infra-ops-mcp

infra-ops-mcp

A comprehensive MCP server for infrastructure operations with 92 tools across 13 categories, covering system monitoring, networking, containers, multi-cloud management, databases, CI/CD, IaC, security, and remote SSH fleet management.

Category
Visit Server

README

infra-ops-mcp

The most comprehensive MCP (Model Context Protocol) server for infrastructure operations. 92 tools across 13 categories covering everything from local system monitoring to multi-cloud management.

npm version License: MIT Node.js

Features

  • 92 Infrastructure Tools organized in 13 categories
  • Cross-platform: Windows (PowerShell), Linux, macOS
  • Multi-cloud: AWS, Azure, GCP
  • Containers: Docker + Kubernetes
  • Databases: PostgreSQL, MySQL, MongoDB, Redis
  • CI/CD: GitHub Actions, GitLab CI
  • IaC: Terraform, Ansible, Pulumi
  • Security: CVE scanning, secrets detection, TLS checks
  • Remote: SSH fleet management with connection pooling
  • 3-tier permission model: SAFE, DANGEROUS, BLOCKED

Quick Start

Install

npm install -g infra-ops-mcp

Configure with Claude Desktop

Add to your Claude Desktop config (claude_desktop_config.json):

{
  "mcpServers": {
    "infra-ops": {
      "command": "infra-ops-mcp",
      "env": {
        "GITHUB_TOKEN": "ghp_xxx",
        "INFRA_AWS_REGION": "us-east-1"
      }
    }
  }
}

Run Standalone

# With default config
infra-ops-mcp

# With custom config
INFRA_CONFIG_PATH=./my-config.yaml infra-ops-mcp

Development

git clone https://github.com/your-org/infra-ops-mcp.git
cd infra-ops-mcp
npm install
npm run build
npm run dev

Tool Categories

System (12 tools)

Tool Tier Description
system_cpu_info SAFE CPU cores, model, speed, load average
system_memory_info SAFE RAM usage, swap, top memory consumers
system_disk_usage SAFE Disk space by mount point, inodes
system_process_list SAFE Process list with filter and sort
system_process_kill DANGEROUS Kill process by PID
system_service_list SAFE System services status
system_service_control DANGEROUS Start/stop/restart services
system_uptime SAFE System uptime, last boot time
system_users SAFE User accounts, groups, logged in
system_scheduled_tasks SAFE Cron jobs / Task Scheduler
system_hardware_info SAFE BIOS, motherboard, PCI devices
system_drivers SAFE Loaded drivers / kernel modules

Network (9 tools)

Tool Tier Description
network_interfaces SAFE Adapters, IPs, MAC, speed
network_routes SAFE Routing table, default gateway
network_dns_resolve SAFE DNS lookup (A, AAAA, MX, CNAME, etc.)
network_firewall_rules SAFE Firewall rules list
network_listening_ports SAFE Open ports with associated process
network_active_connections SAFE Active TCP/UDP connections
network_wifi_info SAFE WiFi SSID, signal, channel
network_bandwidth_test SAFE Network throughput measurement
network_traceroute SAFE Hop-by-hop route trace

Storage (7 tools)

Tool Tier Description
storage_raid_status SAFE RAID array status
storage_lvm_info SAFE LVM volumes and groups
storage_mounts SAFE Mounted filesystems
storage_smart_health SAFE Disk SMART health data
storage_partitions SAFE Partition table info
storage_nfs_shares SAