{"id":2219,"date":"2025-07-09T15:15:33","date_gmt":"2025-07-09T15:15:33","guid":{"rendered":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2025\/07\/09\/docker-mcp-gateway-open-source-secure-infrastructure-for-agentic-ai\/"},"modified":"2025-07-09T15:15:33","modified_gmt":"2025-07-09T15:15:33","slug":"docker-mcp-gateway-open-source-secure-infrastructure-for-agentic-ai","status":"publish","type":"post","link":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/2025\/07\/09\/docker-mcp-gateway-open-source-secure-infrastructure-for-agentic-ai\/","title":{"rendered":"Docker MCP Gateway: Open Source, Secure Infrastructure for Agentic AI"},"content":{"rendered":"

Since releasing the Docker MCP Toolkit<\/a>, we\u2019ve seen strong community adoption, including steady growth in MCP server usage and over 1 million pulls from the Docker MCP Catalog<\/a>. With the community, we\u2019re laying the groundwork by standardizing how developers define, run, and share agent-based workloads with Docker Compose.\u00a0<\/p>\n

Now, we\u2019re expanding on that foundation with the MCP Gateway, a new open-source project designed to help you move beyond local development and into production environments. The MCP Gateway acts as a secure enforcement point between agents and external tools. It integrates seamlessly with Docker Compose while enhancing the security posture of the broader MCP ecosystem.<\/p>\n\n

We believe that infrastructure of this kind should be transparent, secure, and community-driven<\/strong>, which is why we\u2019re open-sourcing all of this work. We\u2019re excited to announce that the MCP Gateway project is available now in this public GitHub repository<\/a>!<\/p>\n\n

When we started building the MCP Gateway project, our vision was to enable a wide range of agents to access trusted catalogs of MCP servers. The goal was simple: make it easy and safe to run MCP servers.\u00a0<\/p>\n\n

\n<\/div>\n

Figure 1: Architecture diagram of the MCP Gateway, securely orchestrating and managing MCP servers<\/strong><\/p>\n\n

This project\u2019s tools are designed to help users discover, configure, and run MCP workloads. In the sections below, we\u2019ll walk through these tools.<\/p>\n\n

Discovery<\/h2>\n

To view entries in the current default catalog, use the following CLI command.<\/p>\n

\ndocker mcp catalog show\n<\/div>\n

This is the set of servers that are available<\/em> on your host.<\/p>\n

As the Official MCP Registry<\/a> continues to progress, the details for how MCP server authors publish will change.\u00a0<\/p>\n

For now, we\u2019ve created a PR-based process<\/a> for contributing content to the Docker MCP Catalog<\/a>.<\/p>\n\n

Configure<\/h2>\n

To safely store secrets on an MCP host or to configure an MCP host to support OAuth-enabled MCP servers, we need to prepare the host. For example, servers like the Brave MCP server require an API key. To prepare your MCP host to inject this secret into the Brave MCP server runtime, we provide a CLI interface.<\/p>\n

\ndocker mcp secret set ‘brave.api_key=XXXXX’\n<\/div>\n

Some servers will also have host-specific configuration that needs to be made available to the server runtimes, usually in the form of environment variables. For example, both the filesystem, and resend server support host specific configurations.<\/p>\n

\ncat << ‘EOF’ | docker mcp config write
\nfilesystem:
\n paths:
\n – \/Users\/slim
\nresend:
\n reply_to: slim@gmail.com
\n sender: slim@slimslenderslacks.com
\nEOF\n<\/div>\n

MCP servers have different requirements for host configuration and secret management, so we will need tools to manage this.<\/p>\n

Run<\/h2>\n

An MCP Gateway exposes a set of MCP server runtimes.\u00a0 For example, if clients should be able to connect to Google-maps and Brave, then those two servers can be enabled by default.<\/p>\n

\ndocker mcp server enable google-maps brave
\ndocker mcp gateway run\n<\/div>\n

However, each gateway can also expose custom views. For example, here is a gateway configuration that exposes only the Brave and Wikipedia servers, over SSE, and<\/em> then only a subset of the tools from each.<\/p>\n\n

\ndocker mcp gateway run
\n –transport=sse
\n –servers=brave,wikipedia-mcp
\n –tools=brave_web_search,get_article,get_summary,get_related_topics\n<\/div>\n

Secure<\/h2>\n

One of the advantages of a gateway process is that users can plug in generic interceptors<\/a> to help secure any<\/em> MCP server. By securing the MCP host, we can ease the adoption burden for any<\/em> MCP client.<\/p>\n

Expect this list to grow quickly, but we have an initial set of features available in the repository<\/a> to begin demonstrating what\u2019ll be possible.<\/p>\n

Verify signatures \u2013 ensure that the gateway can verify provenance of the MCP container image before using it.<\/p>\n

Block-secrets \u2013 scan inbound and outbound payloads for content that looks like secrets of some kind.<\/p>\n

Log-calls<\/p>\n

These can be enabled when starting the gateway.<\/p>\n

\ndocker mcp gateway run
\n –verify-signatures
\n –log-calls
\n –block-secrets\n<\/div>\n

Summary<\/h3>\n

The MCP Gateway is Docker\u2019s answer to the growing complexity and security risks of connecting AI agents to MCP servers. By aggregating multiple MCP servers behind a single, secure interface, it gives developers and teams a consistent way to build, scale, and govern agent-based workloads from local development to production environments.<\/p>\n

The Gateway is available out of the box in the latest release of Docker Desktop. Now open source, it\u2019s also ready for you to use with any community edition of Docker. Whether you\u2019re building AI agents or supporting others who do, the MCP Gateway is a great foundational tool for developing secure, scalable agentic applications with MCP. Visit the Gateway GitHub repository<\/a> to get started!<\/p>","protected":false},"excerpt":{"rendered":"

Since releasing the Docker MCP Toolkit, we\u2019ve seen strong community adoption, including steady growth in MCP server usage and over […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[4],"tags":[],"class_list":["post-2219","post","type-post","status-publish","format-standard","hentry","category-docker"],"_links":{"self":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/2219","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/comments?post=2219"}],"version-history":[{"count":0,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/2219\/revisions"}],"wp:attachment":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media?parent=2219"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/categories?post=2219"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/tags?post=2219"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}