Kubernetes MCP Server

✨ Features | 🚀 Getting Started | 🎥 Demos | ⚙️ Configuration | 🛠️ Tools | 💬 Community | 🧑‍💻 Development

https://github.com/user-attachments/assets/be2b67b3-fc1c-4d11-ae46-93deba8ed98e

✨ Features <a id="features"></a>

A powerful and flexible Kubernetes Model Context Protocol (MCP) server implementation with support for Kubernetes and OpenShift.

• ✅ Configuration:
  • Automatically detect changes in the Kubernetes configuration and update the MCP server.
  • View and manage the current Kubernetes .kube/config or in-cluster configuration.
• ✅ Generic Kubernetes Resources: Perform operations on any Kubernetes or OpenShift resource.
  • Any CRUD operation (Create or Update, Get, List, Delete).
• ✅ Pods: Perform Pod-specific operations.
  • List pods in all namespaces or in a specific namespace.
  • Get a pod by name from the specified namespace.
  • Delete a pod by name from the specified namespace.
  • Show logs for a pod by name from the specified namespace.
  • Top gets resource usage metrics for all pods or a specific pod in the specified namespace.
  • Exec into a pod and run a command.
  • Run a container image in a pod and optionally expose it.
• ✅ Namespaces: List Kubernetes Namespaces.
• ✅ Events: View Kubernetes events in all namespaces or in a specific namespace.
• ✅ Projects: List OpenShift Projects.
• ☸️ Helm:
  • Install a Helm chart in the current or provided namespace.
  • List Helm releases in all namespaces or in a specific namespace.
  • Uninstall a Helm release in the current or provided namespace.
• 🔧 Tekton: Tekton-specific operations that complement generic Kubernetes resource management.
  • Pipeline: Start a Tekton Pipeline by creating a PipelineRun.
  • PipelineRun: Restart a PipelineRun with the same spec.
  • Task: Start a Tekton Task by creating a TaskRun.
  • TaskRun: Restart a TaskRun with the same spec, and retrieve TaskRun logs via pod resolution.
• 🔭 Observability: Optional OpenTelemetry distributed tracing and metrics with custom sampling rates. Includes /stats endpoint for real-time statistics. See OTEL.md.

Unlike other Kubernetes MCP server implementations, this IS NOT just a wrapper around kubectl or helm command-line tools. It is a Go-based native implementation that interacts directly with the Kubernetes API server.

There is NO NEED for external dependencies or tools to be installed on the system. If you're using the native binaries you don't need to have Node or Python installed on your system.

• ✅ Lightweight: The server is distributed as a single native binary for Linux, macOS, and Windows.
• ✅ High-Performance / Low-Latency: Directly interacts with the Kubernetes API server without the overhead of calling and waiting for external commands.
• ✅ Multi-Cluster: Can interact with multiple Kubernetes clusters simultaneously (as defined in your kubeconfig files).
• ✅ Cross-Platform: Available as a native binary for Linux, macOS, and Windows, as well as an npm package, a Python package, and container/Docker image.
• ✅ Configurable: Supports command-line arguments, TOML configuration files, and environment variables.
• ✅ Well tested: The server has an extensive test suite to ensure its reliability and correctness across different Kubernetes environments.
• 📚 Documentation: Comprehensive user documentation including setup guides, configuration reference, and observability.

🚀 Getting Started <a id="getting-started"></a>

Requirements

• Access to a Kubernetes cluster.

Follow the dedicated Claude Code getting started guide in our user documentation.

For a secure production setup with dedicated ServiceAccount and read-only access, also review the Kubernetes setup guide.

Claude Desktop

Using npx

If you have npm installed, this is the fastest way to get started with kubernetes-mcp-server on Claude Desktop.

Open your claude_desktop_config.json and add the mcp server to the list of mcpServers:

{
  "mcpServers": {
    "kubernetes": {
      "command": "npx",
      "args": ["-y", "kubernetes-mcp-server@latest"]
    }
  }
}

VS Code / VS Code Insiders

Install the Kubernetes MCP server extension in VS Code Insiders by pressing the following link:

<img src="https://img.shields.io/badge/VS_Code-VS_Code?style=flat-square&label=Install%20Server&color=0098FF" alt="Install in VS Code"> <img alt="Install in VS Code Insiders" src="https://img.shields.io/badge/VS_Code_Insiders-VS_Code_Insiders?style=flat-square&label=Install%20Server&color=24bfa5">

