Terry-Form MCP

Overview Schema Related Servers Score Discussions

overview.html•11.3 KiB

<h1 id="architecture-overview">Architecture Overview</h1> <p>Terry-Form MCP is designed with security, scalability, and extensibility at its core. This document provides a comprehensive overview of the system architecture.</p> <h2 id="system-architecture">System Architecture</h2> <pre><code class="language-mermaid">graph TB subgraph "Client Layer" A[AI Assistant<br/>Claude/ChatGPT] B[Web Browser<br/>Dashboard] C[CLI Tools] D[CI/CD Systems] end subgraph "Terry-Form MCP Core" E[MCP Protocol Handler] F[Web API Server] G[Security Layer] H[Request Router] subgraph "Execution Engine" I[Terraform Executor] J[Command Validator] K[State Manager] end subgraph "Integration Layer" L[GitHub App Handler] M[Cloud Provider APIs] N[Terraform Cloud Client] end subgraph "Intelligence Layer" O[Module Analyzer] P[Security Scanner] Q[Best Practice Engine] end end subgraph "External Services" R[GitHub Repositories] S[Terraform Cloud] T[AWS/Azure/GCP] U[Container Registry] end A -->|MCP Protocol| E B -->|HTTP/WebSocket| F C -->|MCP Protocol| E D -->|API/MCP| E E --> G F --> G G --> H H --> I H --> L H --> O I --> J I --> K J --> I L --> R M --> T N --> S O --> P O --> Q style G fill:#ff9999 style J fill:#ff9999 </code></pre> <h2 id="core-components">Core Components</h2> <h3 id="1-protocol-layer">1. Protocol Layer</h3> <p>The protocol layer handles communication between clients and the Terry-Form server.</p> <pre><code class="language-mermaid">sequenceDiagram participant Client as AI Assistant participant MCP as MCP Handler participant Security as Security Layer participant Executor as Terraform Executor Client->>MCP: Tool Request MCP->>Security: Validate Request Security->>Security: Check Permissions Security->>Security: Sanitize Input Security-->>MCP: Validated Request MCP->>Executor: Execute Command Executor->>Executor: Run Terraform Executor-->>MCP: Result MCP-->>Client: Response </code></pre> <h3 id="2-security-architecture">2. Security Architecture</h3> <p>Security is implemented in multiple layers:</p> <pre><code class="language-mermaid">graph LR subgraph "Security Layers" A[Input Validation] B[Path Traversal Protection] C[Command Injection Prevention] D[Action Whitelisting] E[Resource Isolation] F[Audit Logging] end A --> B B --> C C --> D D --> E E --> F </code></pre> <p><strong>Key Security Features:</strong></p> <ul> <li><strong>Input Validation</strong>: All inputs are validated against strict schemas</li> <li><strong>Path Protection</strong>: Prevents access outside designated workspace</li> <li><strong>Command Safety</strong>: Uses <code class="language-plaintext highlighter-rouge">shell=False</code> and <code class="language-plaintext highlighter-rouge">shlex.quote()</code> for subprocess execution</li> <li><strong>Action Control</strong>: Whitelist of allowed Terraform actions</li> <li><strong>Isolation</strong>: Docker containers with limited capabilities</li> </ul> <h3 id="3-execution-engine">3. Execution Engine</h3> <p>The execution engine manages Terraform operations safely:</p> <pre><code class="language-mermaid">stateDiagram-v2 [*] --> Idle Idle --> Validating: Receive Request Validating --> Preparing: Valid Request Validating --> Error: Invalid Request Preparing --> Executing: Setup Complete Executing --> Processing: Command Running Processing --> Success: Command Success Processing --> Failed: Command Failed Success --> Idle: Return Result Failed --> Idle: Return Error Error --> Idle: Return Error </code></pre> <h3 id="4-data-flow">4. Data Flow</h3> <pre><code class="language-mermaid">graph TD subgraph "Request Flow" A[Client Request] --> B{Request Type} B -->|Terraform Op| C[Terraform Handler] B -->|GitHub Op| D[GitHub Handler] B -->|Cloud Op| E[Cloud Handler] C --> F[Validation] D --> F E --> F F --> G{Valid?} G -->|Yes| H[Execute] G -->|No| I[Reject] H --> J[Process Result] J --> K[Format Response] K --> L[Return to Client] I --> L end </code></pre> <h2 id="deployment-architecture">Deployment Architecture</h2> <h3 id="docker-deployment">Docker Deployment</h3> <pre><code class="language-mermaid">graph TB subgraph "Docker Container" A[Terry-Form MCP] B[Python Runtime] C[Terraform Binary] D[Security Tools] E[Git Client] end subgraph "Volume Mounts" F[/mnt/workspace] G[/app/config] H[/var/log] end subgraph "Network" I[Port 3000: MCP] J[Port 8001: Web] end A --> F A --> G A --> H A --> I A --> J </code></pre> <h3 id="kubernetes-architecture">Kubernetes Architecture</h3> <pre><code class="language-mermaid">graph