Model Kontext Protocol Server for Kubernetes that allows LLM-powered applications to interact with Kubernetes clusters through native Go implementation with direct API integration and comprehensive resource management.
MKP is a Model Context Protocol (MCP) server for Kubernetes that allows LLM-powered applications to interact with Kubernetes clusters. It provides tools for listing and applying Kubernetes resources through the MCP protocol.
MKP offers several key advantages as a Model Context Protocol server for Kubernetes:
Clone the repository:
git clone https://github.com/StacklokLabs/mkp.git
cd mkp
Install dependencies:
task install
Build the server:
task build
To run the server with the default kubeconfig:
task run
To run the server with a specific kubeconfig:
KUBECONFIG=/path/to/kubeconfig task run-with-kubeconfig
To run the server on a specific port:
MCP_PORT=9091 task run
The MKP server provides the following MCP tools:
Get a Kubernetes resource or its subresource.
Parameters:
resource_type
(required): Type of resource to get (clustered or namespaced)group
: API group (e.g., apps, networking.k8s.io)version
(required): API version (e.g., v1, v1beta1)resource
(required): Resource name (e.g., deployments, services)namespace
: Namespace (required for namespaced resources)name
(required): Name of the resource to getsubresource
: Subresource to get (e.g., status, scale, logs)parameters
: Optional parameters for the request (see examples below)Example:
{
"name": "get_resource",
"arguments": {
"resource_type": "namespaced",
"group": "apps",
"version": "v1",
"resource": "deployments",
"namespace": "default",
"name": "nginx-deployment",
"subresource": "status"
}
}
Example of getting logs from a specific container with parameters:
{
"name": "get_resource",
"arguments": {
"resource_type": "namespaced",
"group": "",
"version": "v1",
"resource": "pods",
"namespace": "default",
"name": "my-pod",
"subresource": "logs",
"parameters": {
"container": "my-container",
"sinceSeconds": "3600",
"timestamps": "true",
"limitBytes": "102400"
}
}
}
Available parameters for pod logs:
container
: Specify which container to get logs fromprevious
: Get logs from previous container instance (true/false)sinceSeconds
: Only return logs newer than a relative duration in secondssinceTime
: Only return logs after a specific time (RFC3339 format)timestamps
: Include timestamps on each line (true/false)limitBytes
: Maximum number of bytes to returntailLines
: Number of lines to return from the end of the logsBy default, pod logs are limited to the last 100 lines and 32KB to avoid overwhelming the LLM's context window. These defaults can be overridden using the parameters above.
Available parameters for regular resources:
resourceVersion
: When specified, shows the resource at that particular
versionLists Kubernetes resources of a specific type.
Parameters:
resource_type
(required): Type of resource to list (clustered or namespaced)group
: API group (e.g., apps, networking.k8s.io)version
(required): API version (e.g., v1, v1beta1)resource
(required): Resource name (e.g., deployments, services)namespace
: Namespace (required for namespaced resources)Example:
{
"name": "list_resources",
"arguments": {
"resource_type": "namespaced",
"group": "apps",
"version": "v1",
"resource": "deployments",
"namespace": "default"
}
}
Applies (creates or updates) a Kubernetes resource.
Parameters:
resource_type
(required): Type of resource to apply (clustered or
namespaced)group
: API group (e.g., apps, networking.k8s.io)version
(required): API version (e.g., v1, v1beta1)resource
(required): Resource name (e.g., deployments, services)namespace
: Namespace (required for namespaced resources)manifest
(required): Resource manifestExample:
{
"name": "apply_resource",
"arguments": {
"resource_type": "namespaced",
"group": "apps",
"version": "v1",
"resource": "deployments",
"namespace": "default",
"manifest": {
"apiVersion": "apps/v1",
"kind": "Deployment",
"metadata": {
"name": "nginx-deployment",
"namespace": "default"
},
"spec": {
"replicas": 3,
"selector": {
"matchLabels": {
"app": "nginx"
}
},
"template": {
"metadata": {
"labels": {
"app": "nginx"
}
},
"spec": {
"containers": [
{
"name": "nginx",
"image": "nginx:latest",
"ports": [
{
"containerPort": 80
}
]
}
]
}
}
}
}
}
}
Posts to a Kubernetes resource or its subresource, particularly useful for executing commands in pods.
