Files

Production reference — MCP Toolbox on GKE

These manifests are the reference architecture (not auto-applied by the demo). They show how the same Toolbox security model runs in production on GKE, with the hardening that local docker-compose can't demonstrate.

What's different from local compose

Concern Local (compose) GKE (these manifests)
Postgres kind: postgres + password kind: cloud-sql-postgres, no password (IAM)
DB auth role password in .env Workload Identity KSA→GSA, IAM DB users
Secrets .env file K8s Secret / Secret Manager (CSI / ESO)
tools.yaml bind-mounted file mounted from a Secret (toolbox-tools)
Network compose bridge NetworkPolicy (agent→Toolbox→DB only)
Telemetry --telemetry-otlp → collector --telemetry-gcp → Cloud Trace/Monitoring
Identity local Keycloak Google Sign-In (authService: kind: google)
Scaling single container HPA 210 replicas, pooled connections

The customer/admin tools, authenticated parameters, and least-privilege roles are identical — only the sources: block in tools.yaml changes (see deploy/k8s/tools.yaml, generated from toolbox/tools.yaml).

Prerequisites (one-time)

# 1. Workload Identity: bind the KSA to a GSA, grant Cloud SQL access
gcloud iam service-accounts add-iam-policy-binding \
  toolbox-gsa@PROJECT.iam.gserviceaccount.com \
  --role roles/iam.workloadIdentityUser \
  --member "serviceAccount:PROJECT.svc.id.goog[groceries/toolbox-sa]"
gcloud projects add-iam-policy-binding PROJECT \
  --member serviceAccount:toolbox-gsa@PROJECT.iam.gserviceaccount.com \
  --role roles/cloudsql.client

# 2. Create the IAM DB users on the instance and grant them the least-priv roles
#    from db/postgres/01_roles.sql (toolbox_app / toolbox_admin).

# 3. Mount tools.yaml + non-IAM secrets
kubectl create namespace groceries
kubectl -n groceries create secret generic toolbox-tools \
  --from-file=tools.yaml=deploy/k8s/tools.yaml
kubectl -n groceries apply -f deploy/k8s/toolbox-secret.example.yaml   # edit first!

Apply

kubectl apply -f deploy/k8s/namespace.yaml
kubectl apply -f deploy/k8s/serviceaccount.yaml
kubectl apply -f deploy/k8s/toolbox-deployment.yaml
kubectl apply -f deploy/k8s/toolbox-service.yaml
kubectl apply -f deploy/k8s/networkpolicy.yaml
kubectl apply -f deploy/k8s/hpa.yaml
kubectl apply -f deploy/k8s/agent-web.yaml

Replace PROJECT_ID / REGISTRY / groceries.example.com placeholders first.

No official Helm chart exists for Toolbox today — these are raw manifests. They are intentionally minimal; add your Ingress/Gateway + TLS, PodDisruptionBudgets, and Secret Manager CSI wiring per your platform standards.