.png)
2 days ago
3
|
ToolHive (thv) is a lightweight utility designed to simplify the deployment and management of MCP (Model Context Protocol) servers, ensuring ease of use, consistency, and security.
- Why ToolHive?
- Getting started
- Client compatibility
- Architecture overview
- Usage examples
- Advanced usage
- API Documentation
- Contributing to ToolHive
- License
Deploying MCP servers often involves complex, multi-step processes that can introduce friction, such as running potentially unsafe commands (e.g., uv or npx), manually managing security credentials (e.g., storing API tokens in plaintext), and dealing with inconsistent packaging methods.
ToolHive aims to solve these challenges by running containers in a consistent and locked-down environment, granting only the minimal permissions required to run. This significantly reduces the attack surface, improves usability, and enforces best practices for container security.
ToolHive simplifies MCP deployment by focusing on three key areas:
-
Ease of use: Instantly deploy MCP servers using Docker containers. Start MCP servers with a single, straightforward command without the need to install and manage different versions of Python, Node.js, or other build tools.
-
Enhanced security: Secure by default. ToolHive securely manages secrets and configurations, greatly reducing the risk of leaks. Avoid plaintext secrets in configuration files.
-
Standardized packaging: Leverage OCI container standards to provide a repeatable, standardized packaging method for MCP servers, ensuring compatibility and reliability.
-
Curated MCP registry: ToolHive provides a curated registry of MCPs with verified configurations, allowing you to discover and deploy MCP servers effortlessly. Simply select one from the list and run it securely with a single command.
-
Enterprise-ready authorization: Robust authorization controls designed for enterprise environments, securely managing tool access and integrating seamlessly with existing infrastructure (e.g., Kubernetes).
-
Seamless integration: Automatic configuration of popular development tools like GitHub Copilot, Cursor, and more to streamline your workflow.
ToolHive currently works on macOS and Linux using Docker or Podman.
For client auto-discovery/configuration, a supported client:
- VS Code (v1.99.0 or newer) with an active GitHub Copilot subscription
- Cursor
- Roo Code (VS Code extension)
ToolHive is a CLI tool written in Go and packaged as a single binary. You can install it using one of the following methods:
Download the latest cross-platform release binaries from toolhive/releases.
Install on macOS using Homebrew:
To build ToolHive from source, clone this repository and build the CLI using Go:
Or using Task:
Note: This example enables auto-discovery to automatically find supported client(s) and update their configuration. Skip this step if you prefer to manually configure your client, or run thv config register-client --help to learn how to explicitly register a client.
Your client should now be able to use the fetch MCP tool to fetch website content.
ToolHive has been tested with the following clients:
| Copilot (VS Code) | ✅ | v1.99.0+ or Insiders version |
| Cursor | ✅ | |
| Roo Code | ✅ | |
| PydanticAI | ✅ | |
| Claude Code | ✅ | |
| Continue | ❌ | Continue doesn't yet support SSE |
| Claude Desktop | ❌ | Claude Desktop doesn't yet support SSE |
Other clients and development libraries that support the SSE protocol can also be used with ToolHive.
Automatic configuration is supported for Copilot, Cursor, and Roo Code. For other clients, manual configuration of the MCP server URL is required.
ToolHive exposes an SSE proxy to forward requests to MCP servers running in containers. The proxy communicates with MCP servers via standard input/output (stdio) or server-sent events (SSE).
Common usage scenarios are detailed below. To view all available commands and options, see the ToolHive CLI reference or run thv --help.
ToolHive can automatically configure supported clients to use the MCP servers you run. To take advantage of this feature, clients must be registered before you run an MCP server.
To enable automatic discovery and configuration of supported clients, run:
Or, you can register clients manually:
First, find the MCP server you want to run. You can list or search available MCP servers in the built-in registry using:
To view detailed information about a specific MCP server including its available tools, configuration options, and other metadata, use:
Once you find the MCP server you want to run, start it using the thv run command:
The registry already contains all the parameters needed to run the server, so you don't need to specify any additional arguments. ToolHive will automatically pull the image and start the server.
We're always looking to expand our MCP server registry. If you have a specific server you'd like to see included, feel free to open an issue or submit a pull request to update the registry.json file.
