How to add Kubernetes MCP Server to Windsurf
Popular community server wrapping kubectl and Helm for cluster management via natural language. Paste the config into ~/.codeium/windsurf/mcp_config.json and restart Windsurf.
Last updated June 15, 2026 · 1.4k★ · stdio · no auth
Windsurf config for Kubernetes MCP Server
npx -y mcp-server-kubernetes{
"mcpServers": {
"kubernetes-mcp-server": {
"command": "npx",
"args": [
"-y",
"mcp-server-kubernetes"
],
"env": {
"ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS": "true"
}
}
}
}Setup steps
- 1Open Windsurf → Cascade → the hammer/MCP icon → Configure (or edit ~/.codeium/windsurf/mcp_config.json).
- 2Paste the Kubernetes MCP Server config below.
- 3Fill in placeholder secrets, then save.
- 4Click Refresh in the MCP panel.
- 5Kubernetes MCP Server's tools become available to Cascade.
Before you start
- Node.js (it runs via `npx mcp-server-kubernetes`)
- kubectl installed and on your PATH
- Helm v3 installed if you want to use the Helm tools (optional)
- A valid kubeconfig (default ~/.kube/config) with at least one configured context pointing at a reachable cluster (minikube, GKE, EKS, Rancher Desktop, etc.)
What Kubernetes MCP Server can do in Windsurf
kubectl_get / kubectl_describeList/retrieve resources and show detailed resource information.
kubectl_create / kubectl_apply / kubectl_deleteCreate resources, apply YAML manifests, and delete resources.
kubectl_logsFetch pod logs.
kubectl_patch / kubectl_scale / kubectl_rolloutUpdate specific fields, scale workloads, and manage deployment rollouts.
kubectl_contextList and switch kubectl contexts.
kubectl_genericRun an arbitrary kubectl command (disabled in non-destructive mode).
install_helm_chart / upgrade_helm_chart / uninstall_helm_chartManage Helm v3 releases.
port_forward / stop_port_forwardStart and stop port-forwarding to pods or services.
Security
It inherits your active kubeconfig context and can modify or delete cluster resources by default; set ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS=true and point at a non-production context when experimenting. Note CVE-2026-46519: earlier versions only enforced the non-destructive flag at tool discovery, not execution — upgrade to v3.6.0 or later, and always confirm which cluster the current context targets.
Kubernetes MCP Server + Windsurf FAQ
Where is the Windsurf config file?
Windsurf reads MCP servers from ~/.codeium/windsurf/mcp_config.json. Paste the Kubernetes MCP Server config there under the "mcpServers" key and restart the client.
Is Kubernetes MCP Server safe to use with Windsurf?
It inherits your active kubeconfig context and can modify or delete cluster resources by default; set ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS=true and point at a non-production context when experimenting. Note CVE-2026-46519: earlier versions only enforced the non-destructive flag at tool discovery, not execution — upgrade to v3.6.0 or later, and always confirm which cluster the current context targets.
Does it need credentials of its own?
No. It uses your existing kubeconfig and current context, so the agent inherits whatever cluster permissions you already have. There is no separate API key.
How do I stop it from deleting things?
Set ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS=true. This disables kubectl_delete, uninstall_helm_chart, cleanup_pods, node_management, and kubectl_generic while keeping read, create, and update tools.
Is Helm required?
Only if you want the Helm tools. Core kubectl operations work without Helm; install Helm v3 to enable install/upgrade/uninstall chart tools.