Back to Home
shaowenchen icon

ops-mcp-server

by shaowenchen

View Source

Overview

This server unifies an observability stack (Kubernetes events, Prometheus metrics, Elasticsearch logs, Jaeger traces, SOPS operations) into a single Model Context Protocol (MCP) interface for AI assistants to query and interact with operational data.

Installation

Run Command
docker run --name ops-mcp-server -p 80:80 -e SOPS_ENABLED="true" -e EVENTS_ENABLED="true" -e METRICS_ENABLED="true" -e LOGS_ENABLED="true" -e TRACES_ENABLED="true" shaowenchen/ops-mcp-server:latest --mode=sse --enable-sops --enable-events --enable-metrics --enable-logs --enable-traces

Environment Variables

  • SERVER_TOKEN
  • LOG_LEVEL
  • SOPS_ENABLED
  • SOPS_OPS_ENDPOINT
  • SOPS_OPS_TOKEN
  • EVENTS_ENABLED
  • EVENTS_OPS_ENDPOINT
  • EVENTS_OPS_TOKEN
  • METRICS_ENABLED
  • METRICS_PROMETHEUS_ENDPOINT
  • METRICS_PROMETHEUS_USERNAME
  • METRICS_PROMETHEUS_PASSWORD
  • METRICS_PROMETHEUS_TOKEN
  • LOGS_ENABLED
  • LOGS_ELASTICSEARCH_ENDPOINT
  • LOGS_ELASTICSEARCH_USERNAME
  • LOGS_ELASTICSEARCH_PASSWORD
  • LOGS_ELASTICSEARCH_API_KEY
  • TRACES_ENABLED
  • TRACES_JAEGER_ENDPOINT
  • TRACES_JAEGER_TIMEOUT
  • SERVER_HOST
  • SERVER_PORT
  • SERVER_MODE
  • SERVER_URI

Security Notes

The MCP server's internal authentication (for '/mcp/sse', '/mcp/message', and '/mcp' endpoints) is disabled by default. It must be explicitly enabled by setting the 'SERVER_TOKEN' environment variable or in the configuration file for production use. Backend service integrations (Prometheus, Elasticsearch, Jaeger, Ops Server) support various authentication methods, but their security posture is dependent on the configured credentials and the security of those external systems. The SOPS module relies on an external 'Ops Server' for procedure execution, shifting command execution risks to that external system. The module code itself does not contain obvious 'eval' or arbitrary code execution vulnerabilities, but the power of the exposed query tools (e.g., arbitrary ES|QL queries) necessitates careful privilege management for backend credentials. The Docker deployment uses 'runAsNonRoot' and specific user/group IDs, which are good security practices for containers.

Similar Servers

last9-mcp-server

46

A backend HTTP server likely used as a control plane or for data collection/processing within an observability or monitoring system.

8
$Low

lex

23

Provides a UK legal research API for AI agents, offering capabilities to search legislation, caselaw, amendments, and explanatory notes using semantic and keyword search, and includes a Micro-Copilot (MCP) server for integration with AI assistants.

Other
9
$High

gofetch

20

An MCP server that retrieves and extracts textual content from web pages, respecting robots.txt for AI agents.

Other
9
$Medium

osmmcp

11

Enables LLMs to interact with OpenStreetMap data through a rich set of geospatial tools, including geocoding, routing, and points of interest search.

Other
9
$Medium

Stats

Interest Score30
Security Score6
Cost ClassLow
Avg Tokens500
Stars1
Forks0
Last Update2026-01-18

Tags

ObservabilityAI AssistantsKubernetesPrometheusElasticsearch