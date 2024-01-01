Version: 18.x

This guide explains how to connect to Teleport Kubernetes Clusters with MCP clients.

A running Teleport cluster. If you want to get started with Teleport, sign up for a free trial or set up a demo environment.

The tsh client. Installing tsh client Determine the version of your Teleport cluster. The tsh client must be at most one major version behind your Teleport cluster version. Send a GET request to the Proxy Service at /v1/webapi/find and use a JSON query tool to obtain your cluster version. Replace teleport.example.com:443 with the web address of your Teleport Proxy Service: TELEPORT_DOMAIN= teleport.example.com:443 TELEPORT_VERSION="$(curl -s https://$TELEPORT_DOMAIN/v1/webapi/find | jq -r '.server_version')" Follow the instructions for your platform to install tsh client: Mac Windows - Powershell Linux Download the signed macOS .pkg installer for Teleport, which includes the tsh client: curl -O https://cdn.teleport.dev/teleport-${TELEPORT_VERSION?}.pkg In Finder double-click the pkg file to begin installation. danger Using Homebrew to install Teleport is not supported. The Teleport package in Homebrew is not maintained by Teleport and we can't guarantee its reliability or security. curl.exe -O https://cdn.teleport.dev/teleport-v${TELEPORT_VERSION?}-windows-amd64-bin.zip All of the Teleport binaries in Linux installations include the tsh client. For more options (including RPM/DEB packages and downloads for i386/ARM/ARM64) see our installation page. curl -O https://cdn.teleport.dev/teleport-v${TELEPORT_VERSION?}-linux-amd64-bin.tar.gz tar -xzf teleport-v${TELEPORT_VERSION?}-linux-amd64-bin.tar.gz cd teleport sudo ./install



Kubernetes Clusters enrolled with Teleport. See our guides.

First, sign in into your Teleport cluster using tsh login :

To list Kubernetes clusters available for you to access:

tsh kube ls Kube Cluster Name Labels Selected ----------------- ------- -------- minikube env=dev *

Now log in to your Kubernetes cluster, replacing minikube with your our Kubernetes cluster name:

tsh kube login minikube Logged into Kubernetes cluster "minikube". Try 'kubectl version' to test the connection.

This command also updates your default Kubernetes config.

Next, configure your MCP clients to use the kubernetes-mcp-server MCP server.

Claude Desktop

Cursor

VS Code / VS Code Insiders Open your claude_desktop_config.json and add the MCP server to the list of mcpServers: { "mcpServers" : { "kubernetes" : { "command" : "npx" , "args" : [ "-y" , "kubernetes-mcp-server@latest" ] } } } You can install the extension by editing the mcp.json file: { "mcpServers" : { "kubernetes-mcp-server" : { "command" : "npx" , "args" : [ "-y" , "kubernetes-mcp-server@latest" ] } } } You can install the extension by running the following command: code --add-mcp '{"name":"kubernetes","command":"npx","args":["kubernetes-mcp-server@latest"]}' code-insiders --add-mcp '{"name":"kubernetes","command":"npx","args":["kubernetes-mcp-server@latest"]}'

After configuring your MCP client, you will find Kubernetes and Helms tools from kubernetes-mcp-server .

You can now use these tools to interact with your Kubernetes clusters via Teleport in your MCP clients:

If your Teleport cluster is behind a TLS-terminating load balancer or reverse proxy, you can start a local proxy with tsh :

tsh proxy kube -p 8888

Copy the KUBECONFIG path from the output of the command, and add it with the --kubeconfig flag in your MCP client configuration. For example:

{ "mcpServers" : { "kubernetes-mcp-server" : { "command" : "npx" , "args" : [ "-y" , "kubernetes-mcp-server@latest" , "--kubeconfig" , "/path/to/your/tsh/localproxy-8888-kubeconfig" ] } } }

Alternatively, you can use Teleport Connect to run the local proxy to your Kubernetes cluster. You can find the KUBECONFIG path from the terminal in Teleport Connect: