How to add mcp-k8s to Windsurf
Kubernetes MCP server: manage cluster resources and Helm releases through MCP tools, with fine-grained write controls. Paste the config into ~/.codeium/windsurf/mcp_config.json and restart Windsurf.
Last updated June 14, 2026 · 146★ · stdio · no auth
Windsurf config for mcp-k8s
go install github.com/silenceper/mcp-k8s/cmd/mcp-k8s@latest{
"mcpServers": {
"mcp-k8s": {
"command": "/path/to/mcp-k8s",
"args": [
"--kubeconfig",
"/path/to/kubeconfig",
"--enable-create",
"--enable-delete",
"--enable-update",
"--enable-list",
"--enable-helm-install",
"--enable-helm-upgrade"
]
}
}
}Setup steps
- 1Open Windsurf → Cascade → the hammer/MCP icon → Configure (or edit ~/.codeium/windsurf/mcp_config.json).
- 2Paste the mcp-k8s config below.
- 3Fill in placeholder secrets, then save.
- 4Click Refresh in the MCP panel.
- 5mcp-k8s's tools become available to Cascade.
Before you start
- Access to a Kubernetes cluster
- A kubeconfig file (uses the default config if --kubeconfig is not specified)
- Go (only if building from source or using `go install`); otherwise a prebuilt binary or the Docker image
- Helm v3 (for Helm-related tools)
What mcp-k8s can do in Windsurf
get_api_resourcesGet all supported API resource types in the cluster (built-in resources and CRDs).
get_resourceGet detailed information about a specific resource.
list_resourcesList all instances of a resource type, with filtering options.
create_resourceCreate new resources. Disabled by default; enabled with --enable-create.
update_resourceUpdate existing resources. Disabled by default; enabled with --enable-update.
delete_resourceDelete resources. Disabled by default; enabled with --enable-delete.
list_helm_releasesList all Helm releases in the cluster.
get_helm_releaseGet detailed information about a specific Helm release.
Security
Write operations are disabled by default and must be explicitly enabled via flags (--enable-create, --enable-update, --enable-delete, and the --enable-helm-* equivalents). Helm read operations are enabled by default while Helm write operations are disabled by default. The server validates all user inputs to prevent injection attacks and relies on Kubernetes RBAC to ensure the client has only the necessary permissions. In SSE/HTTP mode the server exposes an HTTP endpoint; deploy it on a remote server with caution.
mcp-k8s + Windsurf FAQ
Where is the Windsurf config file?
Windsurf reads MCP servers from ~/.codeium/windsurf/mcp_config.json. Paste the mcp-k8s config there under the "mcpServers" key and restart the client.
Is mcp-k8s safe to use with Windsurf?
Write operations are disabled by default and must be explicitly enabled via flags (--enable-create, --enable-update, --enable-delete, and the --enable-helm-* equivalents). Helm read operations are enabled by default while Helm write operations are disabled by default. The server validates all user inputs to prevent injection attacks and relies on Kubernetes RBAC to ensure the client has only the necessary permissions. In SSE/HTTP mode the server exposes an HTTP endpoint; deploy it on a remote server with caution.
How does mcp-k8s connect to my cluster?
It connects using a kubeconfig file. Pass --kubeconfig /path/to/kubeconfig, or omit it to use the default kubeconfig.
Are write operations safe by default?
Yes. Resource write operations (create/update/delete) and Helm write operations (install/upgrade/uninstall, repo add/remove) are all disabled by default and must be explicitly enabled with their respective --enable-* flags. Read and list operations are enabled by default.
What transport modes are supported?
stdio (default), SSE, and Streamable HTTP. Use --transport=sse or --transport=streamable-http along with --host/--port (and --endpoint-path for streamable-http) to run over HTTP.