By Gu Yi and Zheng Ji
In today's explosion of AI large model applications, Model Context Protocol (MCP) as a key protocol connecting AI large models and applications is rapidly gaining popularity. However, how to efficiently deploy and manage MCP services in an enterprise-level environment has become an important challenge for technical teams. This article will deeply analyze the five mainstream architectural patterns of MCP Server and provide practical guidelines for enterprise-level MCP deployment in conjunction with the Nacos service governance framework.
The MCP protocol provides a standardized interaction method for AI applications, but during its enterprise-level implementation, we face multiple challenges such as limited authentication and authorization, diverse deployment patterns, and technical debt risks. Currently, there are five architectural patterns for MCP Server, each with its advantages and disadvantages, suitable for different business scenarios.
This architecture is like calling an expert directly for consultation — the MCP Client connects directly to the remote MCP Server via SSE, maintaining an HTTP long connection throughout.
● Super simple! No middle layer, low deployment and maintenance costs.
● Good real-time performance, excellent streaming output experience.
● Centralized management, easy monitoring and maintenance.
● If the network lags, the experience collapses.
● All data must be sent to the cloud, raising concerns about sensitive information.
● Higher security risks, as server endpoints are directly exposed.
Suitable for whom? If you are developing SaaS applications, lightweight clients, or public cloud services with less stringent security requirements, this architecture is quite suitable.
This architecture is like having a translator in between to help you communicate — the MCP Client first connects to the Proxy Server, which then forwards to the Remote Server.
● Higher security, the proxy layer can provide various protections.
● Supports intelligent routing and load balancing, making traffic scheduling more flexible.
● Can aggregate multiple backend services into one interface.
● Architecture is more complex, leading to increased maintenance costs.
● An additional proxy layer may increase latency, resulting in a slightly worse experience.
● The proxy layer may become a new point of failure.
Suitable for whom? This architecture is powerful for multi-tenant environments, enterprise gateway integration, and scenarios that require calling multiple models.
This architecture is like having a personal assistant at home — the MCP Client directly connects to the local MCP Server via STDIO, allowing inter-process communication.
● Maximum data security! Sensitive data can be encrypted and authorized locally through the Local Server before being released.
● Nearly zero network latency, with rapid response speed.
● Can be used in a completely offline environment, not relying on the external network.
● Local computing resources need to be sufficiently strong; otherwise, too many servers may cause excessive load.
● Each environment requires separate deployment and maintenance, leading to high operational costs.
● Updating server services can be cumbersome, needing to update each individual environment.
Suitable for whom? Scenarios with high data security and privacy requirements, such as core financial systems, medical data analysis, and industrial on-site systems.
This architecture is like having a personal secretary coordinating with multiple local experts — the MCP Client first connects to the Local Proxy, which then connects to the Local Server.
● Service abstraction is well done, so the client doesn't need to worry about implementation details.
● Supports local multi-instance deployment and automatic fault tolerance.
● Can achieve resource isolation for different business lines or departments.
● The local environment gets more complicated, increasing maintenance difficulty.
● The local proxy requires additional computing resources.
● A multi-layer architecture makes it harder to locate and debug problems.
Suitable for whom? Large enterprise internal platforms, high availability requirements, and scenarios requiring unified management of local AI resources.
This architecture is like having a super assistant who can handle local affairs and help you connect with external experts — the MCP Client connects to the Local Proxy through STDIO, and the Local Proxy then connects to the Remote Server via SSE.
● The best choice for a hybrid cloud strategy, allowing easy switching between local and cloud resources.
● A smooth transition for enterprises migrating from local to cloud.
● Consistent client experience, without needing to worry about where the service is located.
● The architecture is the most complex, with the highest difficulty in maintenance and troubleshooting.
● Need to ensure consistency between local and cloud services.
● Performance is affected by network conditions, which may fluctuate.
Suitable for whom? Large enterprises implementing hybrid cloud strategies, businesses needing flexible scaling, and global enterprises deploying in multiple regions.
In enterprise-level MCP deployment, the automatic discovery and selection of MCP Server and its dynamic installation capabilities effectively address the scenarios encountered in various architectures. Before Nacos 3.0, the main focus was on service registration discovery and configuration management for distributed applications, providing three core capabilities:
1. Service Discovery and Registration: Supports automatic service registration and discovery, achieving dynamic scaling of services.
2. Configuration Management: Supports dynamic updates and pushes of configurations without needing to restart the application.
