The MCP server registry hit 10,000+ integrations, but most teams are running these servers on laptops. This episode breaks down the production architecture that Google, Red Hat, and AWS are converging on: remote MCP servers deployed on Kubernetes. We cover three deployment patterns (local stdio, remote HTTP/SSE, and managed), the critical difference between wrapper-based and native API implementations, and a defense-in-depth security model using dedicated ServiceAccounts, time-bound tokens, RBAC, and audit logging.
In this episode:
- Remote MCP is production MCP—local stdio mode is for experimentation only; team-scale access requires HTTP/SSE mode
- Native API implementations (like Red Hat's Go-based server) outperform wrapper-based kubectl subprocess approaches
- Defense-in-depth security: dedicated ServiceAccounts, TokenRequest API for 2-hour tokens, RBAC, --read-only mode, audit logging
- Google's managed MCP covers GKE, BigQuery, GCE; self-host for internal tools and custom workflows
- Q1: experiment with read-only MCP in dev cluster; Q2: adopt with proper governance; Q3: scale to production
Perfect for platform engineers, sres, devops engineers with 5+ years experience evaluating mcp/ai infrastructure looking to level up their platform engineering skills.
New episodes every week. Subscribe wherever you listen to stay current on platform engineering.
Episode URL: https://platformengineeringplaybook.com/podcasts/00081-remote-mcp-architecture-kubernetes
Duration: 27 minutes
Host: Alex and Jordan
Category: Technology
Subcategory: Software How-To
Keywords: tool, episode, Kubernetes, kubernetes, production, remote, running, servers, architecture
