Clinical Terminology MCP

Deploy to GCP Cloud Run

Deploy Clinical Terminology MCP servers to Google Cloud Run.

Deploy MCP servers to Google Cloud Run for fully managed serverless containers.

Prerequisites

  • Google Cloud CLI (gcloud) installed and configured
  • Docker installed locally
  • GCP project with billing enabled

Set Up Project

# Set project
export PROJECT_ID=your-project-id
gcloud config set project $PROJECT_ID

# Enable required APIs
gcloud services enable \
  run.googleapis.com \
  artifactregistry.googleapis.com \
  secretmanager.googleapis.com

Create Artifact Registry Repository

gcloud artifacts repositories create clinical-terminology-mcp \
  --repository-format=docker \
  --location=us-central1 \
  --description="Clinical Terminology MCP server images"

# Configure Docker authentication
gcloud auth configure-docker us-central1-docker.pkg.dev

Build and Push Image

# Build image
docker build -t snomed-mcp -f snomed-mcp/Dockerfile .

# Tag for Artifact Registry
docker tag snomed-mcp \
  us-central1-docker.pkg.dev/$PROJECT_ID/clinical-terminology-mcp/snomed-mcp:latest

# Push
docker push \
  us-central1-docker.pkg.dev/$PROJECT_ID/clinical-terminology-mcp/snomed-mcp:latest

Alternatively, use Cloud Build:

gcloud builds submit \
  --tag us-central1-docker.pkg.dev/$PROJECT_ID/clinical-terminology-mcp/snomed-mcp:latest \
  --file snomed-mcp/Dockerfile \
  .

Store Secrets

For servers requiring credentials:

# ICD-11 credentials
echo -n "your-client-id" | gcloud secrets create icd11-client-id --data-file=-
echo -n "your-client-secret" | gcloud secrets create icd11-client-secret --data-file=-

# UMLS API key
echo -n "your-api-key" | gcloud secrets create umls-api-key --data-file=-

# LOINC credentials
echo -n "your-username" | gcloud secrets create loinc-username --data-file=-
echo -n "your-password" | gcloud secrets create loinc-password --data-file=-

Create Service Account

# Create service account
gcloud iam service-accounts create mcp-server \
  --display-name="MCP Server Service Account"

# Grant Secret Manager access
gcloud projects add-iam-policy-binding $PROJECT_ID \
  --member="serviceAccount:mcp-server@$PROJECT_ID.iam.gserviceaccount.com" \
  --role="roles/secretmanager.secretAccessor"

Deploy to Cloud Run

Basic Server (no secrets)

gcloud run deploy snomed-mcp \
  --image us-central1-docker.pkg.dev/$PROJECT_ID/clinical-terminology-mcp/snomed-mcp:latest \
  --platform managed \
  --region us-central1 \
  --port 8080 \
  --cpu 1 \
  --memory 512Mi \
  --min-instances 0 \
  --max-instances 10 \
  --set-env-vars "MCP_TRANSPORT=http,MCP_HTTP_ADDR=:8080,MCP_LOG_FORMAT=json,MCP_METRICS_ENABLED=true" \
  --allow-unauthenticated

Server with Secrets (e.g., ICD-11)

gcloud run deploy icd11-mcp \
  --image us-central1-docker.pkg.dev/$PROJECT_ID/clinical-terminology-mcp/icd11-mcp:latest \
  --platform managed \
  --region us-central1 \
  --port 8080 \
  --cpu 1 \
  --memory 512Mi \
  --min-instances 0 \
  --max-instances 10 \
  --service-account mcp-server@$PROJECT_ID.iam.gserviceaccount.com \
  --set-env-vars "MCP_TRANSPORT=http,MCP_HTTP_ADDR=:8080,MCP_LOG_FORMAT=json" \
  --set-secrets "ICD11_CLIENT_ID=icd11-client-id:latest,ICD11_CLIENT_SECRET=icd11-client-secret:latest" \
  --allow-unauthenticated

Configure Health Checks

Cloud Run automatically uses the container’s health check. The MCP servers expose:

  • /health/live - Liveness probe
  • /health/ready - Readiness probe

Cloud Run uses startup and liveness probes automatically.

Custom Domain (Optional)

# Map custom domain
gcloud run domain-mappings create \
  --service snomed-mcp \
  --domain mcp.yourdomain.com \
  --region us-central1

# View DNS records to configure
gcloud run domain-mappings describe \
  --domain mcp.yourdomain.com \
  --region us-central1

Verify Deployment

# Get service URL
SERVICE_URL=$(gcloud run services describe snomed-mcp \
  --region us-central1 \
  --format 'value(status.url)')

# Test health
curl $SERVICE_URL/health

# Test MCP endpoint
curl -X POST $SERVICE_URL/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","method":"initialize","params":{},"id":1}'

Deploy All Servers

Script to deploy all servers:

#!/bin/bash
SERVERS="snomed-mcp rxnorm-mcp icd10-mcp ucum-mcp"
SERVERS_WITH_SECRETS="icd11-mcp loinc-mcp umls-mcp"

for server in $SERVERS; do
  gcloud run deploy $server \
    --image us-central1-docker.pkg.dev/$PROJECT_ID/clinical-terminology-mcp/$server:latest \
    --platform managed \
    --region us-central1 \
    --port 8080 \
    --set-env-vars "MCP_TRANSPORT=http,MCP_HTTP_ADDR=:8080,MCP_LOG_FORMAT=json,MCP_METRICS_ENABLED=true" \
    --allow-unauthenticated
done

Monitoring

Cloud Run integrates with Cloud Monitoring. View metrics in the GCP Console:

  • Request count and latency
  • Container instance count
  • CPU and memory utilization

For Prometheus metrics, configure a Cloud Monitoring scrape job or use the managed Prometheus service.

Cost Optimization

  • Set --min-instances 0 to scale to zero when idle
  • Use --cpu-throttling to reduce costs during idle periods
  • Consider regional deployments to reduce latency and costs