Rebooting Enterprise AI with MCP and Kubernetes

Summary of Rebooting Enterprise AI with MCP and Kubernetes

by Practical AI LLC

48mMay 28, 2026
Listen to Episode

Overview of Rebooting Enterprise AI with MCP and Kubernetes

This episode of the Practical AI Podcast features Craig McLuckie, CEO of StackLock, discussing why Model Context Protocol (MCP) is becoming a critical layer for enterprise AI. The conversation focuses on how MCP helps organizations safely connect AI assistants and agents to real business systems, why Kubernetes-style platform thinking matters for scaling these integrations, and how StackLock’s open source project ToolHive helps operationalize MCP with security, governance, and control.

Key Themes and Takeaways

Why MCP matters

  • McLuckie compares MCP to a “selectively permeable membrane” between AI systems and enterprise software.
  • It gives LLMs a standardized way to discover and invoke tools without each integration being custom-built.
  • MCP helps bridge the gap between:
    • Natural language reasoning in models
    • Deterministic enterprise systems like calendars, CRMs, file systems, and cloud APIs

The enterprise AI stack is expanding

  • The practical AI stack is no longer just “an LLM in a chat app.”
  • Enterprises increasingly need:
    • An LLM gateway to manage model access, routing, and policy
    • An MCP gateway to expose and govern external tools and systems
    • A control plane to manage scale, access, and policy across users and teams
  • McLuckie argues that organizations should start with a vertically integrated system, then progressively separate and standardize the layers as needs grow.

Security, Identity, and Governance

Identity is the hard part

  • MCP initially works with existing OIDC-based identity, but enterprise use quickly raises deeper issues:
    • How to authenticate users and agents
    • How to authorize tool usage safely
    • How to exchange credentials without oversharing permissions
  • McLuckie emphasizes that organizations should avoid passing raw credentials directly and instead use token exchange and scoped access.

Authorization must be policy-driven

  • Because AI agents are stochastic and potentially autonomous, access controls need to be stronger than traditional deterministic workflows.
  • Best practice is to:
    • Apply standard user-based auth where appropriate
    • Layer in agent-specific policy
    • Use policy engines such as Cedar or Rego
  • The goal is to constrain tool calls and reduce risk, especially for high-impact systems like AWS, databases, and business applications.

What ToolHive Does

ToolHive as the “yellow brick road”

  • ToolHive is StackLock’s open source, Apache 2.0-licensed platform for running MCP securely.
  • McLuckie describes the project as the infrastructure needed to get from today’s fragmented reality to the “Emerald City” promised by model vendors.

Core capabilities

ToolHive combines several enterprise-ready components:

  • Secure runtime

    • Runs MCP servers inside containers
    • Supports hardened, scan-able OCI images
    • Can run locally or in Kubernetes

  • Registry

    • Helps users discover vetted, trusted MCP servers
    • Supports organizational policy and approval workflows

  • Gateway / proxy layer

    • Provides a single entry point for tool access
    • Enables observability, policy enforcement, and tool aggregation
    • Helps reduce tool sprawl and context-window pollution

  • Control plane

    • Manages servers at scale
    • Maps tools to user groups, projects, or roles
    • Supports deployment across growing environments

Why the Proxy Layer Matters

Visibility and debugging

  • A proxy gives teams a traceable path through multi-step workflows.
  • This makes it easier to debug issues like:
    • A calendar invite created in one system but not another
    • An agent failing partway through a compound business task

Context optimization

  • Without a proxy, every tool description can inflate the prompt/context window.
  • McLuckie notes that aggregating or distilling tools through a proxy can reduce token usage dramatically, sometimes by 80–90%.

Better behavior for smaller models

  • Smaller models often struggle with tool selection and tool invocation.
  • A proxy that exposes simplified, purpose-built actions can improve reliability and make agents more effective.

Kubernetes, Declarative Infrastructure, and Agents

Kubernetes is the right mental model

  • McLuckie sees strong parallels between Kubernetes and AI agent infrastructure:
    • Declarative desired state
    • Reconciliation loops
    • Control-plane-driven scaling
  • He believes AI systems will increasingly use Kubernetes-like patterns for packaging, deployment, and policy management.

The next step: stochastic reconciliation

  • Today’s reconcilers are mostly deterministic.
  • The future may include AI systems that monitor and reconcile infrastructure when conventional logic can’t handle the situation.
  • This is especially relevant as enterprises move from a few agents to hundreds or thousands.

Practical Observations from Real Teams

Agentic concurrency is already delivering gains

  • McLuckie says his team uses many agents concurrently, each with narrow roles and tightly controlled access.
  • He describes developers as “performance athletes” with telemetry and instrumentation around agent usage.
  • The result: significant productivity gains, including a reported 60% weekly throughput increase in engineering.

But the desktop should not be the control point

  • He strongly argues that the developer’s desktop cannot remain the central aggregation point for enterprise agent systems.
  • Instead, enterprises need a platform team to provide:
    • Hosting
    • Identity and access management
    • Governance
    • Secure tool exposure

Main Recommendations

  • Start by identifying the systems your AI agents actually need to access.
  • Use MCP to standardize and simplify those integrations.
  • Don’t expose raw APIs directly; instead, use:
    • Token exchange
    • Scoped permissions
    • Policy enforcement
  • Treat MCP servers like production infrastructure:
    • Containerize them
    • Scan them
    • Register and govern them centrally
  • Use a proxy/gateway to improve observability, reduce token overhead, and simplify tool management.
  • Expect AI infrastructure to become increasingly declarative and platform-managed, much like Kubernetes.

Closing Thought

The big message of the episode is that enterprise AI is moving from isolated chatbots to agentic systems that act on behalf of users. MCP is the key protocol helping make that shift usable and safe, while Kubernetes and platform engineering provide the operational foundation needed to scale it responsibly.