Cloud MCP Infrastructure

Overview

A cloud-native distributed system for executing MCP servers and Claude Code agents in isolated k3s containers. The platform provides a unified control point for managing durable MCP configurations and agent workflows across any device, with secure isolated execution environments.

Architecture

Core Components

• NextJS Control Interface: Web-based unified control point for task management and configuration
• k3s Container Orchestration: Isolated execution environments for individual agents and MCP servers
• tRPC API Layer: Type-safe communication between frontend and backend systems
• Agent-to-Agent Communication (A2A): Mesh network architecture for distributed agent collaboration

Technology Stack

• Frontend: NextJS with tRPC integration
• Container Platform: k3s (lightweight Kubernetes distribution)
• API Communication: tRPC for type-safe client-server communication
• Agent Runtime: Claude Code in isolated containers
• Configuration Storage: Durable MCP server configurations

Key Features

Unified Task Management

• Fire off tasks with Claude Code from any device
• Unified control point accessible across platforms
• Durable workflow configurations that persist across sessions
• Integration with existing LLM subscriptions

Isolated Execution

• k3s jobs provide secure, isolated environments for each agent
• Tightly controlled execution environment for security
• Async agent execution without local resource constraints
• Container-based isolation prevents interference between tasks

Remote MCP Authentication

PAT-Based Authentication: Currently supports Personal Access Token authentication for remote MCP servers: - GitHub MCP integration working with PAT authentication - Direct deployment of remote MCPs in private Railway networks - Unauthenticated HTTP MCP access within secure network boundaries

OAuth Challenge: OAuth-only MCP servers present implementation complexity: - Refresh token management required for long-term access - OAuth flow integration remains an open technical question - Planned for future implementation based on real-world needs

Durable Workflows

• Reusable system prompts and configurations
• Example: "Create GitHub issue and assign to Copilot" as durable workflow
• Custom prompts specify task and repository execution targets
• Elimination of overhead from traditional CI/CD services

Technical Implementation

Container Orchestration

k3s Jobs: Each agent execution runs in isolated k3s containers, providing: - Resource isolation and security boundaries - Scalable execution across distributed infrastructure - Consistent runtime environments for reproducible results - Clean separation between different agent workloads

API Architecture

tRPC Integration: Strong type safety and Claude Code compatibility: - Seamless integration with NextJS frontend - Type-safe client-server communication - Excellent developer experience with Claude Code - Real-time communication between control interface and execution environments

Agent Communication

Mesh Network Design: Distributed agent collaboration capabilities: - Agent-to-agent communication protocols - Coordinated multi-agent workflows - Shared context and resource management - Distributed task execution and result aggregation

Current Status

Working Implementation

As of September 29, 2025, the platform has achieved full end-to-end functionality:

• Configuration Management: NextJS app successfully configures MCP servers and agents
• Container Execution: k3s pods receive configurations and execute agent workflows
• Complete Workflow: Full pipeline from web interface to isolated execution complete
• Demo Available: End-to-end demonstration showing working system

Development Focus

Personal Project Phase: Currently in active development during personal time: - Exploring cloud-native agent execution patterns - Validating secure async Claude Code deployment - Building proof-of-concept for distributed MCP architectures - Testing scalability and isolation guarantees

Session Management Philosophy

Artifact-Centric Design: The platform prioritizes durable artifacts over ephemeral chat sessions: - Focus on final output artifacts (source code, documentation, configurations) - No session persistence or message history maintenance - Agents designed for fully async, batch-oriented execution - System prompts and input prompts are adjustable per execution

Coding Agent Pattern: Follows established patterns from coding automation: - Important context resides in the generated artifacts - Intermediate sessions become obsolete after artifact creation - Eliminates complexity of long-term session management - Enables stateless, reproducible agent execution

Alternative Platforms: Development team recognizes Daytona as a simpler alternative, though k3s provides valuable learning opportunities for cloud-native architectures and custom orchestration patterns.

Security Model

Secure Claude Code Series Integration

The platform serves as a proof-of-concept for "Secure Claude Code" principles:

• Controlled Execution Environment: k3s containers provide security boundaries
• Async Agent Security: Secure execution without local system access
• Isolation Guarantees: Each agent runs in separate container with limited access
• Resource Control: Managed resource allocation and monitoring

Access Controls

• MCP server configurations stored securely
• Agent permissions managed through container policies
• Network isolation between agent executions
• Audit trails for all agent activities

Use Cases

Development Workflows

• Automated code review and testing in isolated environments
• Multi-repository operations across distributed teams
• CI/CD pipeline alternatives with LLM integration
• Development task automation without vendor lock-in

Content and Automation

• Content creation workflows with durable templates
• Social media and marketing automation
• Document processing and generation
• Research and analysis tasks

Enterprise Applications

• Secure agent execution for sensitive workloads
• Distributed team collaboration through agent mesh
• Compliance-friendly AI automation
• Integration with existing enterprise LLM subscriptions

Innovation Areas

Cost Optimization

• Leverage existing LLM subscriptions instead of per-seat SaaS pricing
• Container-based scaling reduces infrastructure costs
• Eliminate overhead from traditional automation platforms

Voice Integration Potential

Future Enhancement: Integration with OpenAI's realtime API for voice-activated task management: - Phone-based task triggering and status reports - Voice interface for workflow configuration - Hands-free agent management during commutes or walks - Natural language workflow creation

Workflow Automation

• Template-based agent configurations
• Reusable workflow patterns
• Community-shared automation templates
• Visual workflow builder interface

Related Projects

• Modular MCP Client: Local agent management and plugin architecture
• Claude Code Corporate Security: Security patterns for enterprise deployment
• Wiki Infrastructure: Discord bot and automation concepts

Development Timeline

• September 2025: Core platform architecture established
• Current Focus: End-to-end workflow validation and security model refinement
• Next Phase: Agent mesh communication and workflow templates
• Future: Voice integration and enterprise deployment patterns

The cloud MCP infrastructure represents a significant evolution from local development tools toward distributed, cloud-native agent execution platforms, enabling secure and scalable AI automation workflows.