Alternatively, you can install the extension manually by running the following command:

# For VS Code
code --add-mcp '{"name":"kubernetes","command":"npx","args":["kubernetes-mcp-server@latest"]}'
# For VS Code Insiders
code-insiders --add-mcp '{"name":"kubernetes","command":"npx","args":["kubernetes-mcp-server@latest"]}'

Cursor

Install the Kubernetes MCP server extension in Cursor by pressing the following link:

Alternatively, you can install the extension manually by editing the mcp.json file:

{
  "mcpServers": {
    "kubernetes-mcp-server": {
      "command": "npx",
      "args": ["-y", "kubernetes-mcp-server@latest"]
    }
  }
}

Goose CLI

Goose CLI is the easiest (and cheapest) way to get rolling with artificial intelligence (AI) agents.

Using npm

If you have npm installed, this is the fastest way to get started with kubernetes-mcp-server.

Open your goose config.yaml and add the mcp server to the list of mcpServers:

extensions:
  kubernetes:
    command: npx
    args:
      - -y
      - kubernetes-mcp-server@latest

🎥 Demos <a id="demos"></a>

Diagnosing and automatically fixing an OpenShift Deployment

Demo showcasing how Kubernetes MCP server is leveraged by Claude Desktop to automatically diagnose and fix a deployment in OpenShift without any user assistance.

https://github.com/user-attachments/assets/a576176d-a142-4c19-b9aa-a83dc4b8d941

Vibe Coding a simple game and deploying it to OpenShift

In this demo, I walk you through the process of Vibe Coding a simple game using VS Code and how to leverage Podman MCP server and Kubernetes MCP server to deploy it to OpenShift.

Supercharge GitHub Copilot with Kubernetes MCP Server in VS Code - One-Click Setup!

In this demo, I'll show you how to set up Kubernetes MCP server in VS code just by clicking a link.

⚙️ Configuration <a id="configuration"></a>

The Kubernetes MCP server can be configured using command line (CLI) arguments.

You can run the CLI executable either by using npx, uvx, or by downloading the latest release binary.

# Run the Kubernetes MCP server using npx (in case you have npm and node installed)
npx kubernetes-mcp-server@latest --help

# Run the Kubernetes MCP server using uvx (in case you have uv and python installed)
uvx kubernetes-mcp-server@latest --help

# Run the Kubernetes MCP server using the latest release binary
./kubernetes-mcp-server --help

Configuration Options

Note: Most CLI options have equivalent TOML configuration fields. The --disable-multi-cluster flag is equivalent to setting cluster_provider_strategy = "disabled" in TOML. See the Configuration Reference for all TOML options.

TOML Configuration Files

For complex or persistent configurations, use TOML configuration files instead of CLI arguments:

kubernetes-mcp-server --config /etc/kubernetes-mcp-server/config.toml

Example configuration:

log_level = 2
read_only = true
toolsets = ["core", "config", "helm", "kubevirt"]

# Deny access to sensitive resources
[[denied_resources]]
group = ""
version = "v1"
kind = "Secret"

[telemetry]
endpoint = "http://localhost:4317"

For comprehensive TOML configuration documentation, including:

• All configuration options and their defaults
• Drop-in configuration files for modular settings
• Dynamic configuration reload via SIGHUP
• Denied resources for restricting access to sensitive resource types
• Server instructions for MCP Tool Search
• Custom MCP prompts
• OAuth/OIDC authentication for HTTP mode (Keycloak, Microsoft Entra ID)

See the Configuration Reference.

📊 MCP Logging <a id="mcp-logging"></a>

The server supports the MCP logging capability, allowing clients to receive debugging information via structured log messages. Kubernetes API errors are automatically categorized and logged to clients with appropriate severity levels. Sensitive data (tokens, keys, passwords, cloud credentials) is automatically redacted before being sent to clients.

See the MCP Logging Guide.

🛠️ Tools and Functionalities <a id="tools-and-functionalities"></a>

The Kubernetes MCP server supports enabling or disabling specific groups of tools and functionalities (tools, resources, prompts, and so on) via the --toolsets command-line flag or toolsets configuration option. This allows you to control which Kubernetes functionalities are available to your AI tools. Enabling only the toolsets you need can help reduce the context size and improve the LLM's tool selection accuracy.

Available Toolsets

The following sets of tools are available (toolsets marked with ✓ in the Default column are enabled by default):

Tools

In case multi-cluster support is enabled (default) and you have access to multiple clusters, all applicable tools will include an additional context argument to specify the Kubernetes context (cluster) to use for that operation.

