Model Context Protocol server for Docker management with AI assistants
Project description
MCP Docker Server
| Category | Status |
|---|---|
| Build & CI | |
| Security | |
| Package | |
| Technology |
A local Model Context Protocol server for Docker visibility and light lifecycle control.
12 tools | stdio transport only | no destructive Docker operations
Quick Start
Claude Code:
claude mcp add --transport stdio docker uvx mcp-docker@latest
Codex:
codex mcp add docker -- uvx mcp-docker@latest
Claude Desktop — add to claude_desktop_config.json:
{
"mcpServers": {
"docker": {
"command": "uvx",
"args": ["mcp-docker"]
}
}
}
The Docker socket is auto-detected for your OS. This package intentionally runs over stdio only; it is not a network-exposed Docker administration service.
Tools
Container
| Tool | Description | Safety |
|---|---|---|
docker_list_containers |
List containers with filters | Safe |
docker_inspect_container |
Detailed container info | Safe |
docker_container_logs |
Get container logs | Safe |
docker_container_stats |
Resource usage stats | Safe |
docker_start_container |
Start container | Moderate |
docker_stop_container |
Stop container gracefully | Moderate |
docker_restart_container |
Restart container | Moderate |
Image
| Tool | Description | Safety |
|---|---|---|
docker_list_images |
List images | Safe |
docker_inspect_image |
Image details | Safe |
Network
| Tool | Description | Safety |
|---|---|---|
docker_list_networks |
List networks | Safe |
Volume
| Tool | Description | Safety |
|---|---|---|
docker_list_volumes |
List volumes | Safe |
System
| Tool | Description | Safety |
|---|---|---|
docker_version |
Docker version info | Safe |
Safety
Safe tools are read-only and always allowed. Moderate tools are reversible lifecycle operations and are allowed by default.
# Read-only mode: list, inspect, logs, stats, version only
SAFETY_ALLOW_MODERATE_OPERATIONS=false
The package does not expose destructive tools such as remove, prune, build, push, or exec.
Configuration
| Variable | Default | Description |
|---|---|---|
DOCKER_BASE_URL |
Auto-detected | Docker daemon socket URL |
DOCKER_TIMEOUT |
60 |
Docker operation timeout in seconds |
SAFETY_ALLOW_MODERATE_OPERATIONS |
true |
Allow reversible start/stop/restart tools |
SAFETY_DEFAULT_TOOL_TIMEOUT |
30 |
Tool timeout in seconds, 0 disables |
SAFETY_MAX_RESPONSE_BYTES |
1048576 |
Maximum tool response size, 0 disables |
MCP_LOG_LEVEL |
INFO |
Logging level |
MCP_JSON_LOGGING |
false |
Emit JSON logs |
MCP_DEBUG_MODE |
false |
Show unsanitized errors for local debugging |
Development
uv sync --group dev
uv run pytest tests/unit/ -v
uv run ruff check src/ tests/
uv run ruff format --check src/ tests/
uv run mypy src/mcp_docker/
Requirements
- Python 3.11+
- Docker 20.10+
- Key dependencies:
fastmcp,docker,pydantic,pydantic-settings,loguru
License
MIT — see LICENSE.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mcp_docker-2.0.0.tar.gz.
File metadata
- Download URL: mcp_docker-2.0.0.tar.gz
- Upload date:
- Size: 94.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
63544c50f8a229627e121094d7be204300117d8f7155470216a04549c5ed99b6
|
|
| MD5 |
8667f3f47b01d5b579f4da16701270ee
|
|
| BLAKE2b-256 |
7968fdefee00cafe09e9788bd91b7b4e652684c4bbc6dae37ac35ae85e9455de
|
Provenance
The following attestation bundles were made for mcp_docker-2.0.0.tar.gz:
Publisher:
release.yml on williajm/mcp_docker
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
mcp_docker-2.0.0.tar.gz -
Subject digest:
63544c50f8a229627e121094d7be204300117d8f7155470216a04549c5ed99b6 - Sigstore transparency entry: 1739935388
- Sigstore integration time:
-
Permalink:
williajm/mcp_docker@b76a64e110d794c4703460ce2ce623301646e8d2 -
Branch / Tag:
refs/tags/v2.0.0 - Owner: https://github.com/williajm
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@b76a64e110d794c4703460ce2ce623301646e8d2 -
Trigger Event:
release
-
Statement type:
File details
Details for the file mcp_docker-2.0.0-py3-none-any.whl.
File metadata
- Download URL: mcp_docker-2.0.0-py3-none-any.whl
- Upload date:
- Size: 43.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e8e074f0bff15907dba9c03747c972718dd5315958e36dcfaeb8a4d9047a09a2
|
|
| MD5 |
a3d9b1217b9b0ca6871e0229a84ff50b
|
|
| BLAKE2b-256 |
4ba54d5a9347b273dd81bf9c5982eced63c5ba12b31239fe4c56f1e76bd482f2
|
Provenance
The following attestation bundles were made for mcp_docker-2.0.0-py3-none-any.whl:
Publisher:
release.yml on williajm/mcp_docker
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
mcp_docker-2.0.0-py3-none-any.whl -
Subject digest:
e8e074f0bff15907dba9c03747c972718dd5315958e36dcfaeb8a4d9047a09a2 - Sigstore transparency entry: 1739935389
- Sigstore integration time:
-
Permalink:
williajm/mcp_docker@b76a64e110d794c4703460ce2ce623301646e8d2 -
Branch / Tag:
refs/tags/v2.0.0 - Owner: https://github.com/williajm
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@b76a64e110d794c4703460ce2ce623301646e8d2 -
Trigger Event:
release
-
Statement type: