How Nacos 3.0 Redefines Cloud‑Native Service Discovery for the AI Era

Nacos 2.0 Architecture

Nacos 2.0 switched the communication model from HTTP to gRPC, introduced long‑lived connections and simplified data structures, achieving roughly a ten‑fold increase in throughput. It also added a plugin system that allows developers to create custom plugins for personalized functionality.

Key Limitations in Nacos 2.0

All HTTP APIs share a single port (8848) and a unified authentication switch, which creates security trade‑offs and makes network access control inflexible.

The default namespace is handled inconsistently between the registration and configuration centers, leading to configuration errors and extra adaptation work for plugins.

Nacos 3.0 Architecture

The core of Nacos 3.0 remains a set of common modules (consistency protocol, communication, etc.) that host the registration center, configuration center, AI Registry and protocol extensions. Plugins and extensions are placed on the sides of the architecture.

AI Registry Design

The AI Registry is organized into three layers:

Model Layer : Manages dynamic parameters of large language models (e.g., prompts, learning rates) using the same dynamic configuration mechanisms as cloud‑native applications.

Tool Layer : Provides automatic discovery, registration and retrieval of MCP tools for LLMs, filtering irrelevant tools to reduce token consumption.

Application Layer : Supports AI‑to‑AI (A2A) collaboration, leveraging standards such as Spring AI Alibaba for automatic registration and discovery of AI agents.

Security Enhancements

Nacos 3.0 adopts a zero‑trust security architecture: the console is deployed independently, authentication switches are split per API, and API‑level authentication is enabled by default. Configuration‑encryption plugins and TLS transport protect data in transit. Integration with external secret‑management solutions (e.g., KMS) enables automatic credential rotation for downstream services such as Druid and Spring AI.

MCP Registry

The MCP Registry adds full management of MCP services and supports three registration modes:

Automatic conversion of existing HTTP/RPC services to MCP via Higress protocol conversion (zero‑code migration).

Automatic registration of new MCP services using SDKs provided by Spring AI or Nacos‑MCP.

Import of third‑party MCP services for dynamic description and schema updates.

The MCP Router offers two operation modes:

Dynamic Routing : Filters MCP services based on LLM‑provided keywords, reducing context length.

Dynamic Proxy : Converts stdio or SSE MCP services into a streamable format without keyword filtering.

Roadmap

Future milestones include expanding AI Registry capabilities (prompt management, agent auto‑registration, LLM parameter hosting) and adding support for additional protocols such as DNS and Mesh.

Source code and documentation are available at the official GitHub repository:

https://github.com/alibaba/nacos