mirror of
https://github.com/kubeshark/kubeshark.git
synced 2026-02-22 06:32:33 +00:00
2ccd716a68
* Add MCP (Model Context Protocol) server command Implement `kubeshark mcp` command that runs an MCP server over stdio, enabling AI assistants to query Kubeshark's network visibility data. Features: - MCP protocol implementation (JSON-RPC 2.0 over stdio) - Dynamic tool discovery from Hub's /api/mcp endpoint - Local cluster management tools (check_kubeshark_status, start_kubeshark, stop_kubeshark) - --url flag for direct connection to existing Kubeshark deployment - --kubeconfig flag for proxy mode with kubectl - --allow-destructive flag to enable start/stop operations (safe by default) - --list-tools flag to display available tools - --mcp-config flag to generate MCP client configuration - 5-minute cache TTL for Hub tools/prompts - Prompts for common analysis tasks * Address code review comments for MCP implementation - Add 30s timeout to HTTP client to prevent hanging requests - Add scanner.Err() check after stdin processing loop - Close HTTP response bodies to prevent resource leaks - Add goroutine to wait on started process to prevent zombies - Simplify polling loop by removing ineffective context check - Advertise check_kubeshark_status in URL mode (was callable but hidden) - Update documentation to clarify URL mode only disables start/stop * Fix lint errors in mcpRunner.go - Use type conversion instead of struct literals for hubMCPTool -> mcpTool and hubMCPPromptArg -> mcpPromptArg (S1016 gosimple) - Lowercase error string to follow Go conventions (ST1005 staticcheck) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * Add MCP server unit tests Comprehensive unit tests for the MCP server implementation: - Protocol tests (initialize, tools/list, tools/call, prompts/list, prompts/get) - Tool tests (check_kubeshark_status, start_kubeshark, stop_kubeshark) - Hub integration tests (tool fetching, caching, prompt handling) - Error handling tests - Edge case tests * Fix MCP unit tests to use correct /tools/call endpoint - Update all Hub tool tests to use POST /tools/call endpoint instead of individual paths like /workloads, /calls, /stats - Verify arguments in POST body instead of URL query parameters - Add newMockHubHandler helper for proper Hub endpoint mocking - Split TestMCP_ToolsList into three tests: - TestMCP_ToolsList_CLIOnly: Tests without Hub backend - TestMCP_ToolsList_WithDestructive: Tests with destructive flag - TestMCP_ToolsList_WithHubBackend: Tests with mock Hub providing tools - Fix TestMCP_FullConversation to mock Hub MCP endpoint correctly - Rename URL encoding tests for clarity - All tests now correctly reflect the implementation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * Simplify MCP unit tests - Remove section header comments (10 headers) - Consolidate similar tests using table-driven patterns - Simplify test assertions with more concise checks - Combine edge case tests into single test function - Reduce verbose test structures Total reduction: 1477 → 495 lines (66%) All 24 tests still pass. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * Add MCP integration test framework Add integration tests that run against a real Kubernetes cluster: - MCP protocol tests (initialize, tools/list, prompts/list) - Cluster management tests (check_kubeshark_status, start_kubeshark, stop_kubeshark) - Full lifecycle test (check -> start -> check -> stop -> check) - API tools tests (list_workloads, list_api_calls, get_api_stats) Also includes: - Makefile targets for running integration tests - Test helper functions (startMCPSession, cleanupKubeshark, etc.) - Documentation (README.md, TEMPLATE.md, ISSUE_TEMPLATE.md) * Address review comments on integration tests Makefile: - Use unique