mcp-server-kubernetes 2.8.0 → 2.9.1

package/README.md

@@ -9,7 +9,8 @@
 [![Issues](https://img.shields.io/github/issues/Flux159/mcp-server-kubernetes)](https://github.com/Flux159/mcp-server-kubernetes/issues)
 [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](https://github.com/Flux159/mcp-server-kubernetes/pulls)
 [![Last Commit](https://img.shields.io/github/last-commit/Flux159/mcp-server-kubernetes)](https://github.com/Flux159/mcp-server-kubernetes/commits/main)
-[![smithery badge](https://smithery.ai/badge/mcp-server-kubernetes)](https://smithery.ai/protocol/mcp-server-kubernetes)
+[![Trust Score](https://archestra.ai/mcp-catalog/api/badge/quality/Flux159/mcp-server-kubernetes)](https://archestra.ai/mcp-catalog/flux159__mcp-server-kubernetes)
+[![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/Flux159/mcp-server-kubernetes)
 
 MCP Server that can connect to a Kubernetes cluster and manage it. Supports loading kubeconfig from multiple sources in priority order.
 
@@ -17,7 +18,34 @@ https://github.com/user-attachments/assets/f25f8f4e-4d04-479b-9ae0-5dac452dd2ed
 
 <a href="https://glama.ai/mcp/servers/w71ieamqrt"><img width="380" height="200" src="https://glama.ai/mcp/servers/w71ieamqrt/badge" /></a>
 
-## Usage with Claude Desktop
+## Installation & Usage
+
+### Prerequisites
+
+Before using this MCP server with any tool, make sure you have:
+
+1. kubectl installed and in your PATH
+2. A valid kubeconfig file with contexts configured
+3. Access to a Kubernetes cluster configured for kubectl (e.g. minikube, Rancher Desktop, GKE, etc.)
+4. Helm v3 installed and in your PATH (no Tiller required). Optional if you don't plan to use Helm.
+
+You can verify your connection by running `kubectl get pods` in a terminal to ensure you can connect to your cluster without credential issues.
+
+By default, the server loads kubeconfig from `~/.kube/config`. For additional authentication options (environment variables, custom paths, etc.), see [ADVANCED_README.md](ADVANCED_README.md).
+
+### Claude Code
+
+Add the MCP server to Claude Code using the built-in command:
+
+```bash
+claude mcp add kubernetes -- npx mcp-server-kubernetes
+```
+
+This will automatically configure the server in your Claude Code MCP settings.
+
+### Claude Desktop
+
+Add the following configuration to your Claude Desktop config file:
 
 ```json
 {
@@ -30,18 +58,43 @@ https://github.com/user-attachments/assets/f25f8f4e-4d04-479b-9ae0-5dac452dd2ed
 }
 ```
 
-By default, the server loads kubeconfig from `~/.kube/config`. For additional authentication options (environment variables, custom paths, etc.), see [ADVANCED_README.md](ADVANCED_README.md).
+### VS Code
 
-The server will automatically connect to your current kubectl context. Make sure you have:
+[![Install Kubernetes MCP in VS Code](https://img.shields.io/badge/Install%20Kubernetes%20MCP%20in%20VS%20Code-blue?logo=visualstudiocode)](vscode:mcp/install?%7B%22name%22%3A%20%22kubernetes%22%2C%20%22type%22%3A%20%22stdio%22%2C%20%22command%22%3A%20%22npx%22%2C%20%22args%22%3A%20%5B%22mcp-server-kubernetes%22%5D%7D)
 
-1. kubectl installed and in your PATH
-2. A valid kubeconfig file with contexts configured
-3. Access to a Kubernetes cluster configured for kubectl (e.g. minikube, Rancher Desktop, GKE, etc.)
-4. Helm v3 installed and in your PATH (no Tiller required). Optional if you don't plan to use Helm.
+For VS Code integration, you can use the MCP server with extensions that support the Model Context Protocol:
+
+1. Install a compatible MCP extension (such as Claude Dev or similar MCP clients)
+2. Configure the extension to use this server:
+
+```json
+{
+  "mcpServers": {
+    "kubernetes": {
+      "command": "npx",
+      "args": ["mcp-server-kubernetes"],
+      "description": "Kubernetes cluster management and operations"
+    }
+  }
+}
+```
 
-You can verify your connection by asking Claude to list your pods or create a test deployment.
+### Cursor
+
+Cursor supports MCP servers through its AI integration. Add the server to your Cursor MCP configuration:
+
+```json
+{
+  "mcpServers": {
+    "kubernetes": {
+      "command": "npx",
+      "args": ["mcp-server-kubernetes"]
+    }
+  }
+}
+```
 
-If you have errors open up a standard terminal and run `kubectl get pods` to see if you can connect to your cluster without credentials issues.
+The server will automatically connect to your current kubectl context. You can verify the connection by asking the AI assistant to list your pods or create a test deployment.
 
 ## Usage with mcp-chat
 
@@ -90,6 +143,12 @@ npx mcp-chat --config "%APPDATA%\Claude\claude_desktop_config.json"
   - Run Helm operations
     - Install, upgrade, and uninstall charts
     - Support for custom values, repositories, and versions
+    - Template-based installation (`helm_template_apply`) to bypass authentication issues
+    - Template-based uninstallation (`helm_template_uninstall`) to bypass authentication issues
+  - Pod cleanup operations
+    - Clean up problematic pods (`cleanup_pods`) in states: Evicted, ContainerStatusUnknown, Completed, Error, ImagePullBackOff, CrashLoopBackOff
+  - Node management operations
+    - Cordoning, draining, and uncordoning nodes (`node_management`) for maintenance and scaling operations
 - [x] Troubleshooting Prompt (`k8s-diagnose`)
   - Guides through a systematic Kubernetes troubleshooting flow for pods based on a keyword and optional namespace.
 - [x] Non-destructive mode for read and create/update-only access to clusters
@@ -99,7 +158,7 @@ npx mcp-chat --config "%APPDATA%\Claude\claude_desktop_config.json"
 
 The MCP Kubernetes server includes specialized prompts to assist with common diagnostic operations.
 
-### k8s-diagnose Prompt
+### /k8s-diagnose Prompt
 
 This prompt provides a systematic troubleshooting flow for Kubernetes pods. It accepts a `keyword` to identify relevant pods and an optional `namespace` to narrow the search.
 The prompt's output will guide you through an autonomous troubleshooting flow, providing instructions for identifying issues, collecting evidence, and suggesting remediation steps.
@@ -196,7 +255,7 @@ All read-only and resource creation/update operations remain available:
 
 - Resource Information: `kubectl_get`, `kubectl_describe`, `kubectl_logs`, `explain_resource`, `list_api_resources`
 - Resource Creation/Modification: `kubectl_apply`, `kubectl_create`, `kubectl_scale`, `kubectl_patch`, `kubectl_rollout`
-- Helm Operations: `install_helm_chart`, `upgrade_helm_chart`
+- Helm Operations: `install_helm_chart`, `upgrade_helm_chart`, `helm_template_apply`, `helm_template_uninstall`
 - Connectivity: `port_forward`, `stop_port_forward`
 - Context Management: `kubectl_context`
 
@@ -207,8 +266,262 @@ The following destructive operations are disabled:
 - `kubectl_delete`: Deleting any Kubernetes resources
 - `uninstall_helm_chart`: Uninstalling Helm charts
 - `cleanup`: Cleanup of managed resources
+- `cleanup_pods`: Cleaning up problematic pods
+- `node_management`: Node management operations (can drain nodes)
 - `kubectl_generic`: General kubectl command access (may include destructive operations)
 
