ATLAS — Plug in. Reach everything.

Enterprise context engine architecture — ATLAS is the control plane, not the data path. It provisions Kong and agentgateway, then gets out of the way.

Layer 1 — Consumers (who uses ATLAS)

AI assistants, developers, and services that discover and consume enterprise capabilities

🤖 AI Assistants

Agents that discover and call enterprise services

Cursor, Windsurf, Claude Code, ChatGPT
Connect to ATLAS via MCP protocol
Get: search, discovery, context, tool calls

Protocol: MCP Streamable HTTP

👤 Platform Engineers

ATLAS Web UI for registration + governance
REST API for automation
agentregistry UI for artifact management

Protocol: HTTPS / Browser

🔗 Other Services

Programmatic access to the catalog

CI/CD pipelines registering new services
GitOps reconcilers syncing YAML definitions
A2A agents finding + calling other agents

Protocol: REST API / A2A

▼MCP / REST / HTTPS▼

Layer 2 — ATLAS Control Plane (this product — what we build)

The brain: catalog, governance, search, context, registration — the "one-stop shop"

📋 ATLAS API :8080

FastAPI control plane — all business logic

Catalog CRUD — register / update / delete capabilities
Search — keyword (tsvector) + semantic (pgvector)
Governance — risk, classification, ownership, audit
Provisioning — on-demand provision to Kong / agentgateway
Context packs — task-specific capability bundles
Extension data — MCP server_url, API base_url, agent protocol
Auto-render — register once → gateway config auto-updates

Python 3.12 / FastAPI / Pydantic v2 / SQLAlchemy 2.x async

🌐 ATLAS Web :3000

Next.js UI for humans

/register — one-stop registration for any service type
/connect — wizard to get MCP config snippet
/catalog — browse all capabilities
/runtime — gateway dashboard (MCP/API/agent counts)
/governance — risk dashboard + policy simulator
/guide — how-to documentation

Next.js 15 / TypeScript / Tailwind

🔌 ATLAS MCP Server :8081

ATLAS-as-MCP — agents talk to this

search_context — find capabilities by intent
find_mcp — discover MCP servers
get_entry — full capability details
list_runbooks — operational procedures
register_mcp — register new MCP servers
whoami — caller identity

MCP Python SDK / Streamable HTTP

⚙️ ATLAS Worker

Background jobs

Embedding indexing for semantic search
MCP health probes
GitOps reconciler (sync YAML repos)

ARQ on Redis 7

▼On-demand provisioning via Admin APIs▼

Layer 3 — Runtime Data Plane (external gateways)

Traffic proxying and policy enforcement — ATLAS provisions these on-demand but never sits in the data path

🛡️ agentgateway :3000

MCP / A2A / LLM proxy

MCP proxy — routes MCP calls to servers
A2A proxy — agent-to-agent traffic
Cedar policy — per-call authorization
Config-driven — provisioned by ATLAS

Solo.io / Rust / Apache 2.0

🌐 Kong Gateway :8000 :8001

REST / GraphQL / gRPC proxy

API proxy — routes REST/GraphQL/gRPC traffic
Auth plugins — key-auth, JWT, OAuth, HMAC
Rate limiting — per-consumer, per-route
Prometheus — metrics per service/consumer
Kong Manager — OSS admin GUI on :8002

Kong Inc / NGINX+LuaJIT / Apache 2.0

⚡ Provisioning Engine

On-demand gateway configuration

Kong provisioner — creates routes/services via Admin API
agentgateway provisioner — writes config or K8s CRDs
Event-driven — fires on capability create/update/delete
No polling, no sidecars, no drift

Built into ATLAS API

📦 agentregistry :12121

AI artifact catalog — build/publish/deploy

Artifact registry — agents, MCP servers, skills, prompts
Build + package — scaffold, build Docker images
Deploy — to local Docker or Kubernetes
Governance — approval workflows, scoring, validation
Client configs — generate configs for Cursor/Claude/VSCode
Deployable as Docker Compose OR Kubernetes (Helm)

Go / PostgreSQL+pgvector / arctl CLI / Apache 2.0

▼Proxied traffic / Health probes▼

Layer 4 — Backend Services (what gets registered and proxied)

The actual enterprise services, APIs, MCP servers, agents, and tools that ATLAS catalogs and routes to

