Back to Home
cembryonix icon

cbx-mcp-server-k8s

Verified Safe

by cembryonix

View Source

Overview

An MCP server enabling AI agents to interact with Kubernetes clusters and related cloud services via CLI tools like kubectl, helm, and argocd, with integrated security guardrails and session management.

Installation

Run Command
docker run -p 8080:8080 ghcr.io/cembryonix/cbx-mcp-server-k8s:0.3.1

Environment Variables

  • CBX_MCP_HOST
  • CBX_MCP_PORT
  • CBX_MCP_TRANSPORT
  • CBX_MCP_CONFIG_DIR
  • HOME
  • CBX_MCP_SERVER__LOG_LEVEL
  • CBX_MCP_SESSION__PERSISTENCE
  • CBX_MCP_SESSION__REDIS_URL
  • CBX_MCP_EVENT_STORE__PERSISTENCE
  • CBX_MCP_EVENT_STORE__REDIS_URL
  • CBX_MCP_COMMAND__DEFAULT_TIMEOUT
  • CBX_MCP_SECURITY__MODE

Security Notes

The server features a robust, multi-layered security validation system (`CommandValidator`) that parses commands, checks against dangerous patterns, enforces safe overrides, and applies regex rules. It defaults to 'strict' mode, blocking potentially destructive operations (e.g., '--all-namespaces' with delete, operations in 'kube-system'). Command execution uses `subprocess.create_subprocess_exec` with `shlex.split`, which is safer than direct shell execution for arbitrary input. Minor concern: direct `kubectl` calls for read-only resource introspection (`k8s://cluster/context`, `k8s://cluster/namespaces`, etc.) bypass the main `CommandRunner`'s validation, but these operations are hardcoded and inherently low-risk. No 'eval' or malicious obfuscation found. Hardcoded secrets are avoided; configuration relies on environment variables or mounted Kubernetes secrets.

Similar Servers

mcp-server-kubernetes

1263

This MCP server enables AI agents to connect to and manage Kubernetes clusters by executing kubectl and Helm commands.

Other
8
$High

kubernetes-mcp-server

1008

Facilitates AI agent interaction with Kubernetes and OpenShift clusters by exposing management and observability tools via the Model Context Protocol.

Other
9
$Medium

mcp-k8s-go

368

This MCP server enables interaction with Kubernetes clusters to list, get, apply, and execute commands on various resources through a conversational interface.

Other
3
$Medium

mcp-k8s

136

Facilitates natural language interaction and automation for Kubernetes cluster management and Helm operations via the Model Control Protocol (MCP).

Other
7
$Low

Stats

Interest Score30
Security Score9
Cost ClassMedium
Avg Tokens750
Stars1
Forks0
Last Update2026-01-11

Tags

KubernetesAI AgentCLI AutomationGitOpsInfrastructure Management