/ 디렉터리 / 플레이그라운드 / kubectl-mcp-server
← 모든 서버 ↗ GitHub
● 커뮤니티 rohitg00 ⚡ 바로 사용

kubectl-mcp-server

제작: rohitg00 · rohitg00/kubectl-mcp-server

Operate Kubernetes through natural language — pods, deployments, Helm, GitOps, cost optimization. 253 tools, CNCF Landscape listed.

kubectl-mcp-server (rohitg00) exposes a broad 253-tool surface over kubectl, Helm, Flux/ArgoCD, Cert-Manager, Velero, KEDA, and Istio. Respects your standard KUBECONFIG; supports multi-cluster via context parameters. Optional OAuth 2.1 for multi-tenant deployments.

▶ 데모 보기 📦 설치 💡 사용 사례

왜 쓰나요

핵심 기능

라이브 데모

실제 사용 모습

kubectl.replay ▶ 준비됨
0/0

설치

클라이언트 선택

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "kubectl": {
      "command": "uvx",
      "args": [
        "kubectl-mcp-server"
      ],
      "_inferred": true
    }
  }
}

Claude Desktop → Settings → Developer → Edit Config 열기. 저장 후 앱 재시작.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "kubectl": {
      "command": "uvx",
      "args": [
        "kubectl-mcp-server"
      ],
      "_inferred": true
    }
  }
}

Cursor는 Claude Desktop과 동일한 mcpServers 스키마 사용. 프로젝트 설정이 전역보다 우선.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "kubectl": {
      "command": "uvx",
      "args": [
        "kubectl-mcp-server"
      ],
      "_inferred": true
    }
  }
}

Cline 사이드바의 MCP Servers 아이콘 클릭 후 "Edit Configuration" 선택.

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "kubectl": {
      "command": "uvx",
      "args": [
        "kubectl-mcp-server"
      ],
      "_inferred": true
    }
  }
}

Claude Desktop과 같은 형식. Windsurf 재시작 후 적용.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "kubectl",
      "command": "uvx",
      "args": [
        "kubectl-mcp-server"
      ]
    }
  ]
}

Continue는 맵이 아닌 서버 오브젝트 배열 사용.

~/.config/zed/settings.json
{
  "context_servers": {
    "kubectl": {
      "command": {
        "path": "uvx",
        "args": [
          "kubectl-mcp-server"
        ]
      }
    }
  }
}

context_servers에 추가. 저장 시 Zed가 핫 리로드.

claude mcp add kubectl -- uvx kubectl-mcp-server

한 줄 명령. claude mcp list로 확인, claude mcp remove로 제거.

사용 사례

실전 활용법: kubectl-mcp-server

Triage a CrashLoopBackOff pod in 60 seconds

👤 On-call SREs ⏱ ~10 min intermediate

언제 쓸까: Alerts fire; you want to see logs, events, and resource usage before digging in kubectl manually.

사전 조건
  • kubectl configured with cluster access — kubectl config get-contexts should list your cluster
흐름
  1. Identify crashing pods
    List pods in namespace X with restart count > 5. Show pod name, container, and last exit reason.✓ 복사됨
    → Narrowed list
  2. Pull logs + events
    For pod Y, get last 100 lines of logs and the related events. Highlight any error keywords.✓ 복사됨
    → Likely root cause
  3. Check resource pressure
    Show CPU/memory limits vs actual for the pod. OOM killed?✓ 복사됨
    → Resource verdict

결과: A focused hypothesis in a minute, not ten kubectl commands.

함정
  • Wrong cluster context — Always specify --context in your prompt; the default can bite you across prod/staging
함께 쓰기: prometheus

Find over-provisioned workloads to trim your cluster bill

👤 FinOps, platform engineers ⏱ ~40 min advanced

언제 쓸까: Quarterly cost reviews — you want data-driven scale-down candidates.

흐름
  1. Run the cost analysis
    Use the cost-optimization tools to find deployments where request/limit is 3x actual over the last 30 days.✓ 복사됨
    → Ranked list of over-provisioned workloads
  2. Estimate savings
    For the top 10, estimate $ saved per month if right-sized. Group by team.✓ 복사됨
    → Per-team savings table
  3. File PRs with suggested manifests
    Generate updated manifests for the top 5 and file PRs in the appropriate repos.✓ 복사됨
    → PRs opened with proposed diffs

결과: Visible cost wins backed by metrics, with follow-through via PRs.

