apiiro-mongo-mcp

arielolin/apiiro-mongo-mcp

3.2

If you are the rightful owner of apiiro-mongo-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.

An MCP server that interfaces with MongoDB in Kubernetes using kubectl, handling authentication, permissions, and context management.

MongoDB kubectl MCP Server

An MCP (Model Context Protocol) server that connects to MongoDB running in Kubernetes via kubectl exec. Handles gcloud authentication, permission escalation, and client/namespace selection.

Features

  • 🔐 gcloud Authentication: Automatic gcloud auth setup
  • ⬆️ Permission Escalation: Escalate to production permissions
  • 🎯 Multi-Context Support: Works with multiple Kubernetes contexts
  • 👥 Client Namespaces: Select client by namespace
  • 🍃 MongoDB Operations: Query MongoDB via kubectl exec

Prerequisites

  • Node.js 18+
  • kubectl configured with access to your clusters
  • gcloud CLI installed and configured
  • MongoDB deployment named lim-mongo in your namespaces

Installation

Follow these steps to install all prerequisites and set up the MCP server:

1. Install Node.js

macOS (using Homebrew):

brew install node@18
# or for latest LTS
brew install node

macOS (using nvm - recommended):

# Install nvm if not already installed
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
source ~/.bashrc  # or restart terminal

# Install Node.js 18+
nvm install 18
nvm use 18

Linux:

# Using NodeSource repository
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs

Verify installation:

node --version  # Should be 18 or higher
npm --version

2. Install kubectl

macOS (using Homebrew):

brew install kubectl

macOS (using curl):

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/darwin/arm64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/

Linux:

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin/

Verify installation:

kubectl version --client

3. Install gcloud CLI

macOS (using Homebrew - recommended):

brew install --cask google-cloud-sdk

macOS (using installer script):

# Download and install
curl https://sdk.cloud.google.com | bash

# Restart your shell or run:
exec -l $SHELL

# Initialize gcloud
gcloud init

Linux:

# Add Cloud SDK distribution URI as a package source
echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list

# Import the Google Cloud Platform public key
curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -

# Update and install
sudo apt-get update && sudo apt-get install google-cloud-cli

Verify installation:

gcloud --version

4. Configure gcloud Authentication

# Login to your Google account
gcloud auth login

# Set your default project
gcloud config set project apiiro

# Verify authentication
gcloud auth list

5. Configure kubectl for GKE Clusters

Get cluster credentials from GKE:

Option A: Get credentials for a specific cluster

# Authenticate with the cluster
gcloud container clusters get-credentials CLUSTER_NAME \
    --region REGION \
    --project PROJECT_ID

# Example:
gcloud container clusters get-credentials my-cluster \
    --region us-central1 \
    --project my-project-id

Option B: List and connect to available clusters

# List all clusters in your project
gcloud container clusters list

# Get credentials for a cluster (will add it to your kubeconfig)
gcloud container clusters get-credentials CLUSTER_NAME --region REGION

Verify kubectl access:

# List contexts (you should see your GKE cluster)
kubectl config get-contexts

# Test connection
kubectl get nodes

For multiple clusters:

# Get credentials for each cluster
gcloud container clusters get-credentials cluster-1 --region us-central1
gcloud container clusters get-credentials cluster-2 --region us-east1

# List all contexts
kubectl config get-contexts

Add R&D Context (Required for Apiiro):

# Set the R&D project
gcloud config set project apiiro-rnd

# Get credentials for the R&D self-service cluster
gcloud container clusters get-credentials apiiro-rnd-self-service-us \
    --region us-central1 \
    --project apiiro-rnd

# Verify the R&D context was added
kubectl config get-contexts | grep apiiro-rnd

# Expected context name: gke_apiiro-rnd_us-central1_apiiro-rnd-self-service-us

6. Install Project Dependencies

Clone or navigate to the project directory, then:

# Install Node.js dependencies
npm install

# Build the project
npm run build

7. Verify Complete Setup

Run these commands to verify everything is configured correctly:

# Check Node.js
node --version

# Check gcloud authentication
gcloud auth list

# Check kubectl can access clusters
kubectl config get-contexts

# Verify R&D context is available
kubectl config get-contexts | grep apiiro-rnd

# Test cluster access (switch to R&D context first)
kubectl config use-context gke_apiiro-rnd_us-central1_apiiro-rnd-self-service-us
kubectl get namespaces

# Verify project build
ls -la dist/index.js

You're now ready to use the MCP server! Proceed to the Usage section to get started.

Usage

1. Setup (Run First!)

Use the setup tool to authenticate and select your client:

{
  "escalate": true,
  "context": "gke-project-region-cluster",
  "client": "client-name-namespace"
}

Or run interactively - the tool will list available options if you don't specify them.

2. Query MongoDB

Once setup is complete, use MongoDB tools:

  • mongo_query: Execute MongoDB queries

    {
  "query": "db.users.find().limit(5)"
}

  • mongo_eval: Evaluate JavaScript expressions

    {
  "expression": "db.stats()"
}

3. List Options

  • list_contexts: List available Kubernetes contexts
  • list_namespaces: List namespaces in a context
  • get_status: Check current configuration

MCP Configuration

Claude Desktop

The server has been configured in your Claude Desktop config at: ~/Library/Application Support/Claude/claude_desktop_config.json

If you need to add it manually:

{
  "mcpServers": {
    "mongo-kubectl": {
      "command": "node",
      "args": ["/Users/arielolin/mongo-kubectl-mcp/dist/index.js"]
    }
  }
}

After adding, restart Claude Desktop for the changes to take effect.

Cursor

Add to your MCP settings (e.g., ~/.cursor/mcp.json or similar):

{
  "mcpServers": {
    "mongo-kubectl": {
      "command": "node",
      "args": ["/path/to/mongo-kubectl-mcp/dist/index.js"]
    }
  }
}

Architecture

  • Setup Tool: Handles gcloud auth → escalation → context selection → namespace selection
  • State Management: Saves configuration to config.json for persistence
  • kubectl Exec: Uses kubectl exec -it deploy/lim-mongo with selected context/namespace
  • mongosh: Executes MongoDB commands via mongosh shell

Troubleshooting

  • No contexts found: Make sure kubectl is configured and contexts are available
  • Authentication errors: Run gcloud auth login manually if needed
  • Namespace not found: Verify the namespace exists in the selected context
  • MongoDB connection fails: Check that lim-mongo deployment exists in the namespace