temporary files (mktemp) instead of shared /tmp/integration-test.log to prevent race conditions when multiple test targets run concurrently - Remove redundant test-integration-verbose target (test-integration already uses -v) - Add cleanup (rm -f) for temporary log files integration/mcp_test.go: - Capture stderr from MCP server for debugging failures - Add getStderr() method to mcpSession for accessing captured stderr - Fix potential goroutine leak by adding return statements after t.Fatalf - Remove t.Run subtests in TestMCP_APIToolsRequireKubeshark to clarify sequential execution with shared session - Fix benchmark to use getKubesharkBinary helper for consistency - Add Kubernetes cluster check to benchmark (graceful skip) - Add proper error handling for pipe creation in benchmark - Remove unnecessary bytes import workaround (now actually used for stderr) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * Simplify and clean up MCP integration tests - Remove unrelated L4 viewer files (1239 lines) - Remove template/issue documentation files (419 lines) - Trim README to essential content only - Remove TEMPLATE comments from common_test.go - Add initialize() helper to reduce test boilerplate - Add hasKubernetesCluster() helper for benchmarks - Simplify all test functions with consistent patterns Total reduction: 2964 → 866 lines (71%) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * Add MCP registry metadata for official registry submission Add metadata files for submitting Kubeshark MCP server to the official MCP registry at registry.modelcontextprotocol.io: - mcp/server.json: Registry metadata with tools, prompts, and configuration - mcp/README.md: MCP server documentation and usage guide --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
206 lines
5.7 KiB
JSON
206 lines
5.7 KiB
JSON
{
|
|
"$schema": "https://registry.modelcontextprotocol.io/schemas/server.schema.json",
|
|
"name": "com.kubeshark/mcp",
|
|
"displayName": "Kubeshark",
|
|
"description": "Real-time Kubernetes network traffic visibility and API analysis. Query L7 API transactions (HTTP, gRPC, Redis, Kafka, DNS), L4 network flows, and manage Kubeshark deployments directly from AI assistants.",
|
|
"icon": "https://kubeshark.com/favicon.ico",
|
|
"repository": {
|
|
"url": "https://github.com/kubeshark/kubeshark",
|
|
"source": "github"
|
|
},
|
|
"homepage": "https://kubeshark.com",
|
|
"license": "Apache-2.0",
|
|
"version": "52.12.0",
|
|
"authors": [
|
|
{
|
|
"name": "Kubeshark",
|
|
"url": "https://kubeshark.com"
|
|
}
|
|
],
|
|
"categories": [
|
|
"kubernetes",
|
|
"networking",
|
|
"observability",
|
|
"debugging",
|
|
"security"
|
|
],
|
|
"tags": [
|
|
"kubernetes",
|
|
"network",
|
|
"traffic",
|
|
"api",
|
|
"http",
|
|
"grpc",
|
|
"kafka",
|
|
"redis",
|
|
"dns",
|
|
"pcap",
|
|
"wireshark",
|
|
"tcpdump",
|
|
"observability",
|
|
"debugging",
|
|
"microservices"
|
|
],
|
|
"packages": [
|
|
{
|
|
"registryType": "github-releases",
|
|
"name": "kubeshark/kubeshark",
|
|
"version": "52.12.0",
|
|
"runtime": "binary",
|
|
"platforms": [
|
|
"darwin-arm64",
|
|
"darwin-amd64",
|
|
"linux-arm64",
|
|
"linux-amd64",
|
|
"windows-amd64"
|
|
],
|
|
"transport": {
|
|
"type": "stdio",
|
|
"command": "kubeshark",
|
|
"args": ["mcp"]
|
|
}
|
|
}
|
|
],
|
|
"tools": [
|
|
{
|
|
"name": "check_kubeshark_status",
|
|
"description": "Check if Kubeshark is currently running in the cluster. Read-only operation.",
|
|
"mode": "proxy"
|
|
},
|
|
{
|
|
"name": "start_kubeshark",
|
|
"description": "Deploy Kubeshark to the Kubernetes cluster. Requires --allow-destructive flag.",
|
|
"mode": "proxy",
|
|
"destructive": true
|
|
},
|
|
{
|
|
"name": "stop_kubeshark",
|
|
"description": "Remove Kubeshark from the Kubernetes cluster. Requires --allow-destructive flag.",
