Skip to content

Flux MCP Server Configuration

This document covers the configuration options for the Flux Model Context Protocol (MCP) Server, including transport modes, security settings, and how to restrict access to your clusters.

Configuration Options

The flux-operator-mcp serve command accepts the following flags:

Flag Description Default
--transport The transport protocol (stdio or sse) stdio
--port The port to listen on (for sse) 8080
--read-only Run in read-only mode false
--mask-secrets Mask secret values true
--kube-as Kubernetes account to impersonate none

Transport Modes

Standard Input/Output (stdio)

The MCP Server uses standard input/output (stdio) by default, which is compatible with most AI assistants.

To start the server in this mode, use the following configuration:

{
  "flux-operator-mcp":{
    "command":"/path/to/flux-operator-mcp",
    "args":["serve"],
    "env":{
      "KUBECONFIG":"/path/to/.kube/config"
    }
  }
}

Server-Sent Events (SSE)

Web-based transport that allows the server to push updates to the client.

To use Server-Sent Events (SSE), start the server with:

export KUBECONFIG=$HOME/.kube/config
flux-operator-mcp serve --transport sse --port 8080

To connect to the server from VS Code, use the following configuration:

{
 "mcp": {
   "servers": {
     "flux-operator-mcp": {
       "type": "sse",
       "url": "http://localhost:8080/sse"
     }
   }
 }
}

Security Options

Read-only Mode

In production environments, you can run the server in read-only mode to prevent any modifications to your clusters:

{
  "flux-operator-mcp":{
    "command":"/path/to/flux-operator-mcp",
    "args":[
      "serve",
      "--read-only"
    ],
    "env":{
      "KUBECONFIG":"/path/to/.kube/config"
    }
  }
}

Warning

In read-only mode, the MCP tools that modify the cluster state (reconcile, suspend, resume, apply, delete) are disabled.

Secret Masking

By default, the server masks sensitive values in Kubernetes Secrets. You can disable this if needed:

{
  "flux-operator-mcp":{
    "command":"/path/to/flux-operator-mcp",
    "args":[
      "serve",
      "--mask-secrets=false"
    ],
    "env":{
      "KUBECONFIG":"/path/to/.kube/config"
    }
  }
}

Warning

Disabling secret masking will expose sensitive information to the AI assistant and potentially to its training data. Only disable this in controlled environments when using self-hosted models.

Service Account Impersonation

For tighter security control, you can configure the server to impersonate a specific service account:

{
  "flux-operator-mcp":{
    "command":"/path/to/flux-operator-mcp",
    "args":[
      "serve",
      "--kube-as=system:serviceaccount:my-namespace:my-service-account"
    ],
    "env":{
      "KUBECONFIG":"/path/to/.kube/config"
    }
  }
}

This limits the server's permissions to those granted to the specified service account. Note that your user set in the kubeconfig must have permission to impersonate service accounts.

Deploy on Kubernetes

To deploy the Flux MCP Server in a Kubernetes cluster, you can create a ResourceSet with the following configuration:

apiVersion: fluxcd.controlplane.io/v1
kind: ResourceSet
metadata:
  name: flux-operator-mcp
  namespace: flux-system
spec:
  inputs:
    - readonly: false
      accessFrom: flux-system
  resources:
    - apiVersion: source.toolkit.fluxcd.io/v1
      kind: OCIRepository
      metadata:
        name: << inputs.provider.name >>
        namespace: << inputs.provider.namespace >>
      spec:
        interval: 60m
        url: oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator-mcp
        layerSelector:
          mediaType: "application/vnd.cncf.helm.chart.content.v1.tar+gzip"
          operation: copy
        ref:
          semver: "*"
    - apiVersion: helm.toolkit.fluxcd.io/v2
      kind: HelmRelease
      metadata:
        name: << inputs.provider.name >>
        namespace: << inputs.provider.namespace >>
      spec:
        serviceAccountName: flux-operator
        chartRef:
          kind: OCIRepository
          name: << inputs.provider.name >>
        interval: 30m
        values:
          readonly: << inputs.readonly >>
          networkPolicy:
            ingress:
              namespaces: [<< inputs.accessFrom >>]

This ResourceSet will create a Kubernetes Deployment for the Flux MCP Server with cluster-admin permissions. It is recommended to set the readonly input to true in production environments to prevent modifications to the cluster state.

The server is exposed via a Kubernetes Service named flux-operator-mcp in the flux-system namespace, listening on port 9090. If the MCP client is running in-cluster, the accessFrom input should be set to the name of the namespace where the MCP client is deployed.

To connect to the server, start port forwarding with:

kubectl port-forward -n flux-system svc/flux-operator-mcp 9090:9090

Then, in your VS Code settings, add:

{
 "mcp": {
   "servers": {
     "flux-operator-mcp": {
       "type": "sse",
       "url": "http://localhost:9090/sse"
     }
   }
 }
}

Warning

Note that when running in-cluster, the kubeconfig context switching tools are disabled, so comparing deployments across clusters is not possible.