{"id":"weaveworks-wkp-k8s-krb5-server","name":"wkp-k8s-krb5-server","homepage":"https://hub.docker.com/r/weaveworks/wkp-k8s-krb5-server","repo_url":"https://hub.docker.com/r/weaveworks/wkp-k8s-krb5-server","category":"infrastructure","subcategories":[],"tags":["kubernetes","kerberos","krb5","authentication","infrastructure","kdc","security"],"what_it_does":"wkp-k8s-krb5-server appears to be a Kubernetes-focused component for providing/serving Kerberos (KRB5) infrastructure (e.g., a Kerberos server with related configuration) to workloads running in a cluster.","use_cases":["Running Kerberos authentication for applications in Kubernetes","Providing a Kerberos KDC (and related services) to cluster workloads","Setting up Kerberos-based SSO/authentication paths for internal services"],"not_for":["Public internet-facing authentication services without additional hardening and operational controls","Environments where Kerberos/KDC is not acceptable or not required","Teams needing a turnkey SaaS API with managed authentication (this is infrastructure, not a hosted API)"],"best_when":"You need Kerberos in a Kubernetes environment and want deployable infrastructure/components rather than a managed third-party auth service.","avoid_when":"You only need simple username/password auth or OAuth/OIDC and don’t require Kerberos; or you lack operational/security expertise to run authentication infrastructure safely.","alternatives":["Managed identity providers with OIDC/SAML (Auth0, Okta, Azure AD, Google Workspace)","Kubernetes-friendly Kerberos solutions/operators from the community (where available)","Self-managed MIT/Heimdal Kerberos deployed outside Kubernetes (for simpler networking/control plane separation)"],"af_score":16.0,"security_score":42.8,"reliability_score":0.0,"package_type":"mcp_server","discovery_source":["docker_mcp"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T21:29:47.969049+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Kerberos (KRB5) for workload/service authentication"],"oauth":false,"scopes":false,"notes":"No OAuth/API-token auth is implied; this is infrastructure meant to support Kerberos flows between clients and the Kerberos server."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":null},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":16.0,"security_score":42.8,"reliability_score":0.0,"mcp_server_quality":0.0,"documentation_accuracy":0.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":20.0,"rate_limit_clarity":0.0,"tls_enforcement":30.0,"auth_strength":75.0,"scope_granularity":20.0,"dependency_hygiene":40.0,"secret_handling":40.0,"security_notes":"Kerberos-based authentication can be strong, but the security posture largely depends on deployment configuration (TLS, key management, realm/admin principal handling, firewalling/network policies, and secret storage). Documentation/manifests were not provided here, so scores reflect uncertainty rather than confirmed secure defaults.","uptime_documented":0.0,"version_stability":0.0,"breaking_changes_history":0.0,"error_recovery":0.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":[]}}