Adolfo Delorenzo 2098453ff1 feat: add Docker support for all MCP servers

- Create individual Dockerfiles for each of the 7 MCP servers
- Add docker-compose.yml for orchestrating all services
- Create build-docker.sh script for easy container building
- Add comprehensive Docker deployment documentation (DOCKER.md)
- Update main README with Docker installation instructions
- Add .env.example template for environment configuration
- Configure each server with dedicated ports (3000-3006)
- Implement security best practices (non-root user, minimal base image)
- Add production deployment considerations and troubleshooting guide

Each server can now be run individually or all together using Docker Compose,
making deployment and scaling much easier for production environments.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-07-21 00:12:39 -03:00

4.9 KiB

Raw Blame History

Docker Deployment Guide for Portainer MCP Servers

This guide covers how to build and run the Portainer MCP servers using Docker containers.

Prerequisites

Docker Engine 20.10+
Docker Compose 2.0+
Portainer Business Edition instance
Valid Portainer API key

Quick Start

Clone the repository

git clone https://github.com/yourusername/portainer-mcp.git
cd portainer-mcp

Create environment file

cp .env.example .env
# Edit .env with your Portainer credentials

Build all containers
```
./build-docker.sh all
```
Start all services
```
docker-compose up -d
```

Individual Container Management

Building Containers

Build all containers:

./build-docker.sh all

Build specific container:

./build-docker.sh core
./build-docker.sh docker
./build-docker.sh kubernetes
# etc...

Running Containers

Run all services:

docker-compose up -d

Run specific service:

docker-compose up -d portainer-core
docker-compose up -d portainer-docker
# etc...

View logs:

docker-compose logs -f portainer-core
docker-compose logs -f portainer-docker
# etc...

Stop services:

docker-compose down

Container Details

Each MCP server runs in its own container with the following configuration:

Service	Container Name	Port	Purpose
portainer-core	portainer-mcp-core	3000	User management, teams, RBAC
portainer-environments	portainer-mcp-environments	3001	Environment management
portainer-docker	portainer-mcp-docker	3002	Docker operations
portainer-kubernetes	portainer-mcp-kubernetes	3003	Kubernetes management
portainer-stacks	portainer-mcp-stacks	3004	Stack deployment
portainer-edge	portainer-mcp-edge	3005	Edge computing
portainer-gitops	portainer-mcp-gitops	3006	GitOps automation

Environment Variables

All containers share the same environment variables:

# Required
PORTAINER_URL=https://your-portainer-instance.com
PORTAINER_API_KEY=your-api-key-here

# Optional
PORTAINER_INSECURE=false  # Set to true for self-signed certificates
HTTP_TIMEOUT=30
MAX_RETRIES=3

Docker Compose Configuration

The docker-compose.yml file defines all services with:

Individual port mappings
Shared environment variables
Automatic restart policies
Isolated network for inter-container communication

Production Deployment

For production environments, consider:

Use Docker Swarm or Kubernetes

# Deploy as stack in Swarm
docker stack deploy -c docker-compose.yml portainer-mcp

Enable health checks Add to each service in docker-compose.yml:

healthcheck:
  test: ["CMD", "curl", "-f", "http://localhost:3000/health"]
  interval: 30s
  timeout: 10s
  retries: 3

Use secrets for API keys

secrets:
  portainer_api_key:
    external: true

Configure resource limits

deploy:
  resources:
    limits:
      cpus: '0.5'
      memory: 256M

Troubleshooting

Container won't start

Check logs: docker-compose logs portainer-<service>
Verify environment variables in .env
Ensure Portainer URL is accessible from container

Connection errors

For self-signed certificates, set PORTAINER_INSECURE=true
Check network connectivity: docker exec portainer-mcp-core curl https://your-portainer-url

Permission errors

Verify API key has required permissions
Check Portainer RBAC settings

Security Considerations

Never commit .env file - It contains sensitive credentials
Use read-only mounts where possible
Run containers as non-root user (already configured)
Enable TLS for MCP connections in production
Regularly update base images and dependencies

Advanced Configuration

Custom Network

networks:
  portainer-mcp:
    driver: bridge
    ipam:
      config:
        - subnet: 172.20.0.0/16

Volume Mounts

For persistent logs or configuration:

volumes:
  - ./logs:/app/logs
  - ./config:/app/config:ro

Multi-stage Builds

The Dockerfiles use single-stage builds for simplicity. For smaller images:

FROM python:3.11-slim AS builder
# Build stage...

FROM python:3.11-slim
# Runtime stage...

Integration with Claude Desktop

When running in Docker, configure Claude Desktop to connect to the containerized servers:

{
  "mcpServers": {
    "portainer-core": {
      "url": "http://localhost:3000"
    },
    "portainer-docker": {
      "url": "http://localhost:3002"
    }
    // ... other servers
  }
}

Monitoring

Monitor container health and resource usage:

# View resource usage
docker stats

# Check container health
docker ps --format "table {{.Names}}\t{{.Status}}"

# Export metrics
docker-compose ps --format json

4.9 KiB Raw Blame History