ToolHive

Deploys Model Context Protocol servers as isolated OCI containers using Docker or Podman runtimes, abstracting container lifecycle management through a thin client layer that translates CLI commands to container runtime APIs. ToolHive acts as a standardized packaging layer that wraps MCP server configurations (environment variables, secrets, resource limits) into reproducible container deployments, enabling consistent execution across development and production environments without requiring users to understand Docker/Podman internals.

Maintains a centralized registry of verified MCP server configurations with metadata (name, description, required secrets, supported transports, container image references). The registry system enables users to discover and deploy MCP servers by name rather than managing raw container image references, with automatic resolution of server configurations including environment variable templates and secret requirements. Registry entries are versioned and can be updated independently of ToolHive releases.

Provides encrypted secret storage and automatic injection of secrets into MCP server containers at runtime, using a secrets management subsystem that encrypts sensitive data at rest and injects them as environment variables or mounted files into containers. Secrets are stored in a local encrypted vault and are never exposed in logs, configuration files, or container images. The system supports per-server secret scoping and integrates with Cedar authorization policies for fine-grained access control.

Abstracts MCP transport mechanisms by supporting both standard I/O (stdio) and Server-Sent Events (SSE) transports, automatically negotiating the appropriate transport based on server capabilities and client requirements. The transport layer handles bidirectional message routing between client applications and containerized MCP servers, converting between transport protocols transparently. Stdio transport redirects container stdin/stdout to client connections, while SSE transport proxies HTTP-based event streams.

Automatically configures supported development tools (GitHub Copilot, Cursor, Roo Code) to use deployed MCP servers by writing tool-specific configuration files with correct transport endpoints and authentication details. The system detects installed client tools, generates appropriate configuration snippets, and updates tool configuration files without manual user intervention. Configuration is tool-specific and respects each tool's configuration format and location conventions.

Provides command-line interface for complete MCP server lifecycle management, including deployment (run), enumeration (list), termination (stop), and removal (rm) operations. The CLI is built using Cobra framework and translates high-level commands into container runtime API calls, handling container creation, monitoring, and cleanup. Each command supports flags for configuration overrides (environment variables, resource limits, transport selection) and integrates with the secrets management system for credential injection.

Provides Kubernetes-native MCP server management through a custom operator that translates Kubernetes Custom Resources (CRDs) into MCP server deployments. The operator watches for MCPServer CRD instances and automatically creates/updates/deletes corresponding Kubernetes Deployments, Services, and ConfigMaps. It integrates with Kubernetes secrets for credential management and supports standard Kubernetes patterns (resource requests/limits, health checks, rolling updates, scaling).

Integrates Cedar policy engine for fine-grained authorization decisions on MCP server access and secret management, enabling definition of custom permission policies beyond simple role-based access control. Policies are evaluated at runtime when users attempt to access secrets or manage servers, with decisions based on user identity, resource type, action, and contextual attributes. Cedar policies are stored as configuration files and can be updated without restarting ToolHive.

Provides structured logging system that captures ToolHive operations, container lifecycle events, and MCP server interactions with configurable verbosity levels. Logs are emitted in structured format (JSON or text) and can be directed to stdout, files, or external logging systems. The logging system includes context propagation for tracing operations across multiple components and supports filtering by log level and component.

Implements version tracking and release automation for ToolHive itself, with semantic versioning support and automated CI/CD pipeline for building, testing, and releasing new versions. The system tracks version information in code and provides version command for users to verify installed version. Release process is automated through GitHub Actions or similar CI/CD systems, building binaries for multiple platforms and publishing to release repositories.