MCP Directory

K8s MCP Server

Run kubectl, helm, istioctl, and argocd against your clusters from Claude in a secure Docker sandbox.

Unverified
stdio (local)
No auth
Python
View repo 210

Add to your client

Copy the config for your MCP client and paste it into its config file.

Install / run
docker run -i --rm -v ~/.kube:/home/appuser/.kube:ro ghcr.io/alexei-led/k8s-mcp-server:latest

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "k8s-mcp-server": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-v",
        "/Users/YOUR_USER_NAME/.kube:/home/appuser/.kube:ro",
        "ghcr.io/alexei-led/k8s-mcp-server:latest"
      ]
    }
  }
}

Requires Docker to be installed and running.

Step-by-step guides: Add to Claude Desktop · Add to Cursor · Add to Windsurf

Before you start

  • Docker installed and running
  • A Kubernetes kubeconfig at ~/.kube (mounted read-only into the container)
  • Claude Desktop (or another MCP client)
  • For cloud clusters: AWS/GCP/Azure credentials mounted as additional volumes (see Cloud Provider Support docs)

About K8s MCP Server

A Docker-based MCP server that lets Claude securely execute Kubernetes CLI tools (kubectl, helm, istioctl, argocd) against your clusters. It bridges language models and essential Kubernetes tooling for cluster management, troubleshooting, and deployments, running in a hardened non-root container with strict command validation and read-only kubeconfig mounting. Native support is provided for AWS EKS, Google GKE, and Azure AKS.

Tools & capabilities (4)

kubectl

Run kubectl commands to inspect, create, update, and manage Kubernetes resources (pods, deployments, services, namespaces, logs, etc.).

helm

Manage Helm charts and releases, e.g. deploying charts like bitnami/wordpress and configuring values.

istioctl

Operate the Istio service mesh, e.g. checking mesh status and configuring traffic routing such as canary deployments.

argocd

Interact with Argo CD, e.g. creating and managing GitOps Applications for your repositories.

When to use it

  • Asking Claude to list pods, services, or available contexts in natural language
  • Troubleshooting failing deployments, pods, and StatefulSets and explaining the errors
  • Creating deployments and ingresses, e.g. an nginx deployment with 3 replicas
  • Deploying applications via Helm charts (e.g. WordPress with a LoadBalancer service)
  • Setting up Istio canary deployments or Argo CD applications
  • Managing AWS EKS, Google GKE, and Azure AKS clusters through Claude

Security notes

Runs as a non-root user with strict command validation. Your kubeconfig is mounted read-only (`:ro`) into the container. A permissive security mode is available via the `K8S_MCP_SECURITY_MODE=permissive` environment variable; see the project's Security Documentation for custom rules and modes.

K8s MCP Server FAQ

How does Claude connect to my cluster?

You add a docker run command to your Claude Desktop config under mcpServers. The container mounts your ~/.kube directory read-only and uses your existing kubeconfig credentials and contexts.

Which transports are supported?

Three transports, selected via the K8S_MCP_TRANSPORT environment variable: stdio (default, used by Claude Desktop), streamable-http (recommended for remote/web clients), and sse (deprecated, use streamable-http instead).

How do I connect to a managed cloud cluster?

Mount the relevant cloud credentials as an extra read-only volume and set provider environment variables — e.g. ~/.aws with AWS_PROFILE/AWS_REGION for EKS, ~/.config/gcloud with CLOUDSDK_CORE_PROJECT for GKE, or ~/.azure with AZURE_SUBSCRIPTION for AKS. See the Cloud Provider Support guide.

Is it safe to run arbitrary commands?

The server runs as a non-root user with strict command validation by default. You can opt into a permissive mode with K8S_MCP_SECURITY_MODE=permissive, and the kubeconfig is mounted read-only.

#kubernetes#k8s#kubectl#helm#istioctl#argocd#devops#docker

Alternatives to K8s MCP Server

Compare all alternatives →
GitHub MCP Server
DevOps & Cloud
31k

GitHub's official server for repos, issues, PRs, and Actions — local Docker or hosted remote.

Featured
Verified
stdio (local)
API key
Go
7 tools
Updated 7 days agoRepo
AWS API MCP Server
DevOps & Cloud
9.3k

Official AWS Labs server that lets agents call any AWS API via the AWS CLI surface.

Verified
stdio (local)
API key
Python
3 tools
Updated 9 days agoRepo
kubefwd
DevOps & Cloud
4.1k

Bulk Kubernetes port forwarding with an MCP server that lets AI assistants forward services, inspect pods, and monitor traffic.

Unverified
stdio (local)
No auth
Go
28 tools
Updated 1 day agoRepo

Compare K8s MCP Server with:

vs GitHub MCP Servervs AWS API MCP Servervs kubefwdvs Radar