• configuration_contexts_list - List all available context names and associated server urls from the kubeconfig file

• targets_list - List all available targets

• configuration_view - Get the current Kubernetes configuration content as a kubeconfig YAML

  • minified (boolean) - Return a minified version of the configuration. If set to true, keeps only the current-context and the relevant pieces of the configuration for that context. If set to false, all contexts, clusters, auth-infos, and users are returned in the configuration. (Optional, default true)

• events_list - List Kubernetes events (warnings, errors, state changes) for debugging and troubleshooting in the current cluster from all namespaces

  • namespace (string) - Optional Namespace to retrieve the events from. If not provided, will list events from all namespaces

• namespaces_list - List all the Kubernetes namespaces in the current cluster

• projects_list - List all the OpenShift projects in the current cluster

• nodes_log - Get logs from a Kubernetes node (kubelet, kube-proxy, or other system logs). This accesses node logs through the Kubernetes API proxy to the kubelet

  • name (string) (required) - Name of the node to get logs from
  • query (string) (required) - query specifies services(s) or files from which to return logs (required). Example: "kubelet" to fetch kubelet logs, "/<log-file-name>" to fetch a specific log file from the node (e.g., "/var/log/kubelet.log" or "/var/log/kube-proxy.log")
  • tailLines (integer) - Number of lines to retrieve from the end of the logs (Optional, 0 means all logs)

• nodes_stats_summary - Get detailed resource usage statistics from a Kubernetes node via the kubelet's Summary API. Provides comprehensive metrics including CPU, memory, filesystem, and network usage at the node, pod, and container levels. On systems with cgroup v2 and kernel 4.20+, also includes PSI (Pressure Stall Information) metrics that show resource pressure for CPU, memory, and I/O. See https://kubernetes.io/docs/reference/instrumentation/understand-psi-metrics/ for details on PSI metrics

  • name (string) (required) - Name of the node to get stats from

• nodes_top - List the resource consumption (CPU and memory) as recorded by the Kubernetes Metrics Server for the specified Kubernetes Nodes or all nodes in the cluster

  • label_selector (string) - Kubernetes label selector (e.g. 'node-role.kubernetes.io/worker=') to filter nodes by label (Optional, only applicable when name is not provided)
  • name (string) - Name of the Node to get the resource consumption from (Optional, all Nodes if not provided)

• pods_list - List all the Kubernetes pods in the current cluster from all namespaces

  • fieldSelector (string) - Optional Kubernetes field selector to filter pods by field values (e.g. 'status.phase=Running', 'spec.nodeName=node1'). Supported fields: metadata.name, metadata.namespace, spec.nodeName, spec.restartPolicy, spec.schedulerName, spec.serviceAccountName, status.phase (Pending/Running/Succeeded/Failed/Unknown), status.podIP, status.nominatedNodeName. Note: CrashLoopBackOff is a container state, not a pod phase, so it cannot be filtered directly. See https://kubernetes.io/docs/concepts/overview/working-with-objects/field-selectors/
  • labelSelector (string) - Optional Kubernetes label selector (e.g. 'app=myapp,env=prod' or 'app in (myapp,yourapp)'), use this option when you want to filter the pods by label

• pods_list_in_namespace - List all the Kubernetes pods in the specified namespace in the current cluster

  • fieldSelector (string) - Optional Kubernetes field selector to filter pods by field values (e.g. 'status.phase=Running', 'spec.nodeName=node1'). Supported fields: metadata.name, metadata.namespace, spec.nodeName, spec.restartPolicy, spec.schedulerName, spec.serviceAccountName, status.phase (Pending/Running/Succeeded/Failed/Unknown), status.podIP, status.nominatedNodeName. Note: CrashLoopBackOff is a container state, not a pod phase, so it cannot be filtered directly. See https://kubernetes.io/docs/concepts/overview/working-with-objects/field-selectors/
  • labelSelector (string) - Optional Kubernetes label selector (e.g. 'app=myapp,env=prod' or 'app in (myapp,yourapp)'), use this option when you want to filter the pods by label
  • namespace (string) (required) - Namespace to list pods from

• pods_get - Get a Kubernetes Pod in the current or provided namespace with the provided name

  • name (string) (required) - Name of the Pod
  • namespace (string) - Namespace to get the Pod from

