Install command
Provided
Kubernetes cluster management and container orchestration through MCP integration
Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.
Decision playbook
Signals are comparatively strong, but you should still validate source, privacy posture, and package provenance for your environment.
0
96
—
No baseline selected
No major trust-signal divergence detected in the current selection.
Confirm ownership and provenance before trusting install instructions.
Source link availableRequired
Open the canonical repository and verify ownership.
Source provenance statusRequired
Marked as first-party.
Metadata reviewed
Registry metadata indicates a reviewed listing.
Validate risk disclosures before installation or API wiring.
Safety notes presentRequired
Review the listed safety guidance before running commands.
Privacy notes presentRequired
Review data handling notes before connecting accounts or secrets.
Trust level risk gateRequired
Trust level does not block evaluation.
Check package metadata and artifact integrity signals.
Install payload available
Install or copy payload is available for review.
Package verification flag
Package marked verified.
Checksum metadata
SHA-256 hash is present.
Use compare context to validate trade-offs before adoption.
Compare tray has multiple entries
Add at least one more entry to compare trust differences.
Baseline comparison available
No baseline peer selected yet.
Diverging trust signals identified
No major trust-signal divergence found.
Setup at a glance
Copy-ready — paste the snippet to get started.
Install command
Provided
Config snippet
Provided
Copy snippet
Provided
Prerequisites
10 to clear
Platforms
4 listed
Difficulty
10/100
Adoption plan
Current risk score 0/100. Use staged verification before broader rollout.
Validate source and review signals before any execution.
Confirm source provenanceRequired
Source URL/provenance metadata is present.
Confirm metadata review state
Listing has review metadata.
Verify install payload
Install/config payload exists and can be inspected.
Confirm safety, privacy, and package integrity signals.
Review safety notesRequired
Safety notes are present.
Review privacy notesRequired
Privacy notes are present.
Verify package integrity metadata
Package verification/checksum metadata is available.
Adopt in controlled steps based on the selected plan.
Run in isolated sandbox firstRequired
Use a constrained sandbox and observe behavior across multiple tasks.
Roll out graduallyRequired
Roll out to a small cohort before wider usage.
Set monitoring and fallback
Define rollback path and monitor errors after adoption.
Evidence readiness
Required evidence gates are covered (6/6 signals complete).
Source repository/provenance is listed.
Required in this preset
Review metadata is present.
Required in this preset
Safety notes are present.
Required in this preset
Privacy notes are present.
Optional in this preset
Package integrity metadata is present.
Optional in this preset
Install payload is available.
Required in this preset
Required evidence gates are covered for this preset.
Decision timeline
6/6 steps complete with no blocking gaps for this preset.
triage
Source/provenance metadata is available.
triage
Review metadata is available.
verify
Safety notes are available.
verify
Privacy notes are available.
verify
Package integrity metadata is available.
rollout
Install payload is available.
No required blockers for this timeline preset.
Prerequisite readiness
10 prerequisites to line up before setup.
Safety & privacy surface
1 safety and 1 privacy notes across 2 risk areas. Review closely: credentials & tokens.
{
"kubernetes": {
"env": {
"KUBECONFIG": "${KUBECONFIG:-~/.kube/config}"
},
"args": [
"mcp-kubernetes-server"
],
"command": "uvx"
}
}Streamline your Kubernetes cluster management by connecting Claude to your Kubernetes API. Deploy and manage applications, monitor cluster health, scale workloads, manage secrets and configurations, troubleshoot issues, and automate operations—all through natural language commands. Leverage kubectl and Helm operations seamlessly with RBAC-aware access control.
{
"kubernetes": {
"env": {
"KUBECONFIG": "${KUBECONFIG:-~/.kube/config}"
},
"args": ["mcp-kubernetes-server"],
"command": "uvx"
}
}
Common usage pattern for this MCP server
Ask Claude: "List all pods in the default namespace"
Common usage pattern for this MCP server
Ask Claude: "Create a new deployment with specified image"
Common usage pattern for this MCP server
Ask Claude: "Scale a deployment to 5 replicas"
Common usage pattern for this MCP server
Ask Claude: "Get cluster node information and status"
Create a Kubernetes deployment with replica configuration
// Deploy application to Kubernetes
const deployment = await k8s.apps.v1.deployments.create({
namespace: "default",
body: {
metadata: { name: "my-app" },
spec: {
replicas: 3,
selector: { matchLabels: { app: "my-app" } },
template: {
metadata: { labels: { app: "my-app" } },
spec: { containers: [{ name: "app", image: "nginx:latest" }] },
},
},
},
});
Verify kubeconfig file is correctly configured at ~/.kube/config. Check IAM entity is authenticated by cluster. Run kubectl config view to verify context and credentials are set properly. Ensure kubeconfig file has valid certificates and hasn't expired. For cloud providers (EKS, GKE, AKS), regenerate kubeconfig using provider-specific commands (e.g., aws eks update-kubeconfig --name cluster-name).
Set KUBECONFIG environment variable to correct path. Export KUBECONFIG=~/.kube/config or specify in MCP server config. Verify kubeconfig file exists and has valid cluster endpoint, not localhost:8080. Check cluster API server URL in kubeconfig matches your actual cluster endpoint. For remote clusters, ensure network connectivity and firewall rules allow access.
Verify your user has appropriate RBAC permissions. Check if IAM principal needs system:masters group for admin access. For EKS, use access entries with API or API_AND_CONFIG_MAP authentication mode. Review RoleBinding or ClusterRoleBinding to ensure your user/service account has required permissions. Use kubectl auth can-i <verb> <resource> to test permissions.