🔧 MCP Servers

AI tool providers

ServiceNow — create_incident, lookup_oncall
CMDB — get_application_owner
Knowledge Base — search_knowledge

Streamable HTTP / SSE

🌐 REST / GraphQL APIs

Traditional service endpoints

Order Management REST API
CMDB GraphQL endpoint
Certificate Expiration API

HTTP / OpenAPI / GraphQL

🤖 A2A Agents

Agent-to-agent services

Change Review Agent
Incident Summary Agent
Runbook Assistant

A2A Protocol / LLM-backed

▼Persistent storage▼

Layer 5 — Infrastructure

🗄️ PostgreSQL 16 :5432

Primary datastore

Capability catalog + extensions
pgvector for semantic search embeddings
tsvector + pg_trgm for keyword/fuzzy search
Runtime plans + rendered artifacts
Audit log

📮 Redis 7 :6379

Job queue + cache

ARQ background job broker
Worker result backend

🌐 nginx :80

Edge reverse proxy

/v1/* → ATLAS API
/mcp/* → ATLAS MCP Server
/gateway/* → agentgateway data plane
/gateway-admin/* → agentgateway admin
/* → ATLAS Web UI

Component Interaction Map

From → To	Protocol	What happens	Frequency
AI Assistant → ATLAS MCP	MCP/HTTP	Agent calls search_context, find_mcp, get_entry — discovers enterprise capabilities	Per user query
Browser → ATLAS Web	HTTPS	Human registers services, browses catalog, views governance dashboard	On demand
ATLAS Web → ATLAS API	REST	BFF proxy routes: form submissions, catalog queries, health probes	Per page load
ATLAS API → PostgreSQL	asyncpg	CRUD capabilities, search (tsvector + pgvector ANN), runtime plans, audit	Per request
ATLAS API → Redis	Redis	Enqueue background jobs (embedding indexing, health probes, GitOps sync)	On mutation
ATLAS API → auto_render	internal	On capability create/update: renders BOTH agentgateway YAML + Kong JSON plans	On mutation
ATLAS API → Kong Admin	REST	PUT /services, /routes, /plugins — provisions catalog entries to Kong on-demand	On capability create/update/delete
ATLAS API → agentgateway	file / K8s CRD	Writes config.yaml or creates AgentgatewayBackend CRDs	On capability create/update/delete
agentgateway → backends	MCP/A2A	Proxies MCP calls to registered servers, A2A traffic to agents	Per client call
Kong → backends	HTTP/gRPC	Proxies REST/GraphQL/gRPC traffic to registered APIs with auth + rate limiting	Per client call
agentregistry → registries	OCI/HTTP	Pulls/pushes AI artifacts from Docker Hub, GHCR, or private registries	On build/deploy
nginx → all services	HTTP	Routes external traffic to the correct internal service based on URL path	Per request

Role Comparison: ATLAS vs Kong vs agentgateway vs agentregistry

ATLAS (this product) — The enterprise control plane and marketplace. Owns the catalog, governance, search, context packs, and registration UX. Renders gateway configs for both Kong and agentgateway. ATLAS is the brain.

Kong Gateway (Kong Inc) — API gateway for REST, GraphQL, and gRPC traffic. Handles auth plugins (key-auth, JWT, OAuth), rate limiting, request transforms, and Prometheus metrics. Provisioned by ATLAS via Admin API. Kong is the API muscle.

agentgateway (Solo.io) — Runtime proxy for MCP, A2A, and LLM traffic. Routes calls to MCP servers and agents. Enforces Cedar policies per-call. Provisioned by ATLAS on-demand. agentgateway is the agent muscle.

agentregistry (Solo.io) — AI artifact lifecycle manager. Builds, packages, publishes, and deploys agents/MCP servers/skills/prompts. Governance workflows and client config generation. agentregistry is the supply chain.

Where they overlap: Both ATLAS and agentregistry provide catalogs and governance — but ATLAS focuses on enterprise service discovery and context (any service type, for any agent), while agentregistry focuses on artifact lifecycle (build → package → deploy, for AI artifacts specifically). They're complementary: agentregistry manages the build/deploy pipeline, ATLAS provides the runtime discovery + context + routing layer.

Integration opportunity: ATLAS could ingest from agentregistry's catalog (like a Backstage connector) — when a team publishes an MCP server via agentregistry, ATLAS auto-discovers it and adds it to the enterprise catalog with governance + search + routing. One build/publish flow, one discovery layer.