ContainerGuard MCP
Enables remote container security monitoring and management through Docker API and SSH connections. Provides real-time container monitoring, security analysis, event tracking, and comprehensive security scanning for containerized environments.
README
项目名称: ContainerGuard MCP
README.md
# ContainerGuard MCP
一个基于Model Context Protocol (MCP)的容器安全监控与管理工具,提供远程容器管理、安全日志分析和事件监控功能。
## 功能特性
- 🔐 **远程连接管理**: 支持Docker API和SSH两种方式连接远程容器环境
- 📊 **容器监控**: 实时查看容器状态、日志和运行信息
- 🛡️ **安全分析**: 自动分析容器安全性,检测可疑活动和配置问题
- 📋 **事件监控**: 实时监控Docker事件,及时发现异常行为
- 🔍 **深度检查**: 全面的容器安全扫描,包括进程、网络、文件权限等
## 安装依赖
```bash
pip install mcp-server-fastmcp docker paramiko
快速开始
- 启动MCP服务:
python container_guard_mcp.py
- 在支持MCP的客户端中使用 (如Claude AI):
连接到Docker守护进程: connect_docker host="192.168.1.100" port=2375
查看容器列表: list_containers all_containers=true
分析容器安全: security_analysis container_id="container_id"
可用工具
连接管理
connect_docker()- 连接到远程Docker守护进程connect_ssh()- 通过SSH连接到远程主机
容器操作
list_containers()- 获取容器列表get_container_logs()- 查看容器日志execute_command()- 在容器中执行命令
安全分析
security_analysis()- 基础安全分析check_container_security()- 全面安全检查monitor_docker_events()- 监控Docker事件
安全配置
Docker远程访问
# 在目标主机上配置Docker远程API
sudo systemctl edit docker
# 添加: -H tcp://0.0.0.0:2375
sudo systemctl restart docker
SSH密钥认证
# 生成SSH密钥对
ssh-keygen -t rsa -b 4096
# 将公钥复制到目标主机
ssh-copy-id user@host
使用示例
- 连接远程Docker:
connect_docker(host="10.0.0.5", port=2375)
- 查看所有容器:
containers = list_containers(all_containers=true)
- 分析特定容器:
analysis = security_analysis(container_id="abc123")
- 监控实时事件:
events = monitor_docker_events(duration=30)
安全建议
- 使用TLS加密Docker远程连接
- 限制Docker API的访问权限
- 定期更新SSH密钥
- 监控容器资源使用情况
- 设置容器资源限制
许可证
MIT License
支持
如有问题请提交Issue或联系开发团队。
## 使用说明
1. **安装依赖**:
```bash
pip install mcp-server-fastmcp docker paramiko
- 运行服务:
python container_guard_mcp.py
-
在MCP客户端中配置: 将上述Python脚本路径添加到你的MCP客户端配置中。
-
开始使用:
- 首先连接到远程Docker或SSH
- 然后使用各种工具进行容器管理和安全分析
这个MCP服务提供了完整的容器安全管理功能,可以帮助你远程监控和分析容器环境的安全状况。
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.