|
|
"mode": "proxy",
|
|
"destructive": true
|
|
},
|
|
{
|
|
"name": "list_workloads",
|
|
"description": "List pods, services, namespaces, and nodes with observed L7 traffic.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "list_api_calls",
|
|
"description": "Query L7 API transactions (HTTP, gRPC, Redis, Kafka, DNS) with KFL filtering.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "get_api_call",
|
|
"description": "Get detailed information about a specific API call including headers and body.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "get_api_stats",
|
|
"description": "Get aggregated API statistics and metrics.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "list_l4_flows",
|
|
"description": "List L4 (TCP/UDP) network flows with traffic statistics.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "get_l4_flow_summary",
|
|
"description": "Get L4 connectivity summary including top talkers and cross-namespace traffic.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "list_snapshots",
|
|
"description": "List all PCAP snapshots.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "create_snapshot",
|
|
"description": "Create a new PCAP snapshot of captured traffic.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "get_dissection_status",
|
|
"description": "Check L7 protocol parsing status.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "enable_dissection",
|
|
"description": "Enable L7 protocol dissection.",
|
|
"mode": "all"
|
|
},
|
|
{
|
|
"name": "disable_dissection",
|
|
"description": "Disable L7 protocol dissection.",
|
|
"mode": "all"
|
|
}
|
|
],
|
|
"prompts": [
|
|
{
|
|
"name": "analyze_traffic",
|
|
"description": "Analyze API traffic patterns and identify issues"
|
|
},
|
|
{
|
|
"name": "find_errors",
|
|
"description": "Find and summarize API errors and failures"
|
|
},
|
|
{
|
|
"name": "trace_request",
|
|
"description": "Trace a request path through microservices"
|
|
},
|
|
{
|
|
"name": "show_topology",
|
|
"description": "Show service communication topology"
|
|
},
|
|
{
|
|
"name": "latency_analysis",
|
|
"description": "Analyze latency patterns and identify slow endpoints"
|
|
},
|
|
{
|
|
"name": "security_audit",
|
|
"description": "Audit traffic for security concerns"
|
|
},
|
|
{
|
|
"name": "compare_traffic",
|
|
"description": "Compare traffic patterns between time periods"
|
|
},
|
|
{
|
|
"name": "debug_connection",
|
|
"description": "Debug connectivity issues between services"
|
|
}
|
|
],
|
|
"configuration": {
|
|
"properties": {
|
|
"url": {
|
|
"type": "string",
|
|
"description": "Direct URL to Kubeshark Hub (e.g., https://kubeshark.example.com). When set, connects directly without kubectl/proxy.",
|
|
"examples": ["https://kubeshark.example.com", "http://localhost:8899"]
|
|
},
|
|
"kubeconfig": {
|
|
"type": "string",
|
|
"description": "Path to kubeconfig file for proxy mode.",
|
|
"examples": ["~/.kube/config", "/path/to/.kube/config"]
|
|
},
|
|
"allow-destructive": {
|
|
"type": "boolean",
|
|
"description": "Enable destructive operations (start_kubeshark, stop_kubeshark). Default: false for safety.",
|
|
"default": false
|
|
}
|
|
}
|
|
},
|
|
"modes": {
|
|
"url": {
|
|
"description": "Connect directly to an existing Kubeshark deployment via URL. Cluster management tools are disabled.",
|
|
"args": ["mcp", "--url", "${url}"]
|
|
},
|
|
"proxy": {
|
|
"description": "Connect via kubectl port-forward. Requires kubeconfig access to the cluster.",
|
|
"args": ["mcp", "--kubeconfig", "${kubeconfig}"]
|
|
},
|
|
"proxy-destructive": {
|
|
"description": "Proxy mode with destructive operations enabled.",
|
|
"args": ["mcp", "--kubeconfig", "${kubeconfig}", "--allow-destructive"]
|
|
}
|
|
}
|
|
}
|