• pods_delete - Delete a Kubernetes Pod in the current or provided namespace with the provided name

  • name (string) (required) - Name of the Pod to delete
  • namespace (string) - Namespace to delete the Pod from

• pods_top - List the resource consumption (CPU and memory) as recorded by the Kubernetes Metrics Server for the specified Kubernetes Pods in the all namespaces, the provided namespace, or the current namespace

  • all_namespaces (boolean) - If true, list the resource consumption for all Pods in all namespaces. If false, list the resource consumption for Pods in the provided namespace or the current namespace
  • label_selector (string) - Kubernetes label selector (e.g. 'app=myapp,env=prod' or 'app in (myapp,yourapp)'), use this option when you want to filter the pods by label (Optional, only applicable when name is not provided)
  • name (string) - Name of the Pod to get the resource consumption from (Optional, all Pods in the namespace if not provided)
  • namespace (string) - Namespace to get the Pods resource consumption from (Optional, current namespace if not provided and all_namespaces is false)

• pods_exec - Execute a command in a Kubernetes Pod (shell access, run commands in container) in the current or provided namespace with the provided name and command

  • command (array) (required) - Command to execute in the Pod container. The first item is the command to be run, and the rest are the arguments to that command. Example: ["ls", "-l", "/tmp"]
  • container (string) - Name of the Pod container where the command will be executed (Optional)
  • name (string) (required) - Name of the Pod where the command will be executed
  • namespace (string) - Namespace of the Pod where the command will be executed

• pods_log - Get the logs of a Kubernetes Pod in the current or provided namespace with the provided name

  • container (string) - Name of the Pod container to get the logs from (Optional)
  • name (string) (required) - Name of the Pod to get the logs from
  • namespace (string) - Namespace to get the Pod logs from
  • previous (boolean) - Return previous terminated container logs (Optional)
  • tail (integer) - Number of lines to retrieve from the end of the logs (Optional, default: 100)

• pods_run - Run a Kubernetes Pod in the current or provided namespace with the provided container image and optional name

  • image (string) (required) - Container Image to run in the Pod
  • name (string) - Name of the Pod (Optional, random name if not provided)
  • namespace (string) - Namespace to run the Pod in
  • port (number) - TCP/IP port to expose from the Pod container (Optional, no port exposed if not provided)

• resources_list - List Kubernetes resources and objects in the current cluster by providing their apiVersion and kind and optionally the namespace and label selector (common apiVersion and kind include: v1 Pod, v1 Service, v1 Node, apps/v1 Deployment, networking.k8s.io/v1 Ingress, route.openshift.io/v1 Route)

  • apiVersion (string) (required) - apiVersion of the resources (examples of valid apiVersion are: v1, apps/v1, networking.k8s.io/v1)
  • fieldSelector (string) - Optional Kubernetes field selector to filter resources by field values (e.g. 'status.phase=Running', 'metadata.name=myresource'). Supported fields vary by resource type. For Pods: metadata.name, metadata.namespace, spec.nodeName, spec.restartPolicy, spec.schedulerName, spec.serviceAccountName, status.phase (Pending/Running/Succeeded/Failed/Unknown), status.podIP, status.nominatedNodeName. See https://kubernetes.io/docs/concepts/overview/working-with-objects/field-selectors/
  • kind (string) (required) - kind of the resources (examples of valid kind are: Pod, Service, Deployment, Ingress)
  • labelSelector (string) - Optional Kubernetes label selector (e.g. 'app=myapp,env=prod' or 'app in (myapp,yourapp)'), use this option when you want to filter the resources by label
  • namespace (string) - Optional Namespace to retrieve the namespaced resources from (ignored in case of cluster scoped resources). If not provided, will list resources from all namespaces

• resources_get - Get a Kubernetes resource in the current cluster by providing its apiVersion, kind, optionally the namespace, and its name (common apiVersion and kind include: v1 Pod, v1 Service, v1 Node, apps/v1 Deployment, networking.k8s.io/v1 Ingress, route.openshift.io/v1 Route)

  • apiVersion (string) (required) - apiVersion of the resource (examples of valid apiVersion are: v1, apps/v1, networking.k8s.io/v1)
  • kind (string) (required) - kind of the resource (examples of valid kind are: Pod, Service, Deployment, Ingress)
  • name (string) (required) - Name of the resource
  • namespace (string) - Optional Namespace to retrieve the namespaced resource from (ignored in case of cluster scoped resources). If not provided, will get resource from configured namespace

• resources_create_or_update - Create or update a Kubernetes resource in the current cluster by providing a YAML or JSON representation of the resource (common apiVersion and kind include: v1 Pod, v1 Service, v1 Node, apps/v1 Deployment, networking.k8s.io/v1 Ingress, route.openshift.io/v1 Route)

  • resource (string) (required) - A JSON or YAML containing a representation of the Kubernetes resource. Should include top-level fields such as apiVersion,kind,metadata, and spec

• resources_delete - Delete a Kubernetes resource in the current cluster by providing its apiVersion, kind, optionally the namespace, and its name (common apiVersion and kind include: v1 Pod, v1 Service, v1 Node, apps/v1 Deployment, networking.k8s.io/v1 Ingress, route.openshift.io/v1 Route)

  • apiVersion (string) (required) - apiVersion of the resource (examples of valid apiVersion are: v1, apps/v1, networking.k8s.io/v1)
  • gracePeriodSeconds (integer) - Optional duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used
  • kind (string) (required) - kind of the resource (examples of valid kind are: Pod, Service, Deployment, Ingress)
  • name (string) (required) - Name of the resource
  • namespace (string) - Optional Namespace to delete the namespaced resource from (ignored in case of cluster scoped resources). If not provided, will delete resource from configured namespace

• resources_scale - Get or update the scale of a Kubernetes resource in the current cluster by providing its apiVersion, kind, name, and optionally the namespace. If the scale is set in the tool call, the scale will be updated to that value. Always returns the current scale of the resource

  • apiVersion (string) (required) - apiVersion of the resource (examples of valid apiVersion are apps/v1)
  • kind (string) (required) - kind of the resource (examples of valid kind are: StatefulSet, Deployment)
  • name (string) (required) - Name of the resource
  • namespace (string) - Optional Namespace to get/update the namespaced resource scale from (ignored in case of cluster scoped resources). If not provided, will get/update resource scale from configured namespace
  • scale (integer) - Optional scale to update the resources scale to. If not provided, will return the current scale of the resource, and not update it

• helm_install - Install (deploy) a Helm chart to create a release in the current or provided namespace

  • chart (string) (required) - Chart reference to install (for example: stable/grafana, oci://ghcr.io/nginxinc/charts/nginx-ingress)
  • name (string) - Name of the Helm release (Optional, random name if not provided)
  • namespace (string) - Namespace to install the Helm chart in (Optional, current namespace if not provided)
  • values (object) - Values to pass to the Helm chart (Optional)

• helm_list - List all the Helm releases in the current or provided namespace (or in all namespaces if specified)

  • all_namespaces (boolean) - If true, lists all Helm releases in all namespaces ignoring the namespace argument (Optional)
  • namespace (string) - Namespace to list Helm releases from (Optional, all namespaces if not provided)

• helm_uninstall - Uninstall a Helm release in the current or provided namespace

  • name (string) (required) - Name of the Helm release to uninstall
  • namespace (string) - Namespace to uninstall the Helm release from (Optional, current namespace if not provided)

• kcp_workspaces_list - List all available kcp workspaces in the current cluster

• kcp_workspace_describe - Get detailed information about a specific kcp workspace

  • workspace (string) (required) - Name or path of the workspace to describe

• kiali_get_mesh_traffic_graph - Returns service-to-service traffic topology, dependencies, and network metrics (throughput, response time, mTLS) for the specified namespaces. Use this to diagnose routing issues, latency, or find upstream/downstream dependencies.

  • clusterName (string) - Optional cluster name to include in the graph. Default is the cluster name in the Kiali configuration (KubeConfig).
  • graphType (string) - Granularity of the graph. 'app' aggregates by app name, 'versionedApp' separates by versions, 'workload' maps specific pods/deployments. Default: versionedApp.
  • namespaces (string) (required) - Comma-separated list of namespaces to map

• kiali_get_mesh_status - Retrieves the high-level health, topology, and environment details of the Istio service mesh. Returns multi-cluster control plane status (istiod), data plane namespace health (including ambient mesh status), observability stack health (Prometheus, Grafana...), and component connectivity. Use this tool as the first step to diagnose mesh-wide issues, verify Istio/Kiali versions, or check overall health before drilling into specific workloads.

• kiali_manage_istio_config_read - Read-only Istio config: list or get objects. For action 'list', returns an array of objects with {name, namespace, type, validation}. For create, patch, or delete use manage_istio_config.

