Architecture
MCP Gateway consists of two main components: the Operator and the Gateway.
Overview
flowchart LR
Client([Client])
subgraph Kubernetes Cluster
Ingress[Ingress]
Gateway[MCP Gateway]
subgraph Backends
Remote[External MCP Server]
Container[Container Server<br/>HTTP/STDIO]
end
end
Client --> Ingress
Ingress --> Gateway
Gateway --> Remote
Gateway --> ContainerOperator
The operator watches for Custom Resources and manages:
- MCPGateway: Creates gateway Deployments, Services, and Ingress resources
- MCPRemoteServer: Configures routing to external MCP servers
- MCPContainerServer: Creates and manages containerized MCP server pods
The operator runs as a single deployment and reconciles resources continuously.
Gateway
The gateway is an HTTP/SSE proxy that:
- Routes incoming requests to the appropriate backend
- Handles SSE (Server-Sent Events) connections for real-time communication
- Supports STDIO transport by attaching to container pods
- Watches ConfigMaps for dynamic configuration updates
Request Flow
- Client connects to the gateway via Ingress
- Gateway reads the path to determine the target server
- For remote servers: proxies the request to the external URL
- For container servers:
- HTTP transport: proxies to the container’s HTTP endpoint
- STDIO transport: attaches to the pod and forwards via stdin/stdout
Custom Resources
| Resource | Purpose |
|---|---|
| MCPGateway | Defines the gateway deployment and ingress configuration |
| MCPRemoteServer | Configures routing to external HTTP/SSE MCP servers |
| MCPContainerServer | Defines containerized MCP servers running in the cluster |