playbooks

home / mcp / kubernetes mcp server

Kubernetes MCP Server

Provides an MCP server enabling AI tools to interact with Kubernetes clusters for data access and resource management.

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "briankscheong-k8s-mcp-server": {
      "url": "https://placeholder.example/mcp"
    }
  }
}

You run an MCP server that lets AI tools talk to Kubernetes clusters using natural language. It exposes common Kubernetes operations as tasks you can call from your MCP client, enabling automation, monitoring, and troubleshooting without writing raw kubectl commands.

How to use

To use this MCP server, connect your MCP client to the local stdio endpoint and provide the path to your kubeconfig. This lets the AI tool request information about pods, deployments, services, and more, and optionally perform management actions if permitted.

Typical usage patterns include asking the AI to list resources in a namespace, fetch logs from a pod, or scale a deployment. You can enable read-only mode to prevent mutations, or configure RBAC and namespace boundaries to limit scope.

How to install

Prerequisites you need before installation are a Kubernetes cluster with API access and a kubeconfig file or service account credentials. You should also ensure you have appropriate RBAC permissions for the operations you intend to perform.

Step 1: Install the MCP server binary via Go or from prebuilt binaries if available. Step 2: Run the MCP server in stdio mode with your kubeconfig path.

# If building from source
# (adjust to your environment as needed)
# Example: go install to fetch the latest release

goproxy=https://proxy.golang.org

go install github.com/briankscheong/k8s-mcp-server/cmd/k8s-mcp-server@latest

# Run the server (stdio transport) with kubeconfig
k8smcp stdio --kubeconfig=/path/to/your/kubeconfig

If you prefer to use a prebuilt binary, obtain the k8s-mcp-server binary and run it with the same stdio configuration. Keep your kubeconfig secure and ensure the environment where you run the server has access to it.

Configuration and usage notes

The server uses your kubeconfig or service account credentials to determine access. You can tighten security by creating a dedicated service account with limited RBAC rights, restricting the default namespace, and optionally enabling read-only mode to prevent changes to cluster state.

Transport options include stdio for local integration and SSE for HTTP-based connections if you deploy the server in a Kubernetes cluster and expose a port for clients.

Security considerations

By default, operations follow the permissions of the credentials you provide. For higher security, limit permissions with a dedicated service account, set namespace scoping, and use read-only mode when mutations are not needed.

Troubleshooting and notes

If you encounter connection issues, verify that the kubeconfig path is correct and accessible by the MCP server process. Check RBAC permissions and ensure the MCP server process has network access to the Kubernetes API server.

Examples and capabilities

This MCP server supports resource queries like listing pods or deployments, retrieving details for specific resources, fetching pod logs, listing namespaces, and performing management operations such as deleting pods or scaling deployments when read-only mode is disabled.

Guidance on running in different environments

If you deploy in a Kubernetes cluster, you can use the SSE transport to expose a JSON-RPC endpoint and connect clients over HTTP. For local development, stdio remains the simplest option.

Notes on upgrading

Keep the MCP server up to date with the latest release to benefit from improved Kubernetes API support and security updates. When upgrading, review any changes to command-line flags or environment variables and adjust your startup script accordingly.

Advanced usage and tips

Use read-only mode to block create/update/delete operations, and apply RBAC constraints to align with your organizational policies. You can combine kubeconfig context switching with namespace scoping to manage multiple clusters from the same MCP client.

Notes on contributing

Contributions that enhance Kubernetes resource support, add new operations, or improve security and reliability are welcome. Follow standard contribution practices for your repositoryโ€™s workflow.

Available tools

get_pod

Retrieve detailed information about a specific pod. Parameters: namespace (optional), name (required).

list_pods

List pods in a namespace. Parameters: namespace (optional), label_selector (optional), field_selector (optional).

get_pod_logs

Get logs from a pod. Parameters: namespace (optional), name (required), container (optional), tail_lines (optional), previous (optional).

get_deployment

Get information about a specific deployment. Parameters: namespace (optional), name (required).

list_deployments

List deployments in a namespace. Parameters: namespace (optional), label_selector (optional).

get_service

Get information about a specific service. Parameters: namespace (optional), name (required).

list_services

List services in a namespace. Parameters: namespace (optional), label_selector (optional).

get_configmap

Get information about a specific ConfigMap. Parameters: namespace (optional), name (required).

list_configmaps

List ConfigMaps in a namespace. Parameters: namespace (optional), label_selector (optional).

list_namespaces

List all namespaces in the cluster. No parameters.

list_nodes

List all nodes in the cluster. No parameters.

delete_pod

Delete a pod from a namespace. Parameters: namespace (optional), name (required), grace_period_seconds (optional).

scale_deployment

Scale a deployment to a specific number of replicas. Parameters: namespace (optional), name (required), replicas (required).