How do I install K8scortex?

K8scortex is a local plugin. Install it using npm package: k8scortex-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does K8scortex need?

K8scortex requires the following credentials or environment variables: KUBECONFIG, DISABLE_AUTH. You can find setup instructions on the server detail page.

What AI apps work with K8scortex?

K8scortex uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

K8scortex MCP Server

by Apatilgtn

Developer ToolsLow Risk10.0MCP RegistryLocal

Free

Server data from the Official MCP Registry

Kubernetes MCP server: 75 tools for GKE, AKS, EKS, RBAC, audit logging, GitOps, multi-cluster.

About

Kubernetes MCP server: 75 tools for GKE, AKS, EKS, RBAC, audit logging, GitOps, multi-cluster.

Security Report

10.0

Low Risk10.0Low Risk

Valid MCP server (2 strong, 1 medium validity signals). No known CVEs in dependencies. Package registry verified. Imported from the Official MCP Registry.

5 files analyzed · 1 issue found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

What You'll Need

Set these up before or after installing:

Path to your kubeconfig file. Defaults to ~/.kube/config if not set.Optional

Environment variable: KUBECONFIG

Set to 'true' to disable JWT authentication (recommended for local use).Optional

Environment variable: DISABLE_AUTH

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-apatilgtn-k8scortex-mcp": {
      "env": {
        "KUBECONFIG": "your-kubeconfig-here",
        "DISABLE_AUTH": "your-disable-auth-here"
      },
      "args": [
        "-y",
        "k8scortex-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

K8sCortex — Kubernetes MCP Server

A production-grade Model Context Protocol (MCP) server that gives developers, AI agents, and automation pipelines a single, secure, natural-language interface to Kubernetes — across any cloud, any cluster, any team.

Features

Curated multi-domain toolset across workload, deployment, configuration, observability, jobs, networking, GitOps, cluster admin, and generic read paths
Multi-cluster routing — target any registered cluster with a single cluster parameter
Entra ID OIDC authentication with per-tool RBAC (5-tier role hierarchy)
Structured audit logging — every tool call recorded with caller identity, arguments, and outcome
Dual transport — SSE/HTTP for programmatic clients + stdio for Claude Desktop
Azure Key Vault integration for dynamic credential management with 5-minute TTL cache
Dry-run safety — destructive tools default to simulation mode
Generic read coverage — list/get support for resources outside curated write paths to avoid troubleshooting dead-ends

Install via npx (Fastest)

npx k8scortex-mcp

Or install globally:

npm install -g k8scortex-mcp

Quick Start

Prerequisites

Node.js ≥ 18
A Kubernetes cluster (minikube, Rancher Desktop, or AKS)
kubectl configured with a valid context

Install & Run

# Clone
git clone https://github.com/apatilgtn/k8scortex-mcp.git
cd k8scortex-mcp

# Install
npm install

# Build
npm run build

# Run (local dev mode — auth bypassed)
DISABLE_AUTH=true PORT=3001 npm run dev

Connect with MCP Inspector

npx @modelcontextprotocol/inspector sse http://localhost:3001/mcp

Connect with Claude Desktop

Add to ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "k8scortex": {
      "command": "node",
      "args": ["<path-to>/k8scortex-mcp/dist/stdio.js"],
      "env": {
        "DISABLE_AUTH": "true",
        "KUBECONFIG": "~/.kube/config"
      }
    }
  }
}

Restart Claude Desktop. Ask: "List all pods in the default namespace".

Tools

K8sCortex intentionally keeps writes curated and governed, while allowing flexible read access for diagnostics.

Domain	Tool	Description
Workload	`list_pods`	List pods with status and IP
Workload	`get_pod_logs`	Fetch container logs
Workload	`describe_deployment`	Full deployment spec
Workload	`list_statefulsets`	List StatefulSets with rollout status
Workload	`describe_statefulset`	Detailed StatefulSet spec/status
Workload	`list_daemonsets`	List DaemonSets with scheduling status
Workload	`describe_daemonset`	Detailed DaemonSet spec/status
Workload	`list_nodes`	Cluster nodes with Ready status
Deploy	`scale_deployment`	Scale replicas (dry-run default)
Deploy	`restart_pod`	Delete pod to trigger restart
Config	`get_configmap`	Read ConfigMap data
Config	`describe_namespace_quota`	Resource quota usage
Config	`list_events`	Recent namespace events
Config	`list_persistent_volume_claims`	PVC status, bound volume, storage class, capacity
Config	`get_effective_permissions`	ServiceAccount SubjectAccessReview matrix
Generic Read	`list_k8s_resources`	Generic list for arbitrary resource kinds
Generic Read	`get_k8s_resource`	Generic get for arbitrary resource kinds
Observe	`get_hpa_status`	HPA metrics and scaling
Observe	`list_warning_events`	Warning events for triage
Observe	`get_node_pressure`	Node memory/disk/PID pressure
Multi	`list_clusters`	All registered clusters
Multi	`get_cluster_info`	Node count, versions, architecture

For the evolving full catalog, see docs/developer-guide.md.

