Merge pull request #15 from hemajv/openshift-mcp-server

MichaelClifford · web-flow · commit 970b02c00933 · 2025-03-31T22:02:43.000-04:00
Add openshift MCP server
diff --git a/mcp-servers/openshift/Containerfile b/mcp-servers/openshift/Containerfile
@@ -0,0 +1,19 @@
+FROM registry.access.redhat.com/ubi9/ubi:latest as builder
+
+WORKDIR /app
+USER root
+RUN dnf install -y wget tar git make && \
+    wget https://go.dev/dl/go1.24.1.linux-amd64.tar.gz && \
+    tar -C /usr/local -xzf go1.24.1.linux-amd64.tar.gz && \
+    rm -f go1.24.1.linux-amd64.tar.gz
+ENV PATH="/usr/local/go/bin:${PATH}"
+RUN git clone https://github.com/manusa/kubernetes-mcp-server.git && \
+    cd kubernetes-mcp-server && \
+    make build
+
+FROM registry.access.redhat.com/ubi9/ubi-minimal:latest
+WORKDIR /app
+COPY --from=builder /app/kubernetes-mcp-server/kubernetes-mcp-server /app/kubernetes-mcp-server
+ENTRYPOINT ["./kubernetes-mcp-server", "--sse-port", "8080", "--log-level", "9"]
+
+EXPOSE 8080
diff --git a/mcp-servers/openshift/README.md b/mcp-servers/openshift/README.md
@@ -0,0 +1,95 @@
+# Steps for deploying the OpenShift MCP server on OpenShift
+
+The [OpenShift MCP server](https://github.com/manusa/kubernetes-mcp-server) is a Kubernetes MCP server implementation configured with a few tools that can:
+
+- Automatically view and manage the current Kubernetes `.kube/config` or in-cluster configuration
+- Use tools to perform operations on any Kubernetes or OpenShift resource such as:
+    - **Pod operations** - It can list, get, delete, show logs, exec, run pods
+    - **Namespace operations** - It can list Kubernetes Namespaces
+    - **Events** - View Kubernetes events in all namespaces or in a specific namespace
+    - **Projects** - List OpenShift Projects
+
+## Pre-Requisites
+
+You will need the following installed on your local machine:
+
+- `podman`
+- `oc`
+
+## Step 1: Building the Containerfile
+
+You will need to first build a container image using the `Containerfile` and can do this by using `podman`. To build the container image from the current directory:
+
+```
+podman build -t ocp-mcp-server:latest -f Containerfile .
+```
+
+If running on a Mac:
+
+```
+podman build -t ocp-mcp-server:latest --platform="linux/amd64" -f Containerfile .
+```
+
+If run successfully, you should see your image `localhost/ocp-mcp-server` listed when you run:
+
+```
+podman images
+```
+
+## Step 2: Pushing the container image to Quay
+
+Next, you will need to push your container image to a public image repository like [quay.io](https://quay.io/). Make sure you create an account on quay.io, if you don't have one already. Once you have an account, you will need to login:
+
+```
+podman login -u=<user_name> -p=<pass_word> quay.io
+```
+
+Once you're logged in successfully, you can now push your image by first tagging your local image:
+
+```
+podman tag localhost/ocp-mcp-server:latest quay.io/<username>/ocp-mcp-server:latest
+```
+
+Then you can push to your quay registry:
+
+```
+podman push quay.io/<username>/ocp-mcp-server:latest
+```
+
+### Step 3: Deploying on OpenShift
+
+To deploy the OpenShift MCP server on OpenShift, make sure you have access to an active OpenShift cluster and namespace. Note that as this MCP server is implemented to perform certain operations on a OpenShift/Kubernetes environment you will need to setup a `ServiceAccount` with `edit` RoleBinding access to allow suitable permissions for the MCP server to execute those operations. This has been defined in the `deployment.yaml`.
+
+**Login to Openshift**
+
+```
+oc login --token=<your user token> --server=<your openshift cluster server>
+```
+
+Select a suitable namespace within the cluter:
+
+```
+oc project <your namespace>
+```
+
+**Deploy the OpenShift MCP server application**:
+
+```
+oc apply -f deployment.yaml
+```
+
+You should now see a pod running successfully in OpenShift as well as a service created for it! You should see an address created for the service in your OpenShift something like `http://172.xx.yyy.zzz:8000`.
+
+### Step 4: Testing the OpenShift MCP server
+
+You can run the example sript in `app/src/0_simple_agent.py` by modifying the following:
+
+- Set the `REMOTE_MCP_URL` env var to `http://<your mcp service endpoint>:8000/sse`
+- Set the `REMOTE_BASE_URL` env var to your hosted llama stack server
+- Provide a suitable user query to test. You can try an example user prompt like "Please list all the pods running in my xyz namespace?" and pass it [here](https://github.com/redhat-et/llama-stack-on-ocp/blob/main/app/src/0_simple_agent.py#L74)
+
+Then run the script like:
+
+```
+python 0_simple_agent.py -r -a
+```
diff --git a/mcp-servers/openshift/deployment.yaml b/mcp-servers/openshift/deployment.yaml
@@ -0,0 +1,60 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: ocp-mcp-server
+  labels:
+    app: ocp-mcp-server
+spec:
+  selector:
+    matchLabels:
+      app: ocp-mcp-server
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: ocp-mcp-server
+        deployment: ocp-mcp-server
+    spec:
+      serviceAccountName: ocp-mcp
+      containers:
+      - name: ocp-mcp-server
+        image: quay.io/hveeradh/ocp-mcp-server:latest
+        ports:
+          - name: http
+            containerPort: 8000
+            protocol: TCP
+        command: ["./kubernetes-mcp-server"]
+        args: ["--sse-port", "8000"]
+        resources: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: ocp-mcp-server
+  labels:
+    app: ocp-mcp-server
+spec:
+  selector:
+    app: ocp-mcp-server
+    deployment: ocp-mcp-server
+  ports:
+  - port: 8000
+    targetPort: http
+    protocol: TCP
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ocp-mcp
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: ocp-mcp
+subjects:
+  - kind: ServiceAccount
+    name: ocp-mcp
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: edit
