know about was breaking the entire run. Found it by reading console output until one line looked wrong.

What I'd Do Differently

Set up .dockerignore before writing anything. I was pulling things into the build context that had no reason to be there. Builds were slower than they should've been and I only caught it later.

Decide the ConfigMap and Secret split before touching any manifests. Changing it halfway through means revisiting files you already considered done. Not hard, just annoying.

Give Jenkins environment setup more time than you think it needs. The Jenkinsfile is the easy part. Node not being on PATH, the wrong Node version failing Prisma, a plugin you never installed quietly breaking the entire run — that's where the time actually goes.

Final Thoughts

Docker felt like overhead until it wasn't. Kubernetes made me think about things Compose lets you ignore. Jenkins was a bad week and I'd do it again.

6 views

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Nirjar Goswami

4 posts

Insights from what i have learned and built so far.