Prerequisites
Install the required CLI tools and provision a Kubernetes cluster ready for BoltMCP.
Install Required Tools
On the workstation you're installing from, you'll need:
kubectl v1.28+to talk to your cluster · Install kubectl on macOShelm v3.12+to install the BoltMCP chart on your cluster · Install helm on macOS
kubectl v1.28+to talk to your cluster · Install kubectl on Linuxhelm v3.12+to install the BoltMCP chart on your cluster · Install helm on Linux
kubectl v1.28+to talk to your cluster · Install kubectl on Windowshelm v3.12+to install the BoltMCP chart on your cluster · Install helm on Windows
Verify your kubectl version satisfies v1.28+:
kubectl version --clientVerify your helm version satisfies v3.12+:
helm versionCloud Provider CLI (optional)
If you plan to provision a new cluster with the commands later on this page, you'll also need your cloud's CLI installed and authenticated:
| Cloud | CLI | Install | Log in |
|---|---|---|---|
| Google GKE | gcloud | Install the gcloud CLI | gcloud auth login |
| Amazon EKS | aws (+ eksctl) | Install aws · Install eksctl | aws configure |
| Azure AKS | az | Install the Azure CLI | az login |
If you're installing into a cluster that already exists and is reachable from kubectl, you can skip this section.
Cluster Requirements
BoltMCP runs on any conformant Kubernetes cluster (v1.28+). Pick the tier that matches your deployment:
| Tier | Nodes | Per-node spec | Suitable for |
|---|---|---|---|
| Evaluation | 1 | 2 vCPU, 8 GiB RAM | Trying BoltMCP, demos, throwaway dev clusters |
| Production (minimum) | 3 | 2 vCPU, 8 GiB RAM | Internal use, small teams, single-region |
| Production (recommended) | 3 | 4 vCPU, 16 GiB RAM | Customer-facing, room to scale replicas and run upgrades |
A few notes on how these numbers are derived:
- Why 3 nodes for production. Rolling upgrades and node failures both take a node out of service. With 3 nodes, losing one during an upgrade still leaves a healthy majority, and pods on the failed node can reschedule onto the survivors. A 2-node cluster offers no margin.
- Why the per-node floor matters. Each node loses ~1 vCPU and ~1.5 GiB to the kubelet, OS, and platform agents (CNI, DNS, logging, metrics) before any BoltMCP pod runs. Two small nodes are not equivalent to one larger node.
- Postgres. The bundled Postgres is suitable for evaluation and small production deployments. For higher-traffic or compliance-sensitive workloads, point BoltMCP at a managed Postgres (Cloud SQL, RDS, Azure Database for PostgreSQL) and disable the bundled instance.
- Keycloak. Defaults to a single replica. For HA, scale to ≥2 replicas with a shared cache and sticky sessions at the ingress.
- Ingress controller. Not required at
helm installtime — pods will start and run without one. You'll install an ingress controller and configure TLS afterwards to expose the services externally (see the Ingress & TLS page).
Create a Cluster
The cluster-creation commands below provision the evaluation tier (a single small node) and are intended for demos and exploration only. For production deployments, increase the node count and machine type to match an appropriate tier from the table above.
Make sure you're logged into the relevant CLI (gcloud auth login / aws configure / az login) before running these commands. Cluster creation typically takes 5–10 minutes for the evaluation tier — don't be alarmed if the command sits with no output for several minutes.
https://docs.cloud.google.com/sdk/docs/install-sdk
gcloud container clusters create boltmcp-cluster \
--zone europe-west2-a \
--num-nodes 1 \
--machine-type e2-standard-2Connect kubectl:
gcloud container clusters get-credentials boltmcp-cluster \
--zone europe-west2-akubectl needs the gke-gcloud-auth-plugin to authenticate against GKE. Install it as a gcloud component:
gcloud components install gke-gcloud-auth-pluginIf you installed gcloud via Homebrew on macOS, the plugin binary lands in /opt/homebrew/share/google-cloud-sdk/bin, which is not on PATH by default. Add it to your shell config (~/.zshrc or ~/.bashrc):
export PATH="/opt/homebrew/share/google-cloud-sdk/bin:$PATH"https://docs.aws.amazon.com/eks/latest/eksctl/installation.html
eksctl create cluster \
--name boltmcp-cluster \
--region eu-west-2 \
--nodes 1 \
--node-type t3.largeeksctl automatically configures your kubeconfig.
https://learn.microsoft.com/en-us/cli/azure/install-azure-cli
If this is the first time you're creating an AKS cluster in this subscription, register the Microsoft.ContainerService resource provider once (otherwise az aks create fails with MissingSubscriptionRegistration):
az provider register --namespace Microsoft.ContainerServiceRegistration runs in the background. Wait for it to report Registered before continuing:
az provider show -n Microsoft.ContainerService --query registrationState -o tsvCreate the resource group and cluster:
az group create --name boltmcp-rg --location westeurope
az aks create \
--resource-group boltmcp-rg \
--name boltmcp-cluster \
--node-count 1 \
--node-vm-size Standard_D2s_v3 \
--generate-ssh-keysConnect kubectl:
az aks get-credentials \
--resource-group boltmcp-rg \
--name boltmcp-clusterVerify Cluster Access
Confirm kubectl is pointing at the cluster you intend to install into:
kubectl config current-contextIf it's not the right one, list the available contexts and switch:
kubectl config get-contextskubectl config use-context <name>Finally, verify the cluster is ready:
kubectl get nodesAll nodes should show Ready status.