k8s-mcp-server
Verified Safeby reza-gholizade
Overview
Provides a standardized interface (MCP) for interacting with Kubernetes clusters and managing Helm releases.
Installation
docker run -p 8080:8080 -e KUBECONFIG_DATA="$(cat ~/.kube/config)" ginnux/k8s-mcp-server:latestEnvironment Variables
- SERVER_MODE
- SERVER_PORT
- KUBECONFIG_DATA
- KUBERNETES_SERVER
- KUBERNETES_TOKEN
- KUBERNETES_CA_CERT
- KUBERNETES_CA_CERT_PATH
- KUBERNETES_INSECURE
- KUBECONFIG
- HELM_DRIVER
Security Notes
The server offers powerful capabilities, including creating, updating, and deleting Kubernetes resources, as well as managing Helm charts and repositories. If exposed publicly without robust authentication, authorization, and network segmentation, it could serve as a significant attack vector. The `CreateOrUpdateResourceJSON` function can create namespaces, which is a high-privilege action. The ability to add arbitrary Helm repositories (`HelmRepoAdd`) can introduce untrusted software. The `--read-only` flag and non-root execution in Docker are positive security features, but the provided example `ClusterRole` grants broad `*` permissions, necessitating careful RBAC configuration for deployments. Using `KUBERNETES_INSECURE=true` is explicitly discouraged but possible.
Similar Servers
mcp-server-kubernetes
Manages Kubernetes clusters by executing kubectl and Helm commands, facilitating automation and interaction through the Model Context Protocol.
kmcp
Kubernetes controller and CLI for declarative deployment and management of Model Context Protocol (MCP) servers, simplifying local development to production.
mcp-k8s-go
An MCP server enabling AI assistants and users to interact with and manage Kubernetes clusters by listing, getting, applying, and executing commands on Kubernetes resources.
mcp-k8s
A Kubernetes MCP (Model Control Protocol) server that enables natural language interaction with Kubernetes clusters and Helm for resource and release management.