mcp-container-demo

LeonFaith/mcp-container-demo

3.1

If you are the rightful owner of mcp-container-demo and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The Model Context Protocol (MCP) server is designed to run in Docker containers, providing a secure and isolated environment for executing network diagnostic tools.

Tools
2
Resources
0
Prompts
0

MCP Server Container Demo

This demonstrates how to run MCP (Model Context Protocol) servers in Docker containers.

Benefits of Containerized MCP Servers

  • Isolation: Each server runs in its own environment
  • Security: Limited resource access and non-root execution
  • Consistency: Same environment across different machines
  • Resource Management: CPU and memory limits
  • Easy Updates: Pull new images to update servers

Files

  • mcp-server.py - Simple MCP server with network diagnostic tools
  • Dockerfile - Container definition with security best practices
  • docker-compose.yml - Multi-container orchestration
  • scripts/ - Utility scripts for management

Quick Start

# Build and start the MCP server
docker-compose up --build

# Run in background
docker-compose up -d

# View logs
docker-compose logs -f mcp-network-tools

# Stop services
docker-compose down

# Remove everything including volumes
docker-compose down -v

Manual Docker Commands

# Build the image
docker build -t mcp-network-tools .

# Run with security settings
docker run -d \
  --name mcp-server \
  --memory="128m" \
  --cpus="0.5" \
  --read-only \
  --tmpfs /tmp:noexec,nosuid,size=50m \
  --security-opt no-new-privileges:true \
  --user 1000:1000 \
  mcp-network-tools

# Interactive debugging
docker run -it --rm mcp-network-tools /bin/bash

Security Features

  • Non-root user execution
  • Read-only filesystem
  • Resource limits (CPU, memory)
  • No new privileges
  • Isolated network
  • Health checks
  • Logging controls

Testing the MCP Server

# Test ping tool
echo '{"method": "tools/call", "params": {"name": "ping", "arguments": {"host": "8.8.8.8"}}}' | docker exec -i mcp-network-tools-server python3 /app/mcp-server.py

# Test DNS lookup
echo '{"method": "tools/call", "params": {"name": "dns_lookup", "arguments": {"hostname": "google.com"}}}' | docker exec -i mcp-network-tools-server python3 /app/mcp-server.py

Production Considerations

  1. Image Registry: Push to private registry for production
  2. Secrets Management: Use Docker secrets or external secret management
  3. Monitoring: Add Prometheus metrics
  4. Backup: Regular container image and data backups
  5. Updates: Automated image updates with rollback capability