3. Service Governance: Provides governance capabilities such as service routing, load balancing, and traffic control.
These capabilities are highly aligned with the needs of MCP architecture, particularly in scenarios with multiple MCP servers. After the release of Nacos 3.0, it officially provides service discovery and registration and dynamic configuration capabilities tailored for MCP. The functional architecture diagram is as follows.
Nacos MCP Router (https://github.com/nacos-group/nacos-mcp-router) is a server based on the MCP protocol, deeply integrated with Nacos, providing three core functions:
1. MCP Server Search: Searches for suitable MCP servers based on task descriptions and keywords, focusing on solving the efficiency issues when too many MCP tools are available for large model selection.
2. MCP Server Addition: Supports adding MCP servers with both stdio and SSE protocols, paired with the management capabilities of Nacos Server to solve software supply chain security issues.
3. Tool Proxy Invocation: Proxies LLM's invocation of target MCP server tools, solving the flexible switching problem between Local Server and Remote Server through a local proxy.
Through these capabilities, we have built a mixed MCP Server architecture that achieves unified management of MCP services and intelligent routing, significantly simplifying and enhancing the performance of tool selection while reducing the complexity of enterprise-level MCP deployment.
Below, we present a practical case demonstrating how to use Nacos and Nacos MCP Router to build enterprise-level MCP services.
In a development environment with NodeJS, we can manually deploy Nacos MCP Router using the following command (though this step is not mandatory).
Then, add nacos-mcp-router in the MCP client configuration:
Now, we can use various MCP services through nacos-mcp-router (Note: the following steps are core methods when MCP Client interacts automatically with Nacos Router, not hard-coded implementations needed by developers during development):
The MCP community is rapidly developing, and many core functions in enterprise-level scenarios have not yet formed a unified standard. Based on current capabilities, when choosing a suitable MCP architecture for implementation in enterprises, we need to consider the following key factors:
1. Data Security and Privacy
2. Performance and Latency Requirements
3. Scalability Requirements
Based on these factors, possible choices across different industries may be as follows:
● Financial Industry: Architecture 4 (Local Proxy + Local Server) is most suitable, meeting strict data security requirements.
● Internet Industry: Architecture 2 (Proxy + Remote Server) supports rapid elastic scaling, suitable for high concurrency scenarios.
● Manufacturing: Architecture 5 (Hybrid Mode) balances the needs for local real-time control and cloud intelligent analysis.
● Government Departments: Architecture 3 (Direct Connection to Local Server) provides the highest level of data security and privacy protection.
MCP has currently become the default pipeline for connecting AI large models with existing business data. However, due to the current MCP protocol itself not considering the enterprise-level implementation situation much from the design standpoint, many enterprises remain in a wait-and-see state. For MCP to be fully implemented, a centralized registration center, controllable software supply chain, and secure access control are essential developments. In our solution, we primarily use Nacos as the future enterprise MCP registration center, manage MCP servers through Nacos Server, and achieve precise control over the software supply chain with Nacos Router, while ensuring secure access to MCP with Higress, providing our enterprise customers with a complete MCP solution.
Special thanks to Lingma-Agents for providing automation capabilities during the code review process for the implementation of Nacos Router.
Alibaba Cloud MSE Nacos (Nacos Commercial Version) has released the platinum version, supporting a smooth migration from Nacos 2.0 to 3.0, providing service discovery and registration, and dynamic configuration capabilities tailored for MCP scenarios, making it more user-friendly, stable, and secure compared to open-source versions.
OpenKruise v1.8 Unlocking Infinite Possibilities in Cloud-Native Application Management
Vercel AI Gateway vs Higress: Which one is more suitable for your AI application?
568 posts | 54 followers
FollowAlibaba Cloud Native Community - May 23, 2025
Alibaba Cloud Native Community - April 15, 2025
Alibaba Cloud Native Community - June 13, 2025
Alibaba Cloud Native Community - April 3, 2025
Alibaba Cloud Native Community - July 4, 2025
Alibaba Cloud Native Community - May 20, 2025
568 posts | 54 followers
Follow
Microservices Engine (MSE)
MSE provides a fully managed registration and configuration center, and gateway and microservices governance capabilities.
Learn More
AI Acceleration Solution
Accelerate AI-driven business and AI model training and inference with Alibaba Cloud GPU technology
Learn More
Tongyi Qianwen (Qwen)
Top-performance foundation models from Alibaba Cloud
Learn More
Offline Visual Intelligence Software Packages
Offline SDKs for visual production, such as image segmentation, video segmentation, and character recognition, based on deep learning technologies developed by Alibaba Cloud.
Learn MoreMore Posts by Alibaba Cloud Native Community
