deploying-vmcp-locally
Deploys a VirtualMCPServer configuration locally for manual testing and verification
Best use case
deploying-vmcp-locally is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Deploys a VirtualMCPServer configuration locally for manual testing and verification
Teams using deploying-vmcp-locally should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/deploying-vmcp-locally/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How deploying-vmcp-locally Compares
| Feature / Agent | deploying-vmcp-locally | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Deploys a VirtualMCPServer configuration locally for manual testing and verification
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Deploying vMCP Locally
This skill helps you deploy and test VirtualMCPServer configurations in a local Kind cluster for manual verification.
## Prerequisites
Before using this skill, ensure you have:
- [Kind](https://kind.sigs.k8s.io/) installed
- [kubectl](https://kubernetes.io/docs/tasks/tools/) installed
- [Task](https://taskfile.dev/installation/) installed
- [Helm](https://helm.sh/) installed
- A cloned copy of the toolhive repository
## Instructions
### 1. Set up the local cluster
If no Kind cluster exists, create one with the ToolHive operator:
```bash
# From the toolhive repository root
task kind-with-toolhive-operator
```
This creates a Kind cluster named `toolhive` with:
- Nginx ingress controller
- ToolHive CRDs installed
- ToolHive operator deployed
### 2. For development/testing with local changes
If you need to test local code changes:
```bash
# Set up cluster with e2e port mappings
task kind-setup-e2e
# Install CRDs
task operator-install-crds
# Build and deploy local operator image
task operator-deploy-local
```
### 3. Apply the VirtualMCPServer configuration
Apply the YAML configuration you want to test:
```bash
kubectl apply -f <path-to-vmcp-yaml> --kubeconfig kconfig.yaml
```
### 4. Verify deployment
Check the VirtualMCPServer status:
```bash
# List all VirtualMCPServers
kubectl get virtualmcpserver --kubeconfig kconfig.yaml
# Get detailed status
kubectl get virtualmcpserver <name> -o yaml --kubeconfig kconfig.yaml
# Check operator logs for issues
kubectl logs -n toolhive-system -l app.kubernetes.io/name=thv-operator --kubeconfig kconfig.yaml
```
### 5. Test the vMCP endpoint
For NodePort service type (useful for local testing):
```bash
# Get the NodePort
kubectl get svc vmcp-<name> -o jsonpath='{.spec.ports[0].nodePort}' --kubeconfig kconfig.yaml
# Test the endpoint (port will be on localhost when using kind-setup-e2e)
curl http://localhost:<nodeport>/mcp
```
For ClusterIP (default), use port-forward:
```bash
kubectl port-forward svc/vmcp-<name> 4483:4483 --kubeconfig kconfig.yaml
curl http://localhost:4483/mcp
```
### 6. Test MCP protocol
Use an MCP client to verify tool discovery and execution:
```bash
# Initialize MCP session
curl -X POST http://localhost:<port>/mcp \
-H "Content-Type: application/json" \
-d '{"jsonrpc": "2.0", "method": "initialize", "params": {"protocolVersion": "2024-11-05", "capabilities": {}, "clientInfo": {"name": "test", "version": "1.0"}}, "id": 1}'
# List tools
curl -X POST http://localhost:<port>/mcp \
-H "Content-Type: application/json" \
-d '{"jsonrpc": "2.0", "method": "tools/list", "id": 2}'
```
### 7. Clean up
When done testing:
```bash
# Remove specific resources
kubectl delete -f <path-to-vmcp-yaml> --kubeconfig kconfig.yaml
# Or destroy the entire cluster
task kind-destroy
```
## Example YAML files
Reference example configurations are in `examples/operator/virtual-mcps/`:
| File | Description |
|------|-------------|
| `vmcp_simple_discovered.yaml` | Basic discovered mode configuration |
| `vmcp_conflict_resolution.yaml` | Tool conflict handling strategies |
| `vmcp_inline_incoming_auth.yaml` | Inline authentication configuration |
| `vmcp_production_full.yaml` | Full production configuration |
| `composite_tool_simple.yaml` | Simple composite tool workflow |
| `composite_tool_complex.yaml` | Complex multi-step workflows |
| `composite_tool_with_elicitations.yaml` | Workflows with user prompts |
## Troubleshooting
### VirtualMCPServer stuck in Pending phase
Check that:
1. The MCPGroup exists and is Ready
2. All backend MCPServers in the group are Running
3. The operator has permissions to create the vMCP deployment
```bash
kubectl describe virtualmcpserver <name> --kubeconfig kconfig.yaml
kubectl get mcpgroup --kubeconfig kconfig.yaml
kubectl get mcpserver --kubeconfig kconfig.yaml
```
### Backend servers not discovered
Verify backend servers have the correct `groupRef`:
```bash
kubectl get mcpserver -o custom-columns=NAME:.metadata.name,GROUP:.spec.groupRef --kubeconfig kconfig.yaml
```
### Authentication issues
For testing, use anonymous auth:
```yaml
incomingAuth:
type: anonymous
authzConfig:
type: inline
inline:
policies:
- 'permit(principal, action, resource);'
```Related Skills
vmcp-review
Reviews vMCP code changes for known anti-patterns that make the codebase harder to understand or more brittle. Use when reviewing PRs, planning features, or refactoring vMCP code.
split-pr
Analyzes current changes and suggests how to split them into smaller, reviewable PRs
deploy-otel
Deploy the OpenTelemetry observability stack (Prometheus, Grafana, OTEL Collector) to a Kind cluster for testing toolhive telemetry. Use when you need to set up monitoring, metrics collection, or observability infrastructure.
check-contribution
Validates operator chart contribution practices (helm template, ct lint, docs generation, version bump) before committing changes.
code-review-assist
Augments human code review by summarizing changes, surfacing key review questions, assessing test coverage, and identifying low-risk sections. Use when reviewing a diff, PR, or code snippet as a senior review partner.
toolhive-release
Creates ToolHive release PRs by analyzing commits since the last release, categorizing changes, recommending semantic version bump type (major/minor/patch), and triggering the release workflow. Use when cutting a release, preparing a new version, checking what changed since last release, or when the user mentions "release", "version bump", or "cut a release".
toolhive-cli-user
Guide for using ToolHive CLI (thv) to run and manage MCP servers and skills. Use when running, listing, stopping, building, or configuring MCP servers locally. Covers server lifecycle, registry browsing, secrets management, client registration, groups, container builds, exports, permissions, network isolation, authentication, and skill management (install, uninstall, list, info, build, push, validate). NOT for Kubernetes operator usage or ToolHive development/contributing.
add-rule
Captures a team convention or best practice and adds it to the appropriate .claude/rules/ or .claude/agents/ file
doc-review
Reviews documentation for factual accuracy
pr-review
Submit inline review comments to GitHub PRs and reply to/resolve review threads using the GitHub CLI and GraphQL API.
deploying-tailscale-for-zero-trust-vpn
Deploy and configure Tailscale as a WireGuard-based zero trust mesh VPN with identity-aware access controls, ACLs, and exit nodes for secure peer-to-peer connectivity.
deploying-software-defined-perimeter
Deploy a Software-Defined Perimeter using the CSA v2.0 specification with Single Packet Authorization, mutual TLS, and SDP controller/gateway configuration to enforce zero trust network access.