Managed Risk

The largest functional risk in Kubernetes MCP is dead-end visibility on non-curated resources (for example StatefulSets, DaemonSets, PVCs, or CRDs). KubeNexus addresses this by combining:

Governed writes: high-impact operations remain explicit, role-gated, and often dry-run by default.
Flexible reads: generic read tools cover arbitrary resource kinds for diagnostics.

This keeps the governance posture strong while preserving practical troubleshooting coverage.

Scope Boundaries (v1)

K8sCortex is designed as a governed platform interface, not an unrestricted Kubernetes super-client.

Generic write for any resource: intentionally out of scope in v1. Writes are curated and role-gated by design.
Pod exec interactive sessions: intentionally out of scope in v1. This requires stronger session controls and command-level auditing that are planned for a later version.

Architecture

Claude / Prism Agent / CI-CD
        │
        ▼
┌──────────────────────────────┐
│     K8sCortex MCP Server     │
│  OIDC → RBAC → Tool → Audit │
│         │                    │
│   Cluster Store (Key Vault)  │
└──────────┬───────────────────┘
           │
    ┌──────┼──────┐
    ▼      ▼      ▼
   AKS    EKS    GKE

Security

Authentication: Entra ID OIDC tokens validated on every request
Authorization: Role-based tool access (developer → platform-engineer)
Audit: JSON-structured log per invocation with user, tool, args, status
Network: ClusterIP only — no public endpoint
Credentials: Key Vault with 5-minute TTL cache, no kubeconfigs on disk

Project Structure

src/
├── index.ts              # Express SSE server
├── stdio.ts              # Stdio entry point (Claude Desktop)
├── auth.ts               # OIDC middleware
├── roles.ts              # RBAC role hierarchy
├── audit.ts              # Audit logger
├── context.ts            # AsyncLocalStorage user context
├── cluster-store.ts      # Dynamic K8s client factory
├── kubernetes.ts         # Client re-export
└── tools/
    ├── workload.ts       # list_pods, get_pod_logs, describe_deployment, list_nodes
    ├── deployment.ts     # scale_deployment, restart_pod
    ├── configuration.ts  # get_configmap, describe_namespace_quota, list_events
    ├── observability.ts  # get_hpa_status, list_warning_events, get_node_pressure
    └── multicluster.ts   # list_clusters, get_cluster_info

kubernetes/               # Production manifests
├── namespace.yaml
├── deployment.yaml
├── service.yaml
├── rbac.yaml
├── network-policy.yaml
├── hpa.yaml
├── secret-provider-class.yaml
└── alerts.yaml           # Prometheus alerting rules

docs/
├── developer-guide.md    # End-user documentation
├── operator-runbook.md   # Platform team operations
├── slos.md               # Service level objectives
└── adrs/                 # Architecture decision records
    ├── ADR-001-tool-taxonomy.md
    ├── ADR-002-idp-integration.md
    ├── ADR-003-role-model.md
    └── ADR-004-credential-management.md

Documentation

Developer Guide — How to connect, available tools, example queries
Operator Runbook — Deploy, upgrade, rotate credentials, incident response
SLOs — Availability, latency, and alerting targets

Document Files

Word documents are consolidated in docs/docx.
Current files:
- K8sCortex_Cloud_Testing_Publishing_Plan.docx
- K8sCortex_Project_Plan.docx
- K8sCortex_Project_Plan_v3.docx
- K8sCortex_Project_Plan_v4.docx

License

Internal — Platform Engineering

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

K8scortex MCP Server

About

Security Report

Findings (1)

What You'll Need

How to Install

Documentation

K8sCortex — Kubernetes MCP Server

Features

Install via npx (Fastest)

Quick Start

Prerequisites

Install & Run

Connect with MCP Inspector

Connect with Claude Desktop

Tools

Managed Risk

Scope Boundaries (v1)

Architecture

Security

Project Structure

Documentation

Document Files

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

Google Workspace MCP