Skip to content

alexei-led/k8s-mcp-server

MCP Developer Tools

A Docker‑based server that lets Claude run Kubernetes CLI tools (kubectl, helm, istioctl, argocd) securely inside a container.

Track releases GitHub
Python Latest v1.4.2 · 3mo ago Security brief →

Features

  • Runs multiple Kubernetes CLIs (`kubectl`, `helm`, `istioctl`, `argocd`) in one container
  • Supports cloud providers AWS EKS, GKE and Azure AKS out‑of‑the‑box
  • Enforces security: executes as non‑root with strict command validation
  • Provides Unix tool piping (`jq`, `grep`, `sed`) for flexible workflows

Recent releases

View all 3 releases →
v1.4.2 Bug fix

Minor fixes and improvements.

Full changelog

What's Changed

Bug Fix

  • Fixed: reload_security_config() now correctly re-reads K8S_MCP_SECURITY_MODE from environment variables

    Root cause: SECURITY_MODE was imported as a string value at module load time. Calling reload_security_config() updated SECURITY_CONFIG but not SECURITY_MODE, so switching to permissive mode at runtime had no effect — commands were still blocked by strict-mode validation.

    Impact: Runtime security mode switching (e.g., via env var + reload_security_config()) now works correctly.

Full Changelog: https://github.com/alexei-led/k8s-mcp-server/compare/v1.4.1...v1.4.2

View release on GitHub
v1.4.1 Breaking risk

Documentation improvements and CI/CD optimization.

Full changelog

What's Changed

Documentation

  • Added llms.txt following llmstxt.org convention for LLM-friendly project documentation
  • Rewrote CLAUDE.md with project-specific architecture guide and developer patterns (removed generic boilerplate)

CI/CD

  • Replaced QEMU-based multi-arch Docker builds with native ARM64 runners (ubuntu-24.04-arm)
    • Build time: ~15 min → ~2-3 min (parallel native builds)
    • No more QEMU emulation overhead

MCP Spec

  • Added tool icon metadata (SEP-973) to all 8 MCP tools using official CNCF artwork SVGs
    • Displays Kubernetes, Helm, Istio, and ArgoCD logos in MCP client tool lists

Tests

  • Fixed test suite for exception-based error handling introduced in v1.4.0

Full Changelog: https://github.com/alexei-led/k8s-mcp-server/compare/v1.4.0...v1.4.1

View release on GitHub
v1.4.0 Breaking risk
Notable features
  • Streamable HTTP transport
  • Tool Annotations metadata
  • Input validation as tool errors
Full changelog

What's New

MCP Spec 2025-11-25 Compliance

  • Streamable HTTP transport (#10) — Added streamable-http as the recommended HTTP transport. SSE transport is now deprecated with a warning. Auto-detects Docker environment for host binding (0.0.0.0 in Docker, 127.0.0.1 locally).

  • Tool Annotations (#11) — All 8 tools now include ToolAnnotations metadata (readOnlyHint, destructiveHint, openWorldHint) per MCP spec 2025-03-26+.

  • Input validation errors as tool errors (#12) — Validation errors now return isError: true in tool results instead of JSON-RPC protocol errors, enabling model self-correction per SEP-1303.

  • Implementation description (#13) — Server now reports a description in the MCP Implementation info during initialization.

Bug Fixes

  • Container permission fix (#5) — Fixed PermissionError crash when running the Docker container with a custom UID (-u 1000:1000). The server now gracefully falls back to default security config.

Breaking Changes

None. SSE transport still works but logs a deprecation warning.

Dependencies

  • Minimum mcp SDK version bumped to >=1.22.0 for ToolAnnotations support.
View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
210
Forks
38
Languages
Python Dockerfile Makefile
View on GitHub

Install & Platforms

Install via
docker
Platforms
linux macos windows

Similar tools

reza-gholizade/k8s-mcp-server
rohitg00/kubectl-mcp-server
StacklokLabs/mkp
silenceper/mcp-k8s
cyclops-ui/mcp-cyclops

Beta — feedback welcome: [email protected]