Kiali MCP Server (Model Context Protocol) with special support for OpenShift
Project description
Kiali MCP Server
https://github.com/user-attachments/assets/0a7c1e08-2044-4426-92d6-89cbf6084ca1
Kiali MCP Server is a specialized Model Context Protocol (MCP) server that brings powerful Istio service mesh management capabilities to AI assistants like Claude, Cursor, and others. Built as an extension of the upstream Kubernetes MCP Server, it provides seamless integration with Kiali for service mesh observability and management.
- 🌐 Native Kiali Integration: Direct access to service mesh topology, validations, and health data
- 🔧 Built on Kubernetes MCP: Inherits all Kubernetes/OpenShift management capabilities
- 🚀 AI-First Design: Optimized for AI assistant workflows and natural language interactions
- 📊 Real-time Mesh Insights: Live service mesh topology, traffic flows, and health status
For the complete set of Kubernetes tools and capabilities, see the upstream documentation: openshift/openshift-mcp-server README
✨ Features | 🚀 Getting Started | 🎥 Demos | ⚙️ Configuration | 🛠️ Tools | 🧑💻 Development
✨ Features
🎯 Service Mesh Management
- 📊 Mesh Topology Visualization: Real-time service graph with traffic flows, health status, and connectivity
- 🔍 Configuration Validation: Comprehensive Istio object validation across namespaces
- 🌐 Multi-Namespace Support: Work with single namespaces or multiple namespaces simultaneously
- ⚡ Live Data: Direct integration with running Kiali instances for up-to-date mesh insights
🤖 AI-Optimized Experience
- Natural Language Queries: Ask questions like "Check my bookinfo mesh status" or "Show validations for istio-system"
- Intelligent Context: Tools designed for AI understanding and optimal prompt engineering
- Flexible Parameters: Support both single and multiple namespace operations
- Rich Responses: Structured JSON data perfect for AI analysis and interpretation
🔧 Built on Kubernetes MCP
Inherits all capabilities from the upstream Kubernetes MCP Server including pod management, resource operations, Helm integration, and more.
🚀 Getting Started
Requirements
- Kubernetes/OpenShift Cluster: Access via kubeconfig or in-cluster service account
- Kiali Instance: A running and accessible Kiali server
- Network Access: Connectivity between the MCP server and your Kiali instance
- AI Assistant: Claude Desktop, Cursor, or any MCP-compatible AI tool
Quick Start with Claude Desktop
https://github.com/user-attachments/assets/0a7c1e08-2044-4426-92d6-89cbf6084ca1
Using npx (Recommended)
If you have npm installed, this is the fastest way to get started with Kiali MCP Server on Claude Desktop.
Open your claude_desktop_config.json and add the MCP server to the list of mcpServers:
{
"mcpServers": {
"kiali-mcp-server": {
"command": "npx",
"args": [
"-y",
"kiali-mcp-server@latest"
]
}
}
}
Quick Start with Cursor
Install the Kiali MCP server extension in Cursor by clicking the button below:
Alternatively, you can install the extension manually by editing the mcp.json file:
{
"mcpServers": {
"kiali-mcp-server": {
"command": "npx",
"args": ["-y", "kiali-mcp-server@latest"]
}
}
}
https://github.com/user-attachments/assets/d88a3b72-980c-43db-a69a-a19ad564cf49
Configuring Kiali Connection
Note: You must specify the Kiali endpoint if the MCP server cannot auto-detect it. You may also need to configure TLS settings.
{
"mcpServers": {
"kiali-mcp-server": {
"command": "npx",
"args": [
"-y",
"kiali-mcp-server@latest",
"--kiali-server-url",
"https://kiali-istio-system.apps-crc.testing/",
"--kiali-insecure"
]
}
}
}
Common Configuration Examples
🔒 Secure Kiali with Valid TLS
{
"mcpServers": {
"kiali-mcp-server": {
"command": "npx",
"args": [
"-y",
"kiali-mcp-server@latest",
"--kiali-server-url",
"https://kiali.example.com/"
]
}
}
}
🔓 Local Development with Self-Signed Certificates
{
"mcpServers": {
"kiali-mcp-server": {
"command": "npx",
"args": [
"-y",
"kiali-mcp-server@latest",
"--kiali-server-url",
"https://kiali-istio-system.apps-crc.testing/",
"--kiali-insecure"
]
}
}
}
🎯 Kiali-Only Mode
{
"mcpServers": {
"kiali-mcp-server": {
"command": "npx",
"args": [
"-y",
"kiali-mcp-server@latest",
"--toolsets",
"kiali",
"--kiali-server-url",
"https://kiali.example.com/"
]
}
}
}
⚙️ Configuration
Kiali MCP Server extends the upstream Kubernetes MCP Server with additional Kiali-specific configuration options.
