feat: Implement k8s-service runtime for long-running servers #6
Description
Summary
Implement Kubernetes Service runtime to connect to MCP servers deployed as long-running K8s Services, ideal for shared, always-available tools.
Parent Epic
Part of #1 - Production Kubernetes & Container Support
Use Cases
- Connecting to existing MCP servers deployed in the cluster
- Shared tools across multiple gateway instances
- Long-running services with high availability
- Database connections, monitoring, external APIs
RuntimeConfig Addition
pub enum RuntimeConfig {
// ... existing variants
KubernetesService {
namespace: String,
service_name: String,
port: u16,
protocol: TransportProtocol, // SSE or Stdio-over-HTTP
path: Option<String>,
tls: Option<TlsConfig>,
},
}Catalog Example
servers:
- id: shared-postgres
runtime:
type: k8s-service
namespace: mcp-servers
service_name: postgres-mcp
port: 8080
protocol: sse
path: /mcp
- id: internal-api
runtime:
type: k8s-service
namespace: platform
service_name: internal-api-mcp
port: 443
protocol: sse
tls:
ca_cert: /var/run/secrets/ca.crtImplementation Details
Service Discovery
- Resolve service DNS:
{service_name}.{namespace}.svc.cluster.local - Connect via cluster networking
- Establish SSE or HTTP connection
- Health check via K8s endpoints API
Health Monitoring
- Watch Endpoints for service health
- Automatic reconnection on pod restarts
- Circuit breaker for failing services
Features Required
- Service DNS resolution within cluster
- SSE transport over HTTP/HTTPS
- TLS certificate configuration
- Health check integration
- Connection pooling
- Automatic reconnection
Acceptance Criteria
- Can define server with
type: k8s-servicein catalog - Connects to service within the cluster
- Works with ClusterIP services
- TLS/mTLS support
- Handles service endpoint changes gracefully
- Health status reflects service availability
Dependencies
- Depends on feat: Implement k8s-job runtime for ephemeral workloads #5 (kube-rs client integration)
- Requires RBAC: services/get, endpoints/watch