Kubernetes MCP Server

MCP server for Kubernetes cluster management — lets agents inspect pods, deployments, services, logs, and cluster state. Supports multiple cluster contexts via kubeconfig.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Cloud Infrastructure kubernetes k8s mcp containers pods deployments devops orchestration
⚙ Agent Friendliness
74
/ 100
Can an agent use this?
🔒 Security
81
/ 100
Is it safe for agents?
⚡ Reliability
72
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
75
Documentation
72
Error Messages
72
Auth Simplicity
80
Rate Limits
75

🔒 Security

TLS Enforcement
95
Auth Strength
80
Scope Granularity
75
Dep. Hygiene
78
Secret Handling
78

Security entirely depends on kubeconfig permissions. Use read-only ServiceAccounts for query-only agents. Full cluster-admin access is extremely dangerous for AI agents. Kubernetes RBAC is powerful but complex to configure correctly for least-privilege agent access.

⚡ Reliability

Uptime/SLA
75
Version Stability
72
Breaking Changes
70
Error Recovery
70
AF Security Reliability

Best When

Your agent needs to interact with a Kubernetes cluster for operations, debugging, or deployment management. Works with any k8s cluster accessible via kubeconfig.

Avoid When

You only run Docker Compose locally — overkill. For production cluster management agents, consider RBAC carefully before granting cluster-wide access.

Use Cases

  • Agents diagnosing failing pods and services from natural language queries
  • Inspecting cluster state for automated runbook execution
  • Reading container logs and events for incident response
  • Applying and managing Kubernetes manifests from agent workflows
  • Multi-cluster context switching for agents managing multiple environments

Not For

  • Docker-only environments (use Docker MCP server instead)
  • Cluster provisioning (use Terraform or cloud provider CLIs)
  • High-frequency polling of cluster state (kubectl watch patterns)

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: other
OAuth: No Scopes: No

Uses existing kubeconfig file for cluster authentication. Supports all kubectl auth methods: client certs, bearer tokens, OIDC, exec plugins. Server inherits permissions of the kubeconfig context used.

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

MIT licensed, free. Requires kubectl/kubeconfig configured for your cluster. Cluster costs are separate (EKS, GKE, AKS, or self-hosted).

Agent Metadata

Pagination
none
Idempotent
Partial
Retry Guidance
Not documented

Known Gotchas

  • kubeconfig context determines which cluster is accessed — agents must verify context before operations
  • RBAC is critical — agents should use ServiceAccounts with least-privilege roles, not cluster-admin
  • Namespace scoping: agents must specify namespace or use --all-namespaces carefully
  • Community server (not official Kubernetes project) — verify tool coverage before relying on it
  • Deleting Kubernetes resources via agents is extremely dangerous — add safeguards
  • Log streaming not supported via MCP — only log snapshots at call time

Alternatives

docker-mcp-server helm-api argocd-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Kubernetes MCP Server.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5182
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered