Octelium provides a complete secure, free and open source, self-hosted infrastructure to build your MCP-based architectures and gateways. It provides secure access, deployment, authentication and unified identity management, L-7 aware pre-request authorization and visibility.
You can develop your MCP servers over streamable HTTP/SSE transport and run anywhere even behind NAT. Here is a simple example of a my-mcp Service whose upstream is running at http://localhost:8787 and is remotely served by a connected octelium client used by the User mcp-01 (read more about serving Services via connected Users here):
1kind: Service2metadata:3name: my-mcp4spec:5port: 80806mode: HTTP7isPublic: true8config:9upstream:10url: http://localhost:878711user: mcp-01
To serve the MCP server, the User mcp-01 needs to explicitly serve that Service via the --serve flag (read more here) as follows:
octelium connect --serve my-mcp
You can also deploy and scale your containerized MCP server and serve it as a Service by reusing the underlying Kubernetes infrastructure that runs the Octelium Cluster (read more about managed containers here) including from private container registries. Here is an example:
1kind: Service2metadata:3name: my-mcp4spec:5port: 87876mode: HTTP7isPublic: true8config:9upstream:10container:11port: 1143412image: <MY_REGISTRY>/<MY_ORG>/<MY_MCP_IMAGE:version>13credentials:14usernamePassword:15username: <USER>16password:17fromSecret: registry-token18resourceLimit:19cpu:20millicores: 100021memory:22megabytes: 2000
You can now apply the creation of the Service as follows (read more here):
octeliumctl apply /PATH/TO/SERVICE.YAML
You might also need to take a look at Namespaces (read more here) where you can organize your MCP server Services and affect their hostnames as well as access control to a whole set of Services that share a certain purpose or functionality according to your needs.
Octelium also supports secret-less access for Users to public MCP servers that are protected by standard bearer access tokens, basic authentication, API keys set in custom headers as well as OAuth2 client credential flows. You can read more here.
Now we move on to the client-side of MCPs. You can develop your MCP clients in any language and connect to the MCP server Service either privately over the octelium client (read more here). Furthermore, MCP clients can use the standard OAuth client credentials flow to obtain a bearer access token and publicly access the MCP server service (read more about the public clientless access mode here). You can read more about OAuth2-based client-less access here.
Octelium's application-layer (L7) awareness seamlessly enables you to control access based on HTTP request paths, methods and more importantly in our use case for MCP, JSON body of the requests. Here is an example:
1kind: Service2metadata:3name: my-mcp4spec:5port: 80806mode: HTTP7isPublic: true8config:9upstream:10url: https://mcp.example.com11http:12enableRequestBuffering: true13body:14mode: JSON15maxRequestSize: 10000016authorization:17inlinePolicies:18- spec:19rules:20- effect: ALLOW21condition:22all:23of:24- match: ctx.request.http.bodyMap.jsonrpc == "2.0"25- match: ctx.request.http.bodyMap.method == "tools/call"26- match: ctx.request.http.bodyMap.params.name in ["openFile", "readFile"]27- match: ctx.request.http.bodyMap.params.arguments.filePath.startsWith("/bin")28- match: ctx.request.http.bodyMap.params.arguments.count < 1000
Here are a few more features that you might be interested in: