Deployment Overview¶
This section explains how to deploy MCP Gateway in various environments - from local development to cloud-native platforms like Kubernetes, IBM Code Engine, AWS, and Azure.
π Security First¶
Before deploying to production, review our Security Guide for:
- Critical security configurations
- Production hardening checklist
- Authentication and authorization setup
- Network security best practices
- Container security requirements
πΊ Deployment Options¶
MCP Gateway supports multiple deployment strategies:
Method | Description |
---|---|
Local | Run directly on your dev machine using make , uvicorn , or a virtual-env |
Container | Package and run as a single container image using Podman or Docker |
Compose Stack | Bring up Gateway + Postgres + Redis (and optional MPC servers) with Podman/Docker Compose |
Minikube | Launch a local single-node Kubernetes cluster and deploy the Gateway stack |
Kubernetes | Generic manifests or Helm chart for any K8s-compliant platform |
OpenShift | OpenShift-specific deployment using Routes, SCCs, and Operator-managed back-ends |
IBM Code Engine | Serverless container build & run on IBM Cloud |
AWS | Deploy on ECS Fargate, EKS, or EC2-hosted containers |
Azure | Run on Azure Container Apps, App Service, or AKS |
Security Guide | Essential security configurations and best practices for production deployments |
π Runtime Configuration¶
MCP Gateway loads configuration from:
.env
file (in project root or mounted at/app/.env
)- Environment variables (overrides
.env
) - CLI flags (e.g., via
run.sh
)
β οΈ Security Note: Never store sensitive credentials directly in environment variables. Use a secrets management system in production. See the Security Guide for details.
π§ͺ Health Checks¶
All deployments should expose:
This returns basic system latency metrics and can be used with cloud provider readiness probes.
π¦ Container Basics¶
The default container image:
- Uses the Red Hat Universal Base image running as a non-root user
- Exposes port
4444
- Runs
gunicorn
with Uvicorn workers - Uses
.env
for all settings
For Kubernetes, you can mount a ConfigMap or Secret as
.env
.
Important: For production deployments, ensure you follow the container hardening guidelines in our Security Guide.