+### Helm Template Apply Tool
+
+The `helm_template_apply` tool provides an alternative way to install Helm charts that bypasses authentication issues commonly encountered with certain Kubernetes configurations. This tool is particularly useful when you encounter errors like:
+
+```
+WARNING: Kubernetes configuration file is group-readable. This is insecure.
+Error: INSTALLATION FAILED: Kubernetes cluster unreachable: exec plugin: invalid apiVersion "client.authentication.k8s.io/v1alpha1"
+```
+
+Instead of using `helm install` directly, this tool:
+
+1. Uses `helm template` to generate YAML manifests from the Helm chart
+2. Applies the generated YAML using `kubectl apply`
+3. Handles namespace creation and cleanup automatically
+
+#### Usage Example
+
+```json
+{
+  "name": "helm_template_apply",
+  "arguments": {
+    "name": "events-exporter",
+    "chart": ".",
+    "namespace": "kube-event-exporter",
+    "valuesFile": "values.yaml",
+    "createNamespace": true
+  }
+}
+```
+
+This is equivalent to running:
+
+```bash
+helm template events-exporter . -f values.yaml > events-exporter.yaml
+kubectl create namespace kube-event-exporter
+kubectl apply -f events-exporter.yaml -n kube-event-exporter
+```
+
+#### Parameters
+
+- `name`: Release name for the Helm chart
+- `chart`: Chart name or path to chart directory
+- `repo`: Chart repository URL (optional if using local chart path)
+- `namespace`: Kubernetes namespace to deploy to
+- `values`: Chart values as an object (optional)
+- `valuesFile`: Path to values.yaml file (optional, alternative to values object)
+- `createNamespace`: Whether to create the namespace if it doesn't exist (default: true)
+
+### Pod Cleanup with Existing Tools
+
+Pod cleanup can be achieved using the existing `kubectl_get` and `kubectl_delete` tools with field selectors. This approach leverages standard Kubernetes functionality without requiring dedicated cleanup tools.
+
+#### Identifying Problematic Pods
+
+Use `kubectl_get` with field selectors to identify pods in problematic states:
+
+**Get failed pods:**
+
+```json
+{
+  "name": "kubectl_get",
+  "arguments": {
+    "resourceType": "pods",
+    "namespace": "default",
+    "fieldSelector": "status.phase=Failed"
+  }
+}
+```
+
+**Get completed pods:**
+
+```json
+{
+  "name": "kubectl_get",
+  "arguments": {
+    "resourceType": "pods",
+    "namespace": "default",
+    "fieldSelector": "status.phase=Succeeded"
+  }
+}
+```
+
+**Get pods with specific conditions:**
+
+```json
+{
+  "name": "kubectl_get",
+  "arguments": {
+    "resourceType": "pods",
+    "namespace": "default",
+    "fieldSelector": "status.conditions[?(@.type=='Ready')].status=False"
+  }
+}
+```
+
+#### Deleting Problematic Pods
+
+Use `kubectl_delete` with field selectors to delete pods in problematic states:
+
+**Delete failed pods:**
+
+```json
+{
+  "name": "kubectl_delete",
+  "arguments": {
+    "resourceType": "pods",
+    "namespace": "default",
+    "fieldSelector": "status.phase=Failed",
+    "force": true,
+    "gracePeriodSeconds": 0
+  }
+}
+```
+
+**Delete completed pods:**
+
+```json
+{
+  "name": "kubectl_delete",
+  "arguments": {
+    "resourceType": "pods",
+    "namespace": "default",
+    "fieldSelector": "status.phase=Succeeded",
+    "force": true,
+    "gracePeriodSeconds": 0
+  }
+}
+```
+
+#### Workflow
+
+1. **First, identify problematic pods** using `kubectl_get` with appropriate field selectors
+2. **Review the list** of pods in the response
+3. **Delete the pods** using `kubectl_delete` with the same field selectors
+
+#### Available Field Selectors