  • action (string) (required) - Action to perform (read-only)
  • clusterName (string) - Optional cluster name. Defaults to the cluster name in the Kiali configuration.
  • group (string) - API group of the Istio object. Required for 'get' action.
  • kind (string) - Kind of the Istio object. Required for 'get' action.
  • namespace (string) - Namespace containing the Istio object. For 'list', if not provided, returns objects across all namespaces. For 'get', required.
  • object (string) - Name of the Istio object. Required for 'get' action.
  • serviceName (string) - Filter Istio configurations (VirtualServices, DestinationRules, and their referenced Gateways) that affect a specific service. Only applicable for 'list' action
  • version (string) - API version. Use 'v1' for VirtualService, DestinationRule, and Gateway. Required for 'get' action.

• kiali_manage_istio_config - Create, patch, or delete Istio config. For list and get (read-only) use manage_istio_config_read.

  • action (string) (required) - Action to perform (write)
  • clusterName (string) - Optional cluster name. Defaults to the cluster name in the Kiali configuration.
  • data (string) - Complete JSON or YAML data to apply or create the object. Required for create and patch actions. You MUST provide a COMPLETE and VALID manifest with ALL required fields for the resource type. Arrays (like servers, http, etc.) are REPLACED entirely, so you must include ALL required fields within each array element.
  • group (string) (required) - API group of the Istio object
  • kind (string) (required) - Kind of the Istio object (e.g., 'VirtualService', 'DestinationRule').
  • namespace (string) (required) - Namespace containing the Istio object
  • object (string) (required) - Name of the Istio object
  • version (string) (required) - API version. Use 'v1' for VirtualService, DestinationRule, and Gateway.

• kiali_get_resource_details - Fetches a list of resources OR retrieves detailed data for a specific resource. If 'resourceName' is omitted, it returns a list. If 'resourceName' is provided, it returns details for that specific resource.

  • clusterName (string) - Optional. Name of the cluster to get resources from. If not provided, will use the default cluster name in the Kiali KubeConfig
  • namespaces (string) - Comma-separated list of namespaces to query (e.g., 'bookinfo' or 'bookinfo,default'). If not provided, it will query across all accessible namespaces.
  • resourceName (string) - Optional. The specific name of the resource. If left empty, the tool returns a list of all resources of the specified type. If provided, the tool returns deep details for this specific resource.
  • resourceType (string) (required) - The type of resource to query. Use 'app' for Kiali applications (grouped by the Kubernetes 'app' label). Use 'argoapp' for ArgoCD Application CRDs (requires ArgoCD installed and the Kiali service account must have read permissions on applications.argoproj.io).

• kiali_list_traces - Lists distributed traces for a service in a namespace. Returns a summary (namespace, service, total_found, avg_duration_ms) and a list of traces with id, duration_ms, spans_count, root_op, slowest_service, has_errors. Use get_trace_details with a trace id to get full hierarchy.

  • clusterName (string) - Optional cluster name. Defaults to the cluster name in the Kiali configuration.
  • errorOnly (boolean) - If true, only consider traces that contain errors. Default false.
  • limit (integer) - Maximum number of traces to return. Default 10.
  • lookbackSeconds (integer) - How far back to search. Default 600 (10m).
  • namespace (string) (required) - Kubernetes namespace of the service.
  • serviceName (string) (required) - Service name to search traces for (required). Returns multiple traces up to limit.

• kiali_get_trace_details - Fetches a single distributed trace by trace_id and returns its call hierarchy (service tree with duration, status, and nested calls). Use this after list_traces to drill into a specific trace.

  • traceId (string) (required) - Trace ID to fetch and summarize. If provided, namespace/service_name are ignored.

• kiali_get_pod_performance - Returns a human-readable text summary with current Pod CPU/memory usage (from Prometheus) compared to Kubernetes requests/limits (from the Pod spec). Useful to answer questions like 'Is this workload using too much memory?'

  • clusterName (string) - Optional. Name of the cluster to get resources from. If not provided, will use the default cluster name in the Kiali KubeConfig
  • namespace (string) (required) - Kubernetes namespace of the Pod.
  • podName (string) - Kubernetes Pod name. If workloadName is provided, the tool will attempt to resolve a Pod from that workload first.
  • queryTime (string) - Optional end timestamp (RFC3339) for the query. Defaults to now.
  • timeRange (string) - Time window used to compute CPU rate (Prometheus duration like '5m', '10m', '1h', '1d'). Defaults to '10m'.
  • workloadName (string) - Kubernetes Workload name (e.g. Deployment/StatefulSet/etc). Tool will look up the workload and pick one of its Pods. If not found, it will fall back to treating this value as a podName.

