Add Dockerfile

[mikesir87]

Hey there! Thanks for the fun MCP server! This PR adds a Dockerfile to allow the project to be built and distributed as a container image (following after modelcontextprotocol/servers#368).

A blog post and more is to come soon about containerized MCP servers, so stay tuned! 😄

[Flux159]

I don't think this container will work properly right now because the user won't have their kubernetes config inside of the docker container. Right now it's using the default kubeconfig: https://github.com/Flux159/mcp-server-kubernetes/blob/main/src/index.ts#L30 (generally at $HOME/.kube directory) - not having that inside of the container or binding that directory to a volume inside of the container will most likely not work properly.

[mikesir87]

Great comment! I did test it by mounting my config directory into the container and it worked as I expected. But yeah... we might want to add an example on what the container config looks like.

And to loop back... the blog post about Docker and Anthropic working together to support containerized MCP servers can be found here - https://www.docker.com/blog/the-model-context-protocol-simplifying-building-ai-apps-with-anthropic-claude-desktop-and-docker/

[Flux159]

I did test it by mounting my config directory into the container and it worked as I expected. But yeah... we might want to add an example on what the container config looks like.

Ah makes sense - yeah adding that to the README would be great. It can be a separate commit / PR though & this can just add the Dockerfile. LGTM.

[Flux159]

Just a followup here, I published flux159/mcp-server-kubernetes to dockerhub.

I haven't had the chance to test it out, but I assume that it would be loaded into Claude desktop with something like this, specifically you would need to mount your kube credentials into the docker container by mounting your $HOME/.kube directory.:

{
  "mcpServers": {
    "kubernetes": {
      "command": "docker",
      "args": ["run", "flux159/mcp-server-kubernetes", "-v", "~/.kube:/.kube"]
    }
  }
}

Will update readme after I get the chance to test it out (may take a bit since I'm working on other things) or if someone else can validate & update the README in a PR.

Note that I'm not sure if "/.kube" is the right place to mount inside of the container right now @mikesir87 - can you confirm what directory worked for you?

[slimslenderslacks]

There's an argument ordering issue above:

{
  "mcpServers": {
    "kubernetes": {
      "command": "docker",
      "args": ["run", "-v", "~/.kube:/.kube", "flux159/mcp-server-kubernetes"]
    }
  }
}

We've also been discussing how an mcp client should negotiate and get consent for the server to access a local directory like ~/.kube. I haven't verified but I think the home directory of appuser will actually be / since nothing was explicitly specified in that useradd command.

[rajivml]

I tried this but the container is in exited state (exit state 0) and there are hardly any logs to debug it. Inspect also didn't pointed anything

364727d495eb flux159/mcp-server-kubernetes "docker-entrypoint.s…" 11 seconds ago Exited (0) 7 seconds ago gifted_brattain

[Flux159]

I tried this but the container is in exited state (exit state 0) and there are hardly any logs to debug it. Inspect also didn't pointed anything

364727d495eb flux159/mcp-server-kubernetes "docker-entrypoint.s…" 11 seconds ago Exited (0) 7 seconds ago gifted_brattain

Okay, debugged this a bit and the issue seems to only be when running via docker run non-interactive, if I run:

docker run -it flux159/mcp-server-kubernetes /bin/bash
> node dist/index.js

The server seems to run fine.

I made a hack in #27 to just run a setInterval so that the process doesn't exit in docker - still need to debug with a test client to verify that the server is still running when run via docker. Will merge & publish after I can verify that.

[Flux159]

Okay, so I was able to do this without a hack in the server & test it with a custom mcp client forked here to work with docker commands.

Couple of things: You need to run with "-i" so that stdio works properly (the mcp server writes out to stdout & if that's not available via interactive, then the docker command just exits) and also use absolute paths for the volumes, so my full json spec would look like this:

{
  "mcpServers": {
    "kubernetes": {
      "command": "docker",
      "args": ["run", "-i", "-v", "/Users/MYUSER/.kube:/home/appuser/.kube", "flux159/mcp-server-kubernetes"]
    }
  }
}

Note the /home/appuser/.kube portion of the volume in the container too.

The other thing is that I use GKE for my production kubernetes environment - so the Dockerfile didn't have the correct gke auth plugin (which I updated in #27). I also needed to make sure that in my ~/.kube/config file (on host machine), the auth info looked like this and didn't have a homebrew path or anything:

exec:
            apiVersion: client.authentication.k8s.io/v1beta1
            command: gke-gcloud-auth-plugin
            installHint: Install gke-gcloud-auth-plugin for use with kubectl by following https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl#install_plugin
            provideClusterInfo: true

To fix my local kubectl & ensure that the docker container also works, I had to ln -s my /opt/homebrew/share/google-cloud-sdk/bin/gke-gcloud-auth-plugin to /usr/local/bin. This is for Mac using homebrew, if you use something else it will be a different setup.

I don't think I want to support every auth plugin and every configuration of kubectl contexts as part of supporting docker execution. I'll leave this PR if people want to still use docker, but don't intend on making this "officially supported" going forward since npx flux159/mcp-server-kubernetes works far better without having to deal with the auth headaches inside of docker right now.