+
+- `status.phase=Failed` - Pods that have failed
+- `status.phase=Succeeded` - Pods that have completed successfully
+- `status.phase=Pending` - Pods that are pending
+- `status.conditions[?(@.type=='Ready')].status=False` - Pods that are not ready
+
+#### Safety Features
+
+- **Field selectors**: Target specific pod states precisely
+- **Force deletion**: Use `force=true` and `gracePeriodSeconds=0` for immediate deletion
+- **Namespace isolation**: Target specific namespaces or use `allNamespaces=true`
+- **Standard kubectl**: Uses well-established Kubernetes patterns
+
+### Node Management Tool
+
+The `node_management` tool provides comprehensive node management capabilities for Kubernetes clusters, including cordoning, draining, and uncordoning operations. This is essential for cluster maintenance, scaling, and troubleshooting.
+
+#### Operations Available
+
+- **`list`**: List all nodes with their status and schedulability
+- **`cordon`**: Mark a node as unschedulable (no new pods will be scheduled)
+- **`drain`**: Safely evict all pods from a node and mark it as unschedulable
+- **`uncordon`**: Mark a node as schedulable again
+
+#### Usage Examples
+
+**1. List all nodes:**
+
+```json
+{
+  "name": "node_management",
+  "arguments": {
+    "operation": "list"
+  }
+}
+```
+
+**2. Cordon a node (mark as unschedulable):**
+
+```json
+{
+  "name": "node_management",
+  "arguments": {
+    "operation": "cordon",
+    "nodeName": "worker-node-1"
+  }
+}
+```
+
+**3. Drain a node (dry run first):**
+
+```json
+{
+  "name": "node_management",
+  "arguments": {
+    "operation": "drain",
+    "nodeName": "worker-node-1",
+    "dryRun": true
+  }
+}
+```
+
+**4. Drain a node (with confirmation):**
+
+```json
+{
+  "name": "node_management",
+  "arguments": {
+    "operation": "drain",
+    "nodeName": "worker-node-1",
+    "dryRun": false,
+    "confirmDrain": true,
+    "force": true,
+    "ignoreDaemonsets": true,
+    "timeout": "5m"
+  }
+}
+```
+
+**5. Uncordon a node:**
+
+```json
+{
+  "name": "node_management",
+  "arguments": {
+    "operation": "uncordon",
+    "nodeName": "worker-node-1"
+  }
+}
+```
+
+#### Drain Operation Parameters
+
+- `force`: Force the operation even if there are pods not managed by controllers
+- `gracePeriod`: Period of time in seconds given to each pod to terminate gracefully
+- `deleteLocalData`: Delete local data even if emptyDir volumes are used
+- `ignoreDaemonsets`: Ignore DaemonSet-managed pods (default: true)
+- `timeout`: The length of time to wait before giving up (e.g., '5m', '1h')
+- `dryRun`: Show what would be done without actually doing it
+- `confirmDrain`: Explicit confirmation to drain the node (required for actual draining)
+
+#### Safety Features
+
+- **Dry run by default**: Drain operations default to dry run to show what would be done
+- **Explicit confirmation**: Drain operations require `confirmDrain=true` to proceed
+- **Status tracking**: Shows node status before and after operations
+- **Timeout protection**: Configurable timeouts to prevent hanging operations
+- **Graceful termination**: Configurable grace periods for pod termination
+
+#### Common Use Cases
+
+1. **Cluster Maintenance**: Cordon nodes before maintenance, drain them, perform maintenance, then uncordon
+2. **Node Scaling**: Drain nodes before removing them from the cluster
+3. **Troubleshooting**: Isolate problematic nodes by cordoning them
+4. **Resource Management**: Drain nodes to redistribute workload
+
 For additional advanced features, see the [ADVANCED_README.md](ADVANCED_README.md).
 