TB subgraph "Kubernetes Cluster" subgraph "Terry-Form Namespace" A[Deployment] B[Service] C[ConfigMap] D[Secret] E[PVC] F[HPA] G[NetworkPolicy] end subgraph "Ingress" H[Ingress Controller] I[TLS Termination] end subgraph "Monitoring" J[Prometheus] K[Grafana] L[Loki] end end H --> B A --> E A --> C A --> D F --> A G --> A A --> J A --> L </code></pre> <h2 id="integration-architecture">Integration Architecture</h2> <h3 id="github-app-integration">GitHub App Integration</h3> <pre><code class="language-mermaid">sequenceDiagram participant User participant TerryForm as Terry-Form participant GitHub participant Workspace User->>TerryForm: Clone Repository TerryForm->>GitHub: Authenticate (JWT) GitHub-->>TerryForm: Installation Token TerryForm->>GitHub: Clone Repo GitHub-->>TerryForm: Repository Data TerryForm->>Workspace: Store Files TerryForm-->>User: Success </code></pre> <h3 id="multi-cloud-support">Multi-Cloud Support</h3> <pre><code class="language-mermaid">graph LR subgraph "Terry-Form MCP" A[Cloud Abstraction Layer] end subgraph "Cloud Providers" B[AWS Provider] C[Azure Provider] D[GCP Provider] E[Terraform Cloud] end A --> B A --> C A --> D A --> E B --> F[AWS APIs] C --> G[Azure APIs] D --> H[GCP APIs] E --> I[TFC APIs] </code></pre> <h2 id="scalability-considerations">Scalability Considerations</h2> <h3 id="horizontal-scaling">Horizontal Scaling</h3> <pre><code class="language-mermaid">graph TB subgraph "Load Balancer" A[HAProxy/Nginx] end subgraph "Terry-Form Instances" B[Instance 1] C[Instance 2] D[Instance 3] end subgraph "Shared Storage" E[State Storage] F[Workspace Storage] end subgraph "Cache Layer" G[Redis Cache] end A --> B A --> C A --> D B --> E B --> F B --> G C --> E C --> F C --> G D --> E D --> F D --> G </code></pre> <h3 id="performance-optimization">Performance Optimization</h3> <ul> <li><strong>Caching</strong>: Module analysis results cached</li> <li><strong>Connection Pooling</strong>: Reuse cloud provider connections</li> <li><strong>Async Operations</strong>: Non-blocking I/O for better concurrency</li> <li><strong>Resource Limits</strong>: CPU/Memory limits per operation</li> </ul> <h2 id="security-architecture-details">Security Architecture Details</h2> <h3 id="defense-in-depth">Defense in Depth</h3> <pre><code class="language-mermaid">graph TD subgraph "Layer 1: Network" A[TLS Encryption] B[Firewall Rules] C[DDoS Protection] end subgraph "Layer 2: Application" D[Authentication] E[Authorization] F[Input Validation] end subgraph "Layer 3: Execution" G[Sandboxing] H[Resource Limits] I[Audit Logging] end subgraph "Layer 4: Data" J[Encryption at Rest] K[Secret Management] L[Access Control] end A --> D B --> D C --> D D --> G E --> G F --> G G --> J H --> J I --> J </code></pre> <h2 id="monitoring-and-observability">Monitoring and Observability</h2> <h3 id="metrics-collection">Metrics Collection</h3> <pre><code class="language-mermaid">graph LR subgraph "Terry-Form MCP" A[Application Metrics] B[System Metrics] C[Custom Metrics] end subgraph "Collection" D[Prometheus Exporter] E[StatsD Client] end subgraph "Storage" F[Prometheus] G[InfluxDB] end subgraph "Visualization" H[Grafana] I[Custom Dashboards] end A --> D B --> D C --> E D --> F E --> G F --> H G --> H H --> I </code></pre> <h2 id="high-availability-setup">High Availability Setup</h2> <pre><code class="language-mermaid">graph TB subgraph "Region 1" A1[Terry-Form Primary] B1[Database Primary] C1[Cache Primary] end subgraph "Region 2" A2[Terry-Form Secondary] B2[Database Replica] C2[Cache Replica] end subgraph "Global" D[Global Load Balancer] E[Shared Object Storage] end D --> A1 D --> A2 A1 --> B1 A1 --> C1 A1 --> E A2 --> B2 A2 --> C2 A2 --> E B1 -.->|Replication| B2 C1 -.->|Replication| C2 </code></pre> <h2 id="development-architecture">Development Architecture</h2> <h3 id="local-development-setup">Local Development Setup</h3> <pre><code class="language-mermaid">graph TD subgraph "Developer Machine" A[IDE/Editor] B[Terry-Form Dev Server] C[Local Terraform] D[Docker Desktop] end subgraph "Test Environment" E[Test Workspace] F[Mock Cloud APIs] G[Test State Storage] end A --> B B --> C B --> E E --> F E --> G D --> B </code></pre> <h2 id="next-steps">Next Steps</h2> <ul> <li>Return to <a href="/terry-form-mcp/architecture/">Architecture Index</a> for overview</li> <li>Explore <a href="/terry-form-mcp/guides/security">Security Guide</a> for security best practices</li> </ul>

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/aj-geddes/terry-form-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

overview.html•11.3 KiB