Kiali-Specific Flags
| Flag | Type | Description | Example |
|---|---|---|---|
--kiali-server-url |
string |
URL of the Kiali server | https://kiali-istio-system.apps-crc.testing/ |
--kiali-insecure |
boolean |
Skip TLS verification when connecting to Kiali | Use for self-signed certificates |
Toolset Configuration
By default, both Kubernetes and Kiali tools are available. Use --toolsets to control which tool groups are enabled:
# Kiali tools only
--toolsets kiali
# All available toolsets (default)
--toolsets core,config,helm,kiali
Command Line Examples
Using npx:
npx -y kiali-mcp-server@latest \
--kiali-server-url "https://kiali-istio-system.apps-crc.testing/" \
--kiali-insecure \
--toolsets kiali
Using compiled binary:
./kiali-mcp-server \
--kiali-server-url "https://kiali-istio-system.apps-crc.testing/" \
--kiali-insecure \
--port 8080
Additional Configuration
For comprehensive configuration options including authentication, ports, read-only mode, and output formats, refer to the upstream documentation: openshift/openshift-mcp-server README
🛠️ Tools and Functionalities
The Kiali MCP server supports enabling or disabling specific groups of tools and functionalities (tools, resources, prompts, and so on) via the --toolsets command-line flag or toolsets configuration option.
This allows you to control which Kubernetes functionalities are available to your AI tools.
Enabling only the toolsets you need can help reduce the context size and improve the LLM's tool selection accuracy.
Available Toolsets
The following sets of tools are available (only Kiali by default):
| Toolset | Description |
|---|---|
| kiali | Most common tools for managing Kiali |
Tools
kiali
-
graph - Check the status of my mesh by querying Kiali graph
namespace(string) - Optional single namespace to include in the graph (alternative to namespaces)namespaces(string) - Optional comma-separated list of namespaces to include in the graph
-
validations_list - List all the validations in the current cluster from all namespaces
namespace(string) - Optional single namespace to retrieve validations from (alternative to namespaces)namespaces(string) - Optional comma-separated list of namespaces to retrieve validations from
-
namespaces - Get all namespaces in the mesh that the user has access to
-
services_list - Get all services in the mesh across specified namespaces with health and Istio resource information
namespaces(string) - Comma-separated list of namespaces to get services from (e.g. 'bookinfo' or 'bookinfo,default'). If not provided, will list services from all accessible namespaces
-
service_details - Get detailed information for a specific service in a namespace, including validation, health status, and configuration
namespace(string) (required) - Namespace containing the serviceservice(string) (required) - Name of the service to get details for
-
workloads_list - Get all workloads in the mesh across specified namespaces with health and Istio resource information
namespaces(string) - Comma-separated list of namespaces to get workloads from (e.g. 'bookinfo' or 'bookinfo,default'). If not provided, will list workloads from all accessible namespaces
-
workload_details - Get detailed information for a specific workload in a namespace, including validation, health status, and configuration
namespace(string) (required) - Namespace containing the workloadworkload(string) (required) - Name of the workload to get details for
🎥 Demos
In this video, we explore how the Mesh Control Plane (MCP) in Kubernetes/OpenShift works together with Kiali to validate Istio configuration objects directly in your editor (Cursor).
🧑💻 Development
Running with mcp-inspector
Compile the project and run the Kiali MCP server with mcp-inspector to inspect the MCP server.
# Compile the project
make build
# Run the Kubernetes MCP server with mcp-inspector
npx @modelcontextprotocol/inspector@latest $(pwd)/kiali-mcp-server --kiali-server-url "https://kiali-istio-system.apps-crc.testing/" --kiali-insecure
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file kiali_mcp_server-0.3.0.tar.gz.
File metadata
- Download URL: kiali_mcp_server-0.3.0.tar.gz
- Upload date:
- Size: 6.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
05298add12a796bf1bf2b3e2d32ded2c540de09aa66bb73a8af2bd81e57b83a2
|
|
| MD5 |
fde077dd53a3f604586d623f5ea5319b
|
|
| BLAKE2b-256 |
55b5de6cad11a891bfb5cd10eef1f82a1ee00465722bc82ec8acc7909edcbc17
|
File details
Details for the file kiali_mcp_server-0.3.0-py3-none-any.whl.
File metadata
- Download URL: kiali_mcp_server-0.3.0-py3-none-any.whl
- Upload date:
- Size: 7.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
338e2d5b09f8f1f15c38d8b5c3b68f218a3a297bd94a25045b2c9c656d891d38
|
|
| MD5 |
16380dd1bdd442cb3bc9afd5931ed2b9
|
|
| BLAKE2b-256 |
0b0231fa0680184230e73c5eb80ee012473c683f0d4e59e4133dd290b6bea067
|