 ## Architecture

package/dist/index.d.ts

@@ -22,6 +22,59 @@ declare const destructiveTools: ({
         };
         required: string[];
     };
+} | {
+    name: string;
+    description: string;
+    inputSchema: {
+        type: string;
+        properties: {
+            operation: {
+                type: string;
+                description: string;
+                enum: string[];
+            };
+            nodeName: {
+                type: string;
+                description: string;
+            };
+            force: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+            gracePeriod: {
+                type: string;
+                description: string;
+                default: number;
+            };
+            deleteLocalData: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+            ignoreDaemonsets: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+            timeout: {
+                type: string;
+                description: string;
+                default: string;
+            };
+            dryRun: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+            confirmDrain: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+        };
+        required: string[];
+    };
 } | {
     readonly name: "cleanup";
     readonly description: "Cleanup all managed resources";
@@ -106,6 +159,59 @@ declare const allTools: ({
         };
         required: string[];
     };
+} | {
+    name: string;
+    description: string;
+    inputSchema: {
+        type: string;
+        properties: {
+            operation: {
+                type: string;
+                description: string;
+                enum: string[];
+            };
+            nodeName: {
+                type: string;
+                description: string;
+            };
+            force: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+            gracePeriod: {
+                type: string;
+                description: string;
+                default: number;
+            };
+            deleteLocalData: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+            ignoreDaemonsets: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+            timeout: {
+                type: string;
+                description: string;
+                default: string;
+            };
+            dryRun: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+            confirmDrain: {
+                type: string;
+                description: string;
+                default: boolean;
+            };
+        };
+        required: string[];
+    };
 } | {
     name: string;
     description: string;

package/dist/index.js

@@ -2,6 +2,7 @@
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { installHelmChart, installHelmChartSchema, upgradeHelmChart, upgradeHelmChartSchema, uninstallHelmChart, uninstallHelmChartSchema, } from "./tools/helm-operations.js";
+import { nodeManagement, nodeManagementSchema, } from "./tools/node-management.js";
 import { explainResource, explainResourceSchema, listApiResources, listApiResourcesSchema, } from "./tools/kubectl-operations.js";
 import { execInPod, execInPodSchema } from "./tools/exec_in_pod.js";
 import { getResourceHandlers } from "./resources/handlers.js";
@@ -45,6 +46,7 @@ const destructiveTools = [
     uninstallHelmChartSchema,
     cleanupSchema, // Cleanup is also destructive as it deletes resources
     kubectlGenericSchema, // Generic kubectl command can perform destructive operations
+    nodeManagementSchema, // Node management can drain nodes (destructive)
 ];
 // Get all available tools
 const allTools = [
@@ -68,6 +70,7 @@ const allTools = [
     installHelmChartSchema,
     upgradeHelmChartSchema,
     uninstallHelmChartSchema,
+    nodeManagementSchema,
     // Port forwarding
     PortForwardSchema,
     StopPortForwardSchema,
@@ -186,6 +189,9 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
             case "upgrade_helm_chart": {
                 return await upgradeHelmChart(input);
             }
+            case "node_management": {
+                return await nodeManagement(input);
+            }
             case "list_api_resources": {
                 return await listApiResources(input);
             }

package/dist/models/helm-models.d.ts

@@ -22,18 +22,31 @@ export declare const HelmResponseSchema: z.ZodObject<{
     }[];
 }>;
 export declare const HelmValuesSchema: z.ZodRecord<z.ZodString, z.ZodAny>;
-export interface HelmOperation {
+export interface HelmUninstallOperation {
     name: string;
     namespace: string;
 }
-export interface HelmInstallOperation extends HelmOperation {
+export interface HelmInstallOperation {
+    name: string;
     chart: string;
-    repo: string;
+    namespace: string;
+    repo?: string;
     values?: Record<string, any>;
+    valuesFile?: string;
+    createNamespace?: boolean;
+    useTemplate?: boolean;
 }
-export interface HelmUpgradeOperation extends HelmInstallOperation {
+export interface HelmUpgradeOperation {
+    name: string;
+    chart: string;
+    namespace: string;
+    repo?: string;
+    values?: Record<string, any>;
+    valuesFile?: string;
 }
 export type HelmResponse = {
-    status: "installed" | "upgraded" | "uninstalled";
+    status: "installed" | "upgraded" | "uninstalled" | "failed";
     message?: string;
+    error?: string;
+    steps?: string[];
 };