Parameters:
resource_type
(required): Type of resource to post to (clustered or
namespaced)group
: API group (e.g., apps, networking.k8s.io)version
(required): API version (e.g., v1, v1beta1)resource
(required): Resource name (e.g., deployments, services)namespace
: Namespace (required for namespaced resources)name
(required): Name of the resource to post tosubresource
: Subresource to post to (e.g., exec)body
(required): Body to post to the resourceparameters
: Optional parameters for the requestExample of executing a command in a pod:
{
"name": "post_resource",
"arguments": {
"resource_type": "namespaced",
"group": "",
"version": "v1",
"resource": "pods",
"namespace": "default",
"name": "my-pod",
"subresource": "exec",
"body": {
"command": ["ls", "-la", "/"],
"container": "my-container",
"timeout": 30
}
}
}
The body
for pod exec supports the following fields:
command
(required): Command to execute, either as a string or an array of
stringscontainer
(optional): Container name to execute the command in (defaults to
the first container)timeout
(optional): Timeout in seconds (defaults to 15 seconds, maximum 60
seconds)Note on timeouts:
The response includes stdout, stderr, and any error message:
{
"apiVersion": "v1",
"kind": "Pod",
"metadata": {
"name": "my-pod",
"namespace": "default"
},
"spec": {
"command": ["ls", "-la", "/"]
},
"status": {
"stdout": "total 48\ndrwxr-xr-x 1 root root 4096 May 5 14:30 .\ndrwxr-xr-x 1 root root 4096 May 5 14:30 ..\n...",
"stderr": "",
"error": ""
}
}
The MKP server provides access to Kubernetes resources through MCP resources. The resource URIs follow these formats:
k8s://clustered/{group}/{version}/{resource}/{name}
k8s://namespaced/{namespace}/{group}/{version}/{resource}/{name}
By default, MKP serves all Kubernetes resources as MCP resources, which provides useful context for LLMs. However, in large clusters with many resources, this can consume significant context space in the LLM.
You can disable this behavior by using the --serve-resources
flag:
# Run without serving cluster resources
./build/mkp-server --serve-resources=false
# Run with a specific kubeconfig without serving cluster resources
./build/mkp-server --kubeconfig=/path/to/kubeconfig --serve-resources=false
Even with resource discovery disabled, the MCP tools (get_resource
,
list_resources
, apply_resource
, delete_resource
, and post_resource
)
remain fully functional, allowing you to interact with your Kubernetes cluster.
By default, MKP operates in read-only mode, meaning it does not allow write
operations on the cluster, i.e. the apply_resource
, delete_resource
, and
post_resource
tools will not be available. You can enable write operations by
using the --read-write
flag:
# Run with write operations enabled
./build/mkp-server --read-write=true
# Run with a specific kubeconfig and write operations enabled
./build/mkp-server --kubeconfig=/path/to/kubeconfig --read-write=true
MKP includes a built-in rate limiting mechanism to protect the server from excessive API calls, which is particularly important when used with AI agents. The rate limiter uses a token bucket algorithm and applies different limits based on the operation type:
Rate limits are applied per client session, ensuring fair resource allocation across multiple clients. The rate limiting feature can be enabled or disabled via the command line flag:
# Run with rate limiting enabled (default)
./build/mkp-server
# Run with rate limiting disabled
./build/mkp-server --enable-rate-limiting=false
task test
task fmt
task lint
task deps
MKP can be run as a Model Context Protocol (MCP) server using ToolHive, which simplifies the deployment and management of MCP servers.
The easiest way to run MKP is using the packaged version available in ToolHive's registry:
# Register a supported client so ToolHive can auto-configure your environment
thv client setup
# Run the MKP server (packaged as 'k8s' in ToolHive)
# Mount your kubeconfig so the server can access your Kubernetes cluster
thv run --volume $HOME/.kube:/home/nonroot/.kube:ro k8s
# List running servers
thv list
# Get detailed information about the server
thv registry info k8s
This will mount your Kubernetes credentials and make the server available to your MCP-compatible clients.
For advanced users who need custom configuration, you can also run MKP using the container image directly:
# Run the MKP server using the published container image
thv run --name mkp --transport sse --target-port 8080 --volume $HOME/.kube:/home/nonroot/.kube:ro ghcr.io/stackloklabs/mkp/server:latest
This command:
To use a specific version instead of the latest:
thv run --name mkp --transport sse --target-port 8080 --volume $HOME/.kube:/home/nonroot/.kube:ro ghcr.io/stackloklabs/mkp/server:v0.0.1
To verify that the MKP server is running:
thv list
This will show all running MCP servers managed by ToolHive, including the MKP server.
To stop the MKP server:
# For packaged version
thv stop k8s
# For custom named version
thv stop mkp
To remove the server instance completely:
# For packaged version
thv rm k8s
# For custom named version
thv rm mkp
We welcome contributions to this MCP server! If you'd like to contribute, please review the CONTRIBUTING guide for details on how to get started.
If you run into a bug or have a feature request, please
open an issue in the repository or
join us in the #mcp-servers
channel on our
community Discord server.
This project is licensed under the Apache v2 License - see the LICENSE file for details.
Integrates LLM applications with documentation sources using the Model Context Protocol.
Single tool to control all 100+ API integrations, and UI components
Create crafted UI components inspired by the best 21st.dev design engineers.
A bridge between the Unity game engine and AI assistants using the Model Context Protocol (MCP).
Programmatically access and parse NOAA Electronic Navigational Charts (ENC) in S-57 format.
Execute MATLAB scripts and functions via MCP clients. Requires a local MATLAB installation.
A Python package with utilities and helpers for building MCP-compliant servers, often using Flask and Redis.
Migrate JavaScript files to TypeScript with customizable conversion rules.
Programmatically control iOS simulators via stdio transport. Requires macOS with Xcode and installed iOS simulators.
Integrates with Language Server Protocol (LSP) to provide features like code completion, diagnostics, and hover information.