Skip to content

MCP

Bring Rafay Into Your AI Workflows with the Rafay MCP Server

AI assistants are now part of everyday work for platform, DevOps, and SRE teams. We use them to debug code, make sense of configuration, and understand how systems behave. But when it comes to managing Kubernetes clusters and platform infrastructure, these assistants hit a wall: they have no secure, real-time view of your environment.

Without a secure window into your actual operational state AI tools are forced to guess rely on stale data or require engineers to manually copy paste massive YAML files and CLI outputs into chat windows.

To bridge this gap without compromising on security, we are thrilled to introduce the Rafay MCP Server.

Interact with Your Rafay Managed Kubernetes Clusters Using MCP-compatible AI clients

The Model Context Protocol (MCP) is an open standard that enables AI assistants to securely interact with external tools and systems. When used with Kubernetes, MCP allows an AI assistant to execute operations (for example, kubectl commands), retrieve live cluster state, and reason about results without requiring users to manually copy and paste output into a chat interface.

This blog uses Claude Desktop as an example AI assistant. The same approach applies to any MCP-compatible AI client.

For platform administrators, this capability enables controlled, auditable, and policy-driven AI-assisted cluster operations.

For production environments, the recommended approach is to run the MCP server locally and connect to your Kubernetes cluster using a Rafay Zero Trust Kubectl Access (ZTKA) kubeconfig.

In this model:

  • The MCP server runs on the administrator’s workstation
  • Cluster access is established through Rafay’s ZTKA secure relay
  • No inbound access to the cluster is required
  • No VPN tunnels or exposed Kubernetes API endpoints are needed

This architecture aligns with zero-trust security principles and enterprise compliance requirements.