{"id":"xwomen1-mcp-k8s-server","name":"mcp-k8s-server","homepage":null,"repo_url":"https://github.com/xwomen1/mcp-k8s-server","category":"infrastructure","subcategories":[],"tags":["mcp","kubernetes","k8s","devops","platform-engineering","ai-agents","helm","kubectl","port-forwarding","rbac","cloud-native"],"what_it_does":"An MCP (Model Context Protocol) server that provides Kubernetes management tools to AI clients, enabling operations such as applying manifests (including server-side apply), dry-run validation, viewing/scaling workload resources, log streaming, port-forwarding, and multi-cluster context switching.","use_cases":["AI-assisted Kubernetes operations (CRUD for Deployments/StatefulSets/DaemonSets/Pods)","Manifest validation via dry-run before applying changes","Server-side apply automation for safer updates","Troubleshooting via pod log streaming and event filtering","Operational support such as scaling and job/cronjob interactions","Port-forwarding/tunnel management to reach in-cluster services","Managing and switching between multiple Kubernetes clusters from one assistant session"],"not_for":["Running as a public, internet-exposed service without strong network and authentication controls","Unrestricted cluster administration from untrusted/anonymous clients","High-assurance workflows requiring formally verified policy enforcement and audit guarantees (not evidenced in provided materials)"],"best_when":"You have an MCP-capable AI client and a controlled environment where the server can safely execute Kubernetes API actions using a known kubeconfig/service account and scoped RBAC permissions.","avoid_when":"You cannot restrict RBAC permissions and network access; or you need documented rate limits, strong auth, and concrete error/pagination/retry contracts for reliable agent automation.","alternatives":["Using kubectl/helm directly from an automation runner with constrained RBAC","Using Kubernetes GitOps tools (e.g., Argo CD/Flux) for reconciliation instead of direct apply","Custom internal MCP server or wrappers around Kubernetes APIs with stricter policy checks and explicit contracts","Using existing MCP Kubernetes-related servers (if available) with better-documented auth/error semantics"],"af_score":44.0,"security_score":39.2,"reliability_score":17.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T19:51:10.399047+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":["Go"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Kubeconfig path via KUBECONFIG_PATH (implied)"],"oauth":false,"scopes":false,"notes":"The README only shows an example of passing KUBECONFIG_PATH to the server; it does not document an external auth mechanism for MCP clients (e.g., API key/OAuth), nor scope granularity for tool calls."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided (appears to be open-source/self-hosted)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":44.0,"security_score":39.2,"reliability_score":17.5,"mcp_server_quality":55.0,"documentation_accuracy":50.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":35.0,"rate_limit_clarity":10.0,"tls_enforcement":30.0,"auth_strength":45.0,"scope_granularity":20.0,"dependency_hygiene":40.0,"secret_handling":60.0,"security_notes":"The README makes a general claim to 'never expose secret values, only metadata' and mentions security-first posture, but provides no concrete details on transport security (TLS), authentication for MCP clients, RBAC scoping enforcement inside the server, audit logging configuration, or dependency/security posture. Kubernetes permissions provided via kubeconfig are a primary security boundary; if RBAC is overly broad, tool access can be high impact.","uptime_documented":0.0,"version_stability":30.0,"breaking_changes_history":0.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":"README claims server-side apply and a field_manager approach, which can support safer repeated updates, but it does not explicitly state idempotency guarantees per tool (e.g., retry-safe semantics, expected behavior on duplicates).","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Kubernetes operations can be destructive; tool calls that 'apply' arbitrary resources require strict RBAC and client-side validation.","Port-forwarding/tunneling requires careful session lifecycle handling (start/stop) to avoid lingering access.","Multi-cluster support increases risk of applying manifests to the wrong cluster context without strong safeguards.","Dry-run validation depends on kube-apiserver behavior and permissions; agents may misinterpret dry-run results if RBAC differs from real apply."]}}