함께 쓰기: github · prometheus

Upgrade a Helm release safely with Claude

👤 Platform engineers ⏱ ~20 min advanced

언제 쓸까: Routine Helm upgrades shouldn't require 20 minutes of ceremony.

흐름
  1. Diff new vs current
    For release X, show diff between values.yaml and the new chart version.✓ 복사됨
    → Value/template diff
  2. Dry-run
    Run helm upgrade --dry-run with the new chart. Report any rendered template issues.✓ 복사됨
    → Clean dry-run or actionable errors
  3. Upgrade with rollback ready
    Apply the upgrade. Immediately after, verify rollout status and keep the previous revision ready for rollback.✓ 복사됨
    → Deployed successfully with rollback instructions

결과: Lower-risk Helm ops with a rollback path explicit from the start.

Audit RBAC for overly-permissive roles

👤 Security engineers ⏱ ~30 min advanced

언제 쓸까: Pre-certification or after noticing a suspicious role.

흐름
  1. List wildcard roles
    Find ClusterRoles or Roles with '*' in resources or verbs. Group by namespace.✓ 복사됨
    → Wildcard RBAC list
  2. Map to subjects
    For each, who's bound to it? List ServiceAccounts/Users/Groups.✓ 복사됨
    → Subject-role matrix
  3. Suggest minimal replacements
    For the top 5 riskiest, suggest minimum required verbs based on actual usage (audit logs).✓ 복사됨
    → Concrete tightening proposals

결과: Tightened RBAC with defensible diffs.

조합

다른 MCP와 조합해 10배 효율

kubectl + prometheus

Cross-reference pod state with Prometheus metrics

For pod X, show kubectl describe output alongside its last 24h CPU/memory from Prometheus.✓ 복사됨
kubectl + github

RBAC audit → PRs that tighten YAML manifests

For each finding in the RBAC audit, open a PR against the infra repo with a minimized Role YAML.✓ 복사됨

도구

이 MCP가 노출하는 것

도구입력언제 호출비용
kubectl_get resource, namespace?, label_selector? List anything 1 API call
kubectl_describe resource, name, namespace? Deep detail on a single object 1 API call
pod_logs pod, container?, tail?, namespace? Debug 1 API call
pod_events pod, namespace? Why did this happen? 1 API call
helm_list namespace? Overview Helm releases helm cmd
helm_upgrade release, chart, values?, dry_run? Deploy helm cmd
cost_optimize namespace?, period? FinOps sweeps metrics API
rbac_audit Security review several API calls

비용 및 제한

운영 비용

API 쿼터
Limited by your cluster's API server capacity
호출당 토큰
kubectl output can be large — describe/get-wide especially
금액
Free MCP; cluster costs are yours
Prefer label_selector and field selectors over listing everything; avoid --output=wide in prompts

보안

권한, 시크릿, 파급범위

최소 스코프: cluster read-only unless you need writes
자격 증명 저장: Standard KUBECONFIG; MCP doesn't store creds separately
데이터 외부 송신: Your K8s API server only
절대 부여 금지: cluster-admin to the MCP context unless absolutely necessary

문제 해결

자주 발생하는 오류와 해결

Unauthorized / forbidden

KUBECONFIG context lacks permissions. Check kubectl auth can-i for the specific verb/resource

확인: kubectl auth can-i get pods --namespace X
Context confusion between clusters

Always set or pass --context explicitly; a wrong context on prod is a bad day

확인: kubectl config current-context
Helm upgrade fails mid-way

Use helm rollback <release> <prev-rev>; always capture prev revision before upgrading

대안

kubectl-mcp-server 다른 것과 비교

대안언제 쓰나단점/장점
k8s-mcp-server (official-ish, smaller)You only need basic kubectl and worry about the 253-tool surface noiseFewer ecosystem tools (no Helm/Flux)
Direct kubectl in a shellYou're deep in a terminal session alreadyNo agent loop

더 보기

리소스

📖 GitHub에서 공식 README 읽기

🐙 열린 이슈 보기

🔍 400+ MCP 서버 및 Skills 전체 보기