Ensure kubectl version within ±1 minor version of cluster. For Kubernetes 1.29 cluster, use kubectl 1.28-1.30. Run kubectl version --client and kubectl version to check client and server versions. Update kubectl if needed using official installation methods. Version skew can cause unexpected behavior and API compatibility issues.
Check certificate hasn't expired: kubectl config view --raw. Verify CA certificate in kubeconfig matches cluster CA. For EKS, regenerate kubeconfig: aws eks update-kubeconfig --name cluster-name. For self-signed certificates, ensure CA certificate is properly included in kubeconfig. Check certificate validity dates and renew if expired.
Verify kubeconfig file is valid and accessible. Check certificate expiration dates. Ensure service account token is valid. For remote clusters, verify network connectivity and TLS certificate configuration.
Check resource quotas and limits in namespace. Verify RBAC permissions allow resource creation. Ensure resource specifications are valid. Check cluster capacity and node resources. Review Kubernetes API server logs for detailed errors.
Check network connectivity to Kubernetes API server. Verify kubeconfig points to correct cluster endpoint. Increase request timeout values. Implement connection pooling and retry mechanisms with exponential backoff.
Check pod logs for application errors. Verify image pull secrets are configured correctly. Check resource requests and limits. Ensure container images are accessible. Review events using kubectl get events for detailed error information.
Kubernetes MCP Server - MCP Servers side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
3 trust signals differ across this comparison (Package trust, Source provenance, Submitter).
| Field | Kubernetes cluster management and container orchestration through MCP integration Open dossier | Manage Docker containers, images, and services directly through Claude with comprehensive Docker API integration Open dossier | Argo Project Labs MCP server for connecting Claude to Argo CD applications, clusters, managed resources, workload logs, events, sync operations, and resource actions through stdio or HTTP stream transports. Open dossier | MIT-licensed Kubernetes gateway and management layer for MCP servers, with session-aware routing, adapter lifecycle APIs, tool registration, Entra ID role authorization, and optional agent/session preview resources. Open dossier |
|---|---|---|---|---|
| Next steps | ||||
| Trust | ||||
| Review status | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed |
| Package trustDiffers | Package verified | Package verified | Package not verified | Package not verified |
| Source provenanceDiffers | Source-backed | No submission link | Source-backed | Source-backed |
| SubmitterDiffers | — | — | oktofeesh1 | oktofeesh1 |
| Install risk | Low risk | Low risk | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Brand | ||||
| Category | mcp | mcp | mcp | mcp |
| Source | first-party | first-party | source-backed | source-backed |
| Author | feiskyer | JSONbored | Argo Project Labs | microsoft |
| Added | 2025-09-20 | 2025-09-16 | 2026-06-06 | 2026-06-06 |
| Platforms | Claude CodeCodexCursorClaude Desktop | Claude CodeClaude Desktop | Claude CodeClaude Desktop | Claude CodeClaude Desktop |
| Source repo | — | — | — | — |
| Safety notes | ✓Use a least-privilege kubeconfig and selected context because cluster operations can affect production workloads and infrastructure. | ✓Restrict Docker daemon access because container operations can start, stop, delete, or expose workloads and host-mounted paths. | ✓Argo CD MCP can inspect clusters, applications, resource trees, managed resources, workload logs, and resource events. By default all tools are available; setting MCP_READ_ONLY to true disables create_application, update_application, delete_application, sync_application, and run_resource_action. sync_application can apply changes to Kubernetes resources and may prune resources depending on options. delete_application can remove Argo CD applications and may cascade deletion to child resources depending on options. run_resource_action can trigger actions on resources managed by an application. Disabling TLS certificate validation with NODE_TLS_REJECT_UNAUTHORIZED weakens transport security and should be limited to reviewed development contexts. | ✓Microsoft MCP Gateway can deploy, update, delete, and route MCP server adapters in Kubernetes through its management API. The dynamic `/mcp` tool router can route tool calls to registered tool servers, so tool definitions and execution endpoints must be reviewed before registration. Adapter and tool write access is limited to the creator or `mcp.admin`, while read access depends on creator, admin, and configured required roles. The optional agents and sessions subsystem is documented as preview and single-replica; built-in bash and file tools run in the gateway pod and are not a production sandbox. Proxying local stdio servers into remotely accessible services can expose local tools and workload identity permissions if access controls are too broad. |
| Privacy notes | ✓Resource specs, pod logs, namespaces, environment variables, secret names or values, and cluster metadata may be exposed. | ✓Image names, container logs, environment variables, volume paths, compose files, and registry metadata may be exposed through tool calls. | ✓Argo CD application specs, cluster names, repository URLs, revisions, namespaces, Kubernetes manifests, resource events, and workload logs can reveal secrets, internal topology, deployment history, incident details, or customer data. ARGOCD_BASE_URL, ARGOCD_API_TOKEN, stateless HTTP request headers, cluster names, namespace names, and application names should stay out of prompts, issues, logs, screenshots, and committed files. Workload logs and resource events may include credentials, tokens, environment variables, error traces, or production incident context. HTTP transport should be authenticated and network-restricted so Argo CD tools are not reachable by untrusted clients. | ✓The gateway may process bearer tokens, Entra ID role claims, adapter metadata, registered tool schemas, session IDs, MCP requests, tool arguments, tool results, logs, container image names, environment variables, and Kubernetes deployment status. Adapter logs and session streams can reveal prompts, tool inputs, tool outputs, upstream MCP responses, and internal service names. Workload identity, Azure resource access, Foundry settings, and MCP proxy environment variables can expose cloud permissions if logged or shared. Store tokens, role assignments, registry credentials, deployment payloads, and model provider settings in controlled secrets rather than committed examples. |
| Prerequisites |
|
|
|
|
| Install | | | | |
| Config | | | | |
| Citations | ||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
Source-backed guides for putting this to work.
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.