Kubernetes

Deploy the vCon MCP Server to Kubernetes.

Quick Start

Create Secrets

kubectl create secret generic vcon-mcp-secrets \
  --from-literal=SUPABASE_URL=https://your-project.supabase.co \
  --from-literal=SUPABASE_SERVICE_ROLE_KEY=your-service-role-key \
  --from-literal=SUPABASE_ANON_KEY=your-anon-key \
  --from-literal=OPENAI_API_KEY=your-openai-key

Deploy

# vcon-mcp.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: vcon-mcp
spec:
  replicas: 2
  selector:
    matchLabels:
      app: vcon-mcp
  template:
    metadata:
      labels:
        app: vcon-mcp
    spec:
      containers:
      - name: vcon-mcp
        image: public.ecr.aws/r4g1k2s3/vcon-dev/vcon-mcp:main
        ports:
        - containerPort: 3000
        env:
        - name: MCP_HTTP_STATELESS
          value: "true"
        - name: MCP_TOOLS_PROFILE
          value: "full"
        envFrom:
        - secretRef:
            name: vcon-mcp-secrets
        resources:
          requests:
            memory: "256Mi"
            cpu: "100m"
          limits:
            memory: "512Mi"
            cpu: "500m"
        livenessProbe:
          httpGet:
            path: /api/v1/health
            port: 3000
          initialDelaySeconds: 10
          periodSeconds: 30
        readinessProbe:
          httpGet:
            path: /api/v1/health
            port: 3000
          initialDelaySeconds: 5
          periodSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
  name: vcon-mcp
spec:
  selector:
    app: vcon-mcp
  ports:
  - port: 80
    targetPort: 3000

kubectl apply -f vcon-mcp.yaml

Environment Variables

Key configuration for Kubernetes deployments:

Variable

Required

Description

SUPABASE_URL

Yes

Supabase project URL

SUPABASE_SERVICE_ROLE_KEY

Yes*

Service role key (bypasses RLS)

SUPABASE_ANON_KEY

Yes*

Anonymous key (uses RLS)

MCP_HTTP_STATELESS

Recommended

Set true for multi-replica deployments

MCP_TOOLS_PROFILE

full, readonly, user, admin, minimal

MCP_DISABLED_TOOLS

Comma-separated list of tools to disable

OPENAI_API_KEY

For embedding generation

*At least one Supabase key required

Running Scripts as Jobs

One-time Job

apiVersion: batch/v1
kind: Job
metadata:
  name: vcon-check-db
spec:
  ttlSecondsAfterFinished: 300
  template:
    spec:
      restartPolicy: Never
      containers:
      - name: script
        image: public.ecr.aws/r4g1k2s3/vcon-dev/vcon-mcp:main
        command: ["script", "check-db-status"]
        envFrom:
        - secretRef:
            name: vcon-mcp-secrets

Scheduled Embeddings Sync

apiVersion: batch/v1
kind: CronJob
metadata:
  name: vcon-embeddings
spec:
  schedule: "0 */6 * * *"
  jobTemplate:
    spec:
      template:
        spec:
          restartPolicy: OnFailure
          containers:
          - name: embeddings
            image: public.ecr.aws/r4g1k2s3/vcon-dev/vcon-mcp:main
            command: ["script", "embed-vcons", "--provider=openai", "--limit=500"]
            envFrom:
            - secretRef:
                name: vcon-mcp-secrets

Resource Recommendations

Workload

Replicas

CPU Request

Memory Request

Development

100m

256Mi

Production (small)

250m

512Mi

Production (large)

500m

1Gi

Troubleshooting

# Check pod status
kubectl get pods -l app=vcon-mcp

# View logs
kubectl logs -l app=vcon-mcp -f

# Port forward for testing
kubectl port-forward svc/vcon-mcp 3000:80
curl http://localhost:3000/api/v1/health

Next Steps

Cloud Providers - Managed Kubernetes (EKS, GKE, AKS)
Docker Deployment - Container basics
Production Setup - Production configuration

PreviousDocker NextCloud Providers

Last updated 1 month ago

Good morning

hashtagQuick Start

hashtagCreate Secrets

hashtagDeploy

hashtagEnvironment Variables

hashtagRunning Scripts as Jobs

hashtagOne-time Job

hashtagScheduled Embeddings Sync

hashtagResource Recommendations

hashtagTroubleshooting

hashtagNext Steps