• kiali_get_logs - Get the logs of a Kubernetes Pod (or workload name that will be resolved to a pod) in a namespace. Output is plain text, matching kubernetes-mcp-server pods_log.

  • clusterName (string) - Optional. Name of the cluster to get the logs from. If not provided, will use the default cluster name in the Kiali KubeConfig
  • container (string) - Optional. Name of the Pod container to get the logs from.
  • format (string) - Output formatting for chat. 'codeblock' wraps logs in ~~~ fences (recommended). 'plain' returns raw text like kubernetes-mcp-server pods_log.
  • name (string) (required) - Name of the Pod to get the logs from. If it does not exist, it will be treated as a workload name and a running pod will be selected.
  • namespace (string) (required) - Namespace to get the Pod logs from
  • previous (boolean) - Optional. Return previous terminated container logs
  • severity (string) - Optional severity filter applied client-side. Accepts 'ERROR', 'WARN' or combinations like 'ERROR,WARN'.
  • tail (integer) - Number of lines to retrieve from the end of the logs (Optional, defaults to 50). Cannot exceed 200 lines.
  • workload (string) - Optional. Workload name override (used when name lookup fails).

• kiali_get_metrics - Returns a compact JSON summary of Istio metrics (latency quantiles, traffic trends, throughput, payload sizes) for the given resource.

  • byLabels (string) - Comma-separated list of labels to group metrics by (e.g., 'source_workload,destination_service'). Optional
  • clusterName (string) - Cluster name to get metrics from. Optional, defaults to the cluster name in the Kiali configuration (KubeConfig)
  • direction (string) - Traffic direction. Optional, defaults to 'outbound'
  • namespace (string) (required) - Namespace to get metrics from
  • quantiles (string) - Comma-separated list of quantiles for histogram metrics (e.g., '0.5,0.95,0.99'). Optional
  • rateInterval (string) - Rate interval for metrics (e.g., '1m', '5m'). Optional, defaults to '10m'
  • reporter (string) - Metrics reporter. Optional, defaults to 'source'
  • requestProtocol (string) - Filter by request protocol (e.g., 'http', 'grpc', 'tcp'). Optional
  • resourceName (string) (required) - Name of the resource to get metrics for
  • resourceType (string) (required) - Type of resource to get metrics
  • step (string) - Step between data points in seconds (e.g., '15'). Optional, defaults to 15 seconds

• vm_clone - Clone a KubeVirt VirtualMachine by creating a VirtualMachineClone resource. This creates a copy of the source VM with a new name using the KubeVirt Clone API

  • name (string) (required) - The name of the source virtual machine to clone
  • namespace (string) (required) - The namespace of the source virtual machine
  • targetName (string) (required) - The name for the new cloned virtual machine

• vm_create - Create a KubeVirt VirtualMachine in the cluster with the specified configuration, automatically resolving instance types, preferences, and container disk images. VM will be created in Halted state by default; use autostart parameter to start it immediately.

  • autostart (boolean) - Optional flag to automatically start the VM after creation (sets runStrategy to Always instead of Halted). Defaults to false.
  • instancetype (string) - Optional instance type name for the VM (e.g., 'u1.small', 'u1.medium', 'u1.large')
  • name (string) (required) - The name of the virtual machine
  • namespace (string) (required) - The namespace for the virtual machine
  • networks (array) - Optional secondary network interfaces to attach to the VM. Each item specifies a Multus NetworkAttachmentDefinition to attach. Accepts either simple strings (NetworkAttachmentDefinition names) or objects with 'name' (interface name in VM) and 'networkName' (NetworkAttachmentDefinition name) properties. Each network creates a bridge interface on the VM.
  • performance (string) - Optional performance family hint for the VM instance type (e.g., 'u1' for general-purpose, 'o1' for overcommitted, 'c1' for compute-optimized, 'm1' for memory-optimized). Defaults to 'u1' (general-purpose) if not specified.
  • preference (string) - Optional preference name for the VM
  • size (string) - Optional workload size hint for the VM (e.g., 'small', 'medium', 'large', 'xlarge'). Used to auto-select an appropriate instance type if not explicitly specified.
  • storage (string) - Optional storage size for the VM's root disk when using DataSources (e.g., '30Gi', '50Gi', '100Gi'). Defaults to 30Gi. Ignored when using container disks.
  • workload (string) - The workload for the VM. Accepts OS names (e.g., 'fedora' (default), 'ubuntu', 'centos', 'centos-stream', 'debian', 'rhel', 'opensuse', 'opensuse-tumbleweed', 'opensuse-leap') or full container disk image URLs

