How to add kubectl-mcp-server to Cursor
Control your entire Kubernetes infrastructure through natural language conversations with AI. Paste the config into ~/.cursor/mcp.json and restart Cursor.
Last updated June 14, 2026 · 913★ · stdio · no auth
Cursor config for kubectl-mcp-server
npx -y kubectl-mcp-server{
"mcpServers": {
"kubectl-mcp-server": {
"command": "npx",
"args": [
"-y",
"kubectl-mcp-server"
]
}
}
}Setup steps
- 1Open Cursor → Settings → MCP → Add new MCP server (or edit ~/.cursor/mcp.json directly).
- 2Paste the kubectl-mcp-server config below into the "mcpServers" object.
- 3Fill in placeholder secrets, then save.
- 4Cursor reloads MCP servers automatically — check Settings → MCP for a green status dot.
- 5Ask Cursor to use one of kubectl-mcp-server's tools to confirm it's connected.
Before you start
- Python 3.9+ (for pip installation)
- Node.js 14+ (for npx installation)
- kubectl installed and configured
- Access to a Kubernetes cluster
What kubectl-mcp-server can do in Cursor
get_podsList pods in a namespace (accepts namespace and optional context).
get_logsRetrieve logs from a pod.
diagnose_pod_crashAI-powered crash diagnosis with logs, events, and resource analysis.
get_deploymentsList deployments in the cluster.
create_deploymentCreate a deployment with best-practice defaults.
scale_deploymentScale a deployment to a target replica count.
kubectl_rolloutManage deployment rollouts (status, undo, restart).
diagnose_network_connectivityDiagnose network connectivity issues including DNS resolution and service chain tracing.
Security
Mounts your kubeconfig and operates against live clusters. Use --disable-destructive (or --non-destructive) to allow create/update but block delete, or --read-only to block all writes. Secrets are masked in output (e.g. manifest://secrets data is masked). Optional OAuth 2.1 authentication (RFC 9728) can be enabled via MCP_AUTH_ENABLED for multi-tenant/compliance environments.
kubectl-mcp-server + Cursor FAQ
Where is the Cursor config file?
Cursor reads MCP servers from ~/.cursor/mcp.json. Paste the kubectl-mcp-server config there under the "mcpServers" key and restart the client.
Is kubectl-mcp-server safe to use with Cursor?
Mounts your kubeconfig and operates against live clusters. Use --disable-destructive (or --non-destructive) to allow create/update but block delete, or --read-only to block all writes. Secrets are masked in output (e.g. manifest://secrets data is masked). Optional OAuth 2.1 authentication (RFC 9728) can be enabled via MCP_AUTH_ENABLED for multi-tenant/compliance environments.
How do I install and run it?
Run it with no install via `npx -y kubectl-mcp-server`, or install globally with `npm install -g kubectl-mcp-server`. A Python distribution is also available via `pip install kubectl-mcp-server` (add the `[ui]` extra for interactive dashboards), plus Docker images on Docker Hub and GHCR.
Which AI assistants does it work with?
It works with any MCP-compatible client, with documented native configs for Claude Desktop, Claude Code, Cursor, Windsurf, GitHub Copilot, Gemini CLI, Goose, Roo Code, Kilo Code, and others.
Is it safe to run against production clusters?
It supports safety modes: `--disable-destructive` allows create/update but blocks delete, and `--read-only` blocks all write operations. Secrets are masked in output, and OAuth 2.1 authentication can be enabled for enterprise/multi-tenant use.