opentelemetry-mcp-server
Verified Safeby pavolloffay
Overview
The OpenTelemetry Model Context Protocol (MCP) server enables LLMs to efficiently use the OpenTelemetry stack by providing tools to configure an OpenTelemetry collector through strict JSON schemas and validation.
Installation
docker run --rm -it -p 8080:8080 ghcr.io/pavolloffay/opentelemetry-mcp-server:latest --protocol http --addr 0.0.0.0:8080Security Notes
The server leverages the OpenTelemetry Collector Builder (OCB) to generate Go code for component factories and configuration providers. Security practices include robust handling of HTTP/gRPC, TLS, and explicit mechanisms for fetching sensitive configuration values from secure sources (e.g., AWS Secrets Manager, Google Secret Manager) rather than hardcoding. The system also includes mitigations against common network-related vulnerabilities like decompression bombs (MaxRequestBodySize) and race conditions. The overall architecture is modular and relies on well-vetted OpenTelemetry components, leading to a high security posture. A potential, though indirect, risk exists if the `manifest.yaml` used by OCB were to include malicious or untrusted module replacements.
Similar Servers
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
opensearch-mcp-server-py
Enables AI assistants and LLMs to interact with OpenSearch clusters by providing a standardized Model Context Protocol (MCP) interface through built-in and dynamic tools.
1xn-vmcp
An open-source platform for composing, customizing, and extending multiple Model Context Protocol (MCP) servers into a single logical, virtual MCP server, enabling fine-grained context engineering for AI workflows and agents.
mcp-container-ts
Provides a secure, extensible Model Context Protocol (MCP) server using Node.js and TypeScript, designed to expose custom tools to LLMs, deployable on Azure Container Apps with robust JWT and RBAC security.