• vm_guest_info - Get guest operating system information from a VirtualMachine's QEMU guest agent. Requires the guest agent to be installed and running inside the VM. Provides detailed information about the OS, filesystems, network interfaces, and logged-in users.

  • info_type (string) - Type of information to retrieve: 'all' (default - all available info), 'os' (operating system details), 'filesystem' (disk and filesystem info), 'users' (logged-in users), 'network' (network interfaces and IPs)
  • name (string) (required) - The name of the virtual machine
  • namespace (string) (required) - The namespace of the virtual machine

• vm_lifecycle - Manage KubeVirt VirtualMachine lifecycle: start, stop, or restart a VM

  • action (string) (required) - The lifecycle action to perform: 'start' (changes runStrategy to Always), 'stop' (changes runStrategy to Halted), or 'restart' (stops then starts the VM)
  • name (string) (required) - The name of the virtual machine
  • namespace (string) (required) - The namespace of the virtual machine

• tekton_pipeline_start - Start a Tekton Pipeline by creating a PipelineRun that references it

  • name (string) (required) - Name of the Pipeline to start
  • namespace (string) - Namespace of the Pipeline
  • params (object) - Parameter values to pass to the Pipeline. Keys are parameter names; values can be a string, an array of strings, or an object (map of string to string) depending on the parameter type defined in the Pipeline spec

• tekton_pipelinerun_restart - Restart a Tekton PipelineRun by creating a new PipelineRun with the same spec

  • name (string) (required) - Name of the PipelineRun to restart
  • namespace (string) - Namespace of the PipelineRun

• tekton_task_start - Start a Tekton Task by creating a TaskRun that references it

  • name (string) (required) - Name of the Task to start
  • namespace (string) - Namespace of the Task
  • params (object) - Parameter values to pass to the Task. Keys are parameter names; values can be a string, an array of strings, or an object (map of string to string) depending on the parameter type defined in the Task spec

• tekton_taskrun_restart - Restart a Tekton TaskRun by creating a new TaskRun with the same spec

  • name (string) (required) - Name of the TaskRun to restart
  • namespace (string) - Namespace of the TaskRun

• tekton_taskrun_logs - Get the logs from a Tekton TaskRun by resolving its underlying pod

  • name (string) (required) - Name of the TaskRun to get logs from
  • namespace (string) - Namespace of the TaskRun
  • tail (integer) - Number of lines to retrieve from the end of the logs (Optional, default: 100)

Prompts

• cluster-health-check - Perform comprehensive health assessment of Kubernetes/OpenShift cluster
  • namespace (string) - Optional namespace to limit health check scope (default: all namespaces)
  • check_events (string) - Include recent warning/error events (true/false, default: true)

• vm-troubleshoot - Generate a step-by-step troubleshooting guide for diagnosing KubeVirt VirtualMachine issues
  • namespace (string) (required) - The namespace of the VirtualMachine to troubleshoot
  • name (string) (required) - The name of the VirtualMachine to troubleshoot

Resources

Resource Templates

Helm Chart

A Helm Chart is available to simplify the deployment of the Kubernetes MCP server.

helm install kubernetes-mcp-server oci://ghcr.io/containers/charts/kubernetes-mcp-server

For configuration options including OAuth, telemetry, and resource limits, see the chart README and values.yaml.

💬 Community <a id="community"></a>

Join the conversation and connect with other users and contributors:

• Slack - Ask questions, share feedback, and discuss the Kubernetes MCP server in the #kubernetes-mcp-server channel on the CNCF Slack workspace. If you're not already a member, you can request an invitation.

🧑‍💻 Development <a id="development"></a>

Running with mcp-inspector

Compile the project and run the Kubernetes MCP server with mcp-inspector to inspect the MCP server.

# Compile the project
make build
# Run the Kubernetes MCP server with mcp-inspector
npx @modelcontextprotocol/inspector@latest $(pwd)/kubernetes-mcp-server

mcp-name: io.github.containers/kubernetes-mcp-server