feat: add Kubernetes and Flux MCP servers as pod sidecars
Run MCP servers as sidecar containers so they inherit the pod's ServiceAccount permissions instead of requiring separate deployments with their own RBAC. Kubernetes MCP on :8080, Flux MCP on :8081. Generated with [Claude Code](https://claude.ai/code) via [Happy](https://happy.engineering) Co-Authored-By: Claude <noreply@anthropic.com> Co-Authored-By: Happy <yesreply@happy.engineering>
This commit is contained in:
@@ -2,15 +2,15 @@
|
||||
"mcpServers": {
|
||||
"kubernetes": {
|
||||
"type": "sse",
|
||||
"url": "http://kubernetes-mcp-server.kube-system.svc.cluster.local:8080/sse"
|
||||
"url": "http://localhost:8080/sse"
|
||||
},
|
||||
"flux": {
|
||||
"type": "sse",
|
||||
"url": "http://flux-mcp.flux-system.svc.cluster.local:8080/sse"
|
||||
"url": "http://localhost:8081/sse"
|
||||
},
|
||||
"playwright": {
|
||||
"type": "sse",
|
||||
"url": "http://playwright-mcp.playwright.svc.cluster.local:3000/sse"
|
||||
"playwright": {
|
||||
"type": "sse",
|
||||
"url": "http://playwright-mcp.playwright.svc.cluster.local:3000/sse"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -98,6 +98,55 @@ spec:
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 5
|
||||
{{- end }}
|
||||
{{- if .Values.mcpSidecars.kubernetes.enabled }}
|
||||
- name: kubernetes-mcp
|
||||
image: "{{ .Values.mcpSidecars.kubernetes.image.repository }}:{{ .Values.mcpSidecars.kubernetes.image.tag }}"
|
||||
args:
|
||||
- --port
|
||||
- {{ .Values.mcpSidecars.kubernetes.port | quote }}
|
||||
ports:
|
||||
- containerPort: {{ .Values.mcpSidecars.kubernetes.port }}
|
||||
name: k8s-mcp
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: {{ .Values.mcpSidecars.kubernetes.port }}
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: {{ .Values.mcpSidecars.kubernetes.port }}
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 5
|
||||
resources:
|
||||
{{- toYaml .Values.mcpSidecars.kubernetes.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.mcpSidecars.flux.enabled }}
|
||||
- name: flux-mcp
|
||||
image: "{{ .Values.mcpSidecars.flux.image.repository }}:{{ .Values.mcpSidecars.flux.image.tag }}"
|
||||
args:
|
||||
- serve
|
||||
- --transport=sse
|
||||
- --port={{ .Values.mcpSidecars.flux.port }}
|
||||
ports:
|
||||
- containerPort: {{ .Values.mcpSidecars.flux.port }}
|
||||
name: flux-mcp
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.mcpSidecars.flux.port }}
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.mcpSidecars.flux.port }}
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 5
|
||||
resources:
|
||||
{{- toYaml .Values.mcpSidecars.flux.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: workspace
|
||||
emptyDir: {}
|
||||
|
||||
@@ -66,3 +66,32 @@ clusterAccess: none
|
||||
# Name of existing Secret containing env vars (GITHUB_TOKEN, VNC_PASSWORD, etc.)
|
||||
# Defaults to: devcontainer-{name}-secrets-env
|
||||
envSecretName: ""
|
||||
|
||||
# MCP server sidecars — run alongside the devcontainer to inherit pod RBAC.
|
||||
mcpSidecars:
|
||||
kubernetes:
|
||||
enabled: true
|
||||
image:
|
||||
repository: quay.io/containers/kubernetes_mcp_server
|
||||
tag: latest
|
||||
port: 8080
|
||||
resources:
|
||||
requests:
|
||||
memory: "64Mi"
|
||||
cpu: "50m"
|
||||
limits:
|
||||
memory: "256Mi"
|
||||
cpu: "500m"
|
||||
flux:
|
||||
enabled: true
|
||||
image:
|
||||
repository: ghcr.io/controlplaneio-fluxcd/flux-operator-mcp
|
||||
tag: latest
|
||||
port: 8081
|
||||
resources:
|
||||
requests:
|
||||
memory: "64Mi"
|
||||
cpu: "50m"
|
||||
limits:
|
||||
memory: "256Mi"
|
||||
cpu: "500m"
|
||||
|
||||
Reference in New Issue
Block a user