Configuration
Complete configuration guide for the Helm MCP Server including environment variables, Docker setup, MCP client configuration, and access control.
π¦ Installation Optionsβ
Option 1: Docker Hub (Recommended)β
The easiest way to get started is using the pre-built Docker image.
# Pull the image
docker pull sandeep2014/talkops-mcp:helm-mcp-server-latest
# Run with default configuration (port 8765)
docker run --rm -it \
-p 8765:8765 \
-v ~/.kube/config:/app/.kube/config:ro \
sandeep2014/talkops-mcp:helm-mcp-server-latest
# Run with custom environment variables
docker run --rm -it \
-p 9000:9000 \
-v ~/.kube/config:/app/.kube/config:ro \
-e MCP_PORT=9000 \
-e MCP_LOG_LEVEL=DEBUG \
-e MCP_ALLOW_WRITE=false \
-e HELM_TIMEOUT=600 \
sandeep2014/talkops-mcp:helm-mcp-server-latest
# Run in read-only mode
docker run --rm -it \
-p 8765:8765 \
-v ~/.kube/config:/app/.kube/config:ro \
-e MCP_ALLOW_WRITE=false \
sandeep2014/talkops-mcp:helm-mcp-server-latest
# Map to different host port
docker run --rm -it \
-p 8080:8765 \
-v ~/.kube/config:/app/.kube/config:ro \
sandeep2014/talkops-mcp:helm-mcp-server-latest
Option 2: Build from Source (Docker)β
# Navigate to the helm-mcp-server directory
cd talkops-mcp/src/helm-mcp-server
# Build the image
docker build -t helm-mcp-server .
# Run the server
docker run --rm -it \
-p 8765:8765 \
-v ~/.kube/config:/app/.kube/config:ro \
helm-mcp-server
Option 3: Using uvβ
# Install uv if not already installed
curl -LsSf https://astral.sh/uv/install.sh | sh
# Clone the repository
git clone git@github.com:talkops-ai/talkops-mcp.git
cd talkops-mcp/src/helm-mcp-server
# Create virtual environment and install
uv venv --python=3.12
source .venv/bin/activate # On Unix/macOS
# .venv\Scripts\activate # On Windows
uv pip install -e .
Option 4: Using pipβ
git clone git@github.com:talkops-ai/talkops-mcp.git
cd talkops-mcp/src/helm-mcp-server
python -m venv .venv
source .venv/bin/activate
pip install -e .
βοΈ Environment Variablesβ
When running in Docker, environment variables set via -e flags will override the defaults in the Docker image.
Server Configurationβ
| Variable | Default | Description |
|---|---|---|
MCP_SERVER_NAME | helm-mcp-server | Server name identifier |
MCP_SERVER_VERSION | 0.2.0 | Server version string |
MCP_TRANSPORT | http | Transport mode: http (HTTP/SSE) or stdio |
MCP_HOST | 0.0.0.0 | Host address for HTTP/SSE server |
MCP_PORT | 8765 | Port for HTTP/SSE server |
MCP_PATH | /sse | SSE endpoint path |
MCP_ALLOW_WRITE | true | Enable write operations (see below) |
MCP_HTTP_TIMEOUT | 300 | HTTP request timeout in seconds |
MCP_HTTP_KEEPALIVE_TIMEOUT | 5 | HTTP keepalive timeout in seconds |
MCP_HTTP_CONNECT_TIMEOUT | 60 | HTTP connection timeout in seconds |
MCP_LOG_LEVEL | INFO | Logging level: DEBUG, INFO, WARNING, ERROR, CRITICAL |
MCP_LOG_FORMAT | json | Log format: json or text |
Helm Configurationβ
| Variable | Default | Description |
|---|---|---|
HELM_TIMEOUT | 300 | Timeout in seconds for Helm operations |
Kubernetes Configurationβ
| Variable | Default | Description |
|---|---|---|
K8S_TIMEOUT | 30 | Timeout in seconds for Kubernetes API operations |
KUBECONFIG | ~/.kube/config | Path to kubeconfig file |
π Write Access Controlβ
The MCP_ALLOW_WRITE environment variable controls whether mutating operations are allowed. This is a critical security feature.
When MCP_ALLOW_WRITE=true (Default)β
All operations are enabled:
| Operation | Tool | Status |
|---|---|---|
| Install | helm_install_chart | β Enabled |
| Upgrade | helm_upgrade_release | β Enabled |
| Rollback | helm_rollback_release | β Enabled |
| Uninstall | helm_uninstall_release | β Enabled |
| Dry-run | All dry-run operations | β Enabled |
When MCP_ALLOW_WRITE=false (Read-Only Mode)β
Only read-only operations are allowed:
| Operation | Status |
|---|---|
| Discovery (search charts, get info) | β Allowed |
| Validation (validate values, render manifests) | β Allowed |
| Monitoring (get status, list releases) | β Allowed |
| Dry-run operations | β Allowed |
| Install | β Blocked |
| Upgrade | β Blocked |
| Rollback | β Blocked |
| Uninstall | β Blocked |
Set MCP_ALLOW_WRITE=false when you want to use the server for discovery, validation, and monitoring onlyβpreventing any accidental deployments or modifications.
Dry-run operations (dry_run=True) are always allowed, even when MCP_ALLOW_WRITE=false, as they don't modify the cluster.
π MCP Client Configurationβ
Step 1: Start the Serverβ
Using Docker:
docker run --rm -it \
-p 9000:9000 \
-v ~/.kube/config:/app/.kube/config:ro \
-e MCP_PORT=9000 \
-e MCP_ALLOW_WRITE=true \
-e MCP_LOG_LEVEL=INFO \
sandeep2014/talkops-mcp:helm-mcp-server-latest
Using Local Installation:
cd /path/to/talkops-mcp/src/helm-mcp-server
source .venv/bin/activate
helm-mcp-server
Step 2: Configure the Clientβ
Configure your MCP client to connect using SSE (Server-Sent Events) transport:
{
"mcpServers": {
"helm-mcp-server": {
"transport": "sse",
"url": "http://localhost:9000/sse",
"description": "Helm MCP Server for managing Kubernetes workloads via Helm",
"disabled": false,
"autoApprove": []
}
}
}
Replace 9000 with the port you configured when starting the server. The default port is 8765 if not specified.
π§ Troubleshootingβ
Connection Timeout Errorsβ
If you encounter httpx.ConnectTimeout errors, increase the client timeout values:
{
"url": "http://localhost:8765/sse",
"transport": "sse",
"timeout": 300.0, # Increase to 300 seconds
"connect_timeout": 60.0 # Increase to 60 seconds
}
Why this happens:
- Server may take time to initialize
- Network latency between client and server
- Default client timeout may be insufficient
Chart Not Found Errorsβ
- Ensure the chart exists in the specified repository
- Run
helm repo updateto refresh repository indexes - Check the repository name is correct (e.g.,
bitnami,argo)
Helm Command Timeoutsβ
Increase the timeout via environment variable:
export HELM_TIMEOUT=600 # 10 minutes
Next Stepsβ
- π οΈ Tools - Available MCP tools reference
- π Resources & Prompts - MCP resources and prompts
- π Examples - Usage patterns and workflows