To list the running MCP servers:
This displays all active MCP servers managed by ToolHive, along with their current status. To include stopped servers, add the --all flag.
To stop and/or remove a server:
Many MCP servers require API tokens or other secrets for authentication. ToolHive provides a secure way to manage these secrets without exposing them in plaintext configuration files.
ToolHive offers integration with multiple secret providers:
- encrypted
- 1password
This example enables ToolHive's encrypted secrets store, creates a secret for a GitHub authentication token, and runs the GitHub MCP server with the token:
ToolHive stores the encryption password in your operating system's keyring service.
For more details on managing secrets, see the thv secret command reference or run thv secret --help.
This example enables ToolHive's 1Password integration for retrieving secrets.
To enable the 1password provider:
To allow ToolHive to retrieve secrets from your 1Password make sure you setup a Service Account and set the OP_SERVICE_ACCOUNT_TOKEN variable before running any ToolHive commands that use it.
When you are referencing a secret make sure to follow the secret reference required by 1Password
Note: Only getting of secrets is supported with 1Password currently. If there is a demand to support setting of secrets in future, we will look into adding this capability.
For more details on managing secrets, see the thv secret command reference or run thv secret --help.
If you want to run a custom MCP server that is not in the registry, you can do so by specifying the image name and any additional arguments. For example:
This command closely resembles docker run but focuses on security and simplicity. When invoked:
-
ToolHive creates a container from the specified image (my-mcp-server-image:latest).
-
It configures the container to listen on the chosen port (8080).
-
Labels the container so it can be tracked by ToolHive:
toolhive: true toolhive-name: my-mcp-server -
Sets up the specified transport method (--transport stdio or --transport sse):
- Standard I/O (stdio), default:
ToolHive redirects SSE traffic from the client to the container's standard input and output. This acts as a secure proxy, ensuring that the container does not have direct access to the network or the host machine. - Server-sent events (SSE) (sse):
ToolHive creates a reverse proxy on a random port that forwards requests to the container. This means the container itself does not directly expose any ports.
- Standard I/O (stdio), default:
ToolHive supports running MCP servers directly from package managers using protocol schemes. This allows you to run MCP servers without having to build and publish Docker images first.
Currently, three protocol schemes are supported:
- uvx://: For Python-based MCP servers using the uv package manager
- npx://: For Node.js-based MCP servers using npm
- go://: For Go-based MCP servers using the Go toolchain
For example, to run a Python-based MCP server:
Or to run a Node.js-based MCP server:
Or to run a Go-based MCP server:
When you use a protocol scheme, ToolHive will:
- Detect the protocol scheme and extract the package name
- Generate a Dockerfile based on the appropriate template
- Build a Docker image with the package installed
- Run the MCP server using the built image
Note that in this case, you still might need to specify additional arguments like the transport method, volumes, and environment variables. So, the command might look like:
Read the documentation for the specific MCP server to see if it requires any additional arguments.
Containers launched by ToolHive come with a minimal set of permissions, strictly limited to what is required. Permissions can be further customized via a JSON-based permission profile provided with the --permission-profile flag.
An example permission profile file could be:
This profile lets the container read and write to the /var/run/mcp.sock Unix socket and also make outbound network requests to localhost and google.com on ports 80 and 443.
Two built-in profiles are included for convenience:
- none: Grants minimal permissions with no network access.
- network: Permits outbound network connections to any host on any port (not recommended for production use).
ToolHive can also be used to deploy MCP servers in a Kubernetes cluster via our new Operator. This functionality is still under active development for production use cases, but we invite you to try it out locally using a Kind cluster.
Check out the Run ToolHive Operator in Kubernetes using kind guide to get started.
Deploy MCP Servers in Kubernetes with ToolHive Operator
Full OpenAPI 3.1.0 REST API generation and documentation is available in the docs/server directory.
We welcome contributions to ToolHive! If you'd like to contribute, please review the CONTRIBUTING guide for details on how to get started.
If you run into a bug or have a feature request, please open an issue in the repository or join us in the #toolhive-developers channel on our community Discord server.
This project is licensed under the Apache 2.0 License. See the LICENSE file for details.
