mcp-kubernetes
Verified Safeby Azure
Overview
Enables AI assistants to interact with and debug Kubernetes clusters by translating natural language requests into Kubernetes operations.
Installation
docker run -i --rm --mount type=bind,src=/home/username/.kube/config,dst=/home/mcp/.kube/config ghcr.io/azure/mcp-kubernetesEnvironment Variables
- KUBECONFIG
- USE_LEGACY_TOOLS
- KUBERNETES_MCP_COLLECT_TELEMETRY
- APPLICATIONINSIGHTS_INSTRUMENTATION_KEY
Security Notes
The server's core function is executing shell commands (kubectl, helm, cilium, hubble) based on AI input, which inherently carries security risks. However, the project implements strong mitigations: - Explicit `--access-level` controls (readonly, readwrite, admin) filter allowed operations at registration time. - `--allow-namespaces` restricts operations to specific namespaces, including regex support. - Command parsing uses `shlex.Split` to handle quotes and prevent basic injection, though an advanced AI could still generate harmful commands within its allowed scope. - Validation of CLI tools (`kubectl`, `helm`, `cilium`, `hubble`) and kubeconfig connectivity is performed at startup. - Telemetry collection is opt-out and sends basic invocation data. - The project follows Microsoft's security reporting policies.
Similar Servers
mcp-server-kubernetes
This MCP server enables AI agents to connect to and manage Kubernetes clusters by executing kubectl and Helm commands.
kubernetes-mcp-server
Facilitates AI agent interaction with Kubernetes and OpenShift clusters by exposing management and observability tools via the Model Context Protocol.
mcp-k8s-go
This MCP server enables interaction with Kubernetes clusters to list, get, apply, and execute commands on various resources through a conversational interface.
mcp-k8s
Facilitates natural language interaction and automation for Kubernetes cluster management and Helm operations via the Model Control Protocol (MCP).