Skip to content

πŸ“¦ Container DeploymentΒΆ

You can run MCP Gateway as a fully self-contained container. This is the recommended method for production or platform-agnostic deployments. You can use any container engine (ex: Docker or Podman).


Quick Start (Pre-built Container Image)ΒΆ

If you just want to run the gateway using the official OCI container image from GitHub Container Registry:

docker run -d --name mcpgateway \
  -p 4444:4444 \
  -e HOST=0.0.0.0 \
  -e JWT_SECRET_KEY=my-test-key \
  -e JWT_AUDIENCE=mcpgateway-api \
  -e JWT_ISSUER=mcpgateway \
  -e BASIC_AUTH_USER=admin \
  -e BASIC_AUTH_PASSWORD=changeme \
  -e AUTH_REQUIRED=true \
  -e PLATFORM_ADMIN_EMAIL=admin@example.com \
  -e PLATFORM_ADMIN_PASSWORD=changeme \
  -e PLATFORM_ADMIN_FULL_NAME="Platform Administrator" \
  -e DATABASE_URL=sqlite:///./mcp.db \
  --network=host \
  ghcr.io/ibm/mcp-context-forge:0.7.0

docker logs mcpgateway

You can now access the UI at http://localhost:4444/admin

🐳 Build the Container¢

make podman

Using Docker (manual alternative)ΒΆ

docker build -t mcpgateway:latest -f Containerfile .

The base image uses python:3.11-slim with Gunicorn and Uvicorn workers.


πŸƒ Run the ContainerΒΆ

With HTTP (no TLS)ΒΆ

make podman-run

This starts the app at http://localhost:4444.


With Self-Signed TLS (HTTPS)ΒΆ

make podman-run-ssl

Runs the gateway using certs from ./certs/, available at:

https://localhost:4444

βš™ Runtime ConfigurationΒΆ

All environment variables can be passed via:

  • docker run -e KEY=value
  • A mounted .env file (--env-file .env)

πŸ§ͺ Test the Running ContainerΒΆ

curl http://localhost:4444/health
curl http://localhost:4444/tools

Use curl -k if running with self-signed TLS


🧼 Stop & Clean Up¢

podman stop mcpgateway
podman rm mcpgateway

Or with Docker:

docker stop mcpgateway
docker rm mcpgateway