The MCP Toolkit, in Docker Desktop, allows developers to configure and consume MCP servers from the Docker MCP Catalog.
Underneath, the Toolkit is powered by a docker CLI plugin: docker-mcp. This repository is the code of this CLI plugin. It can work in Docker Desktop or independently.
The main feature of this CLI is the Docker MCP Gateway which allows easy and secure running and deployment of MCP servers. See Features for a list of all the features.
The Model Context Protocol (MCP) is an open protocol that standardizes how AI applications connect to external data sources and tools. It provides a secure, controlled way for language models to access and interact with various services, databases, and APIs.
Developers face criticial barriers when integrating Model Context Protocol (MCP) tools into production workflows:
- Managing MCP server lifecycle Each local MCP sever in the catalog runs in an isolated Docker container. npx and uvx servers are granted minimal host privileges.
- Providing a unified interface AI models access MCP servers through a single Gateway.
- Handling authentication and security Keep secrets out of environment variables using Docker Desktop's secrets management.
- Supports dynamic tool discovery and configuration. Each MCP client (eg VS Code, Cursor, Claude Desktop, etc.) connects to the same Gateway configuration, ensuring consistency across different clients.
- Enables OAuth flows for MCPs that require OAuth access token service connections.
- π³ Container-based Servers: Run MCP servers as Docker containers with proper isolation.
- π§ Server Management: List, inspect, and call MCP tools, resources and prompts from multiple servers.
- π Secrets Management: Secure handling of API keys and credentials via Docker Desktop.
- π OAuth Integration: Built-in OAuth flows for service authentication.
- π Server Catalog: Manage and configure multiple MCP catalogs.
- π Dynamic Discovery: Automatic tool, prompt, and resource discovery from running servers.
- π Monitoring: Built-in logging and call tracing capabilities.
- Docker Desktop (with MCP Toolkit feature enabled)
The MCP cli will already be installed on recent versions of Docker Desktop but you can buildand install the latest version by following these steps:
# Clone the repository
git clone https://github.com/docker/mcp-gateway.git
cd docker-gateway
# Build and install the plugin
make docker-mcpAfter installation, the plugin will be available as:
docker mcp --helpManage the catalogs available to the MCP gateway. The default catalog is available with the name 'docker-mcp'.
# Manage server catalogs
docker mcp catalog --help
# Initialize the default Docker MCP Catalog
docker mcp catalog init
# List available catalogs
docker mcp catalog ls
# Show all servers in a catalog
docker mcp catalog show docker-mcpMore about the MCP Catalog.
Start up an MCP Gateway. This can be used for one client, or to service multiple clients if using either sse or streaming transports.
# Run the MCP gateway (stdio)
docker mcp gateway run
# Run the MCP gateway (streaming)
docker mcp gateway run --port 8080 --transport streamingMore about the MCP Gateway.
Enable and disable the set of MCP servers that will be available for default clients. The MCP gateway can be configured to expose different sets of servers and tools but enabling and disabling servers here impacts the default gateway configuration.
# List enabled servers
docker mcp server list
# Enable one or more servers
docker mcp server enable <server-name> [server-name...]
# Disable servers
docker mcp server disable <server-name> [server-name...]
# Get detailed information about a server
docker mcp server inspect <server-name>
# Reset (disable all servers)
docker mcp server resetConfigure any MCP servers that require custom runtime configuration.
# Read current configuration
docker mcp config read
# Write new configuration
docker mcp config write '<yaml-config>'
# Reset configuration to defaults
docker mcp config resetConfigure MCP servers that require either secrets or OAuth.
# Manage secrets
docker mcp secret --help
# Handle OAuth flows
docker mcp oauth --help
# Manage access policies
docker mcp policy --help
# export any desktop secrets needed by either server1 or server2
# (temporary requirement to export secrets for docker cloud runs - this command
# will no longer be required once Docker Cloud can access secret stores)
docker mcp secret export server1 server2# Show available commands
docker mcp --help
# Count available tools
docker mcp tools count
# List all available MCP tools
docker mcp tools list
# List all available MCP tools in JSON format
docker mcp tools list --format=json
# Inspect a specific tool
docker mcp tools inspect <tool-name>
# Call a tool with arguments
docker mcp tools call <tool-name> [arguments...]The MCP CLI uses several configuration files:
docker-mcp.yaml: Server catalog defining available MCP serversregistry.yaml: Registry of enabled serversconfig.yaml: Gateway configuration and options
Configuration files are typically stored in ~/.docker/mcp/. This is in this directory that Docker Desktop's
MCP Toolkit with store its configuration.
The Docker MCP CLI implements a gateway pattern:
AI Client β MCP Gateway β MCP Servers (Docker Containers)
- AI Client: Language model or AI application
- MCP Gateway: This CLI tool managing protocol translation and routing
- MCP Servers: Individual MCP servers running in Docker containers
See docs/message-flow.md for detailed message flow diagrams.
The build instructions are available in the contribution guide.
This project is licensed under the MIT License - see the LICENSE file for details.
- π¬ Troubleshooting
- π MCP Specification
- π³ Docker Desktop Documentation
- π Report Issues
- π¬ Discussions