MCP-K8s

 view release on metacpan or  search on metacpan

README.md  view on Meta::CPAN


# Run (uses current kubeconfig context)
mcp-k8s

# Or with direct token authentication
MCP_K8S_TOKEN=$(kubectl create token my-sa) MCP_K8S_SERVER=https://my-cluster:6443 mcp-k8s
```

## Claude Desktop

Add to `~/.config/claude/claude_desktop_config.json`:

```json
{
  "mcpServers": {
    "kubernetes": {
      "command": "mcp-k8s",
      "env": {
        "MCP_K8S_CONTEXT": "my-cluster",
        "MCP_K8S_NAMESPACES": "default,production"
      }

bin/mcp-k8s  view on Meta::CPAN


=item C<MCP_K8S_NAMESPACES>

Comma-separated list of namespaces. Defaults to auto-discovery
(all namespaces the service account can list).

=back

=head1 CLAUDE DESKTOP

Add to C<~/.config/claude/claude_desktop_config.json>:

  {
    "mcpServers": {
      "kubernetes": {
        "command": "mcp-k8s",
        "env": {
          "MCP_K8S_CONTEXT": "my-cluster",
          "MCP_K8S_NAMESPACES": "default,production"
        }
      }

lib/MCP/K8s.pm  view on Meta::CPAN


=back

RBAC is the single source of truth — if the service account shouldn't have
access, don't grant it via RBAC. MCP::K8s does B<not> implement
application-layer permission filtering.

=head1 CLAUDE DESKTOP INTEGRATION

Add this to your Claude Desktop MCP configuration
(C<~/.config/claude/claude_desktop_config.json>):

  {
    "mcpServers": {
      "kubernetes": {
        "command": "mcp-k8s",
        "env": {
          "MCP_K8S_CONTEXT": "my-cluster",
          "MCP_K8S_NAMESPACES": "default,production"
        }
      }



( run in 1.225 second using v1.01-cache-2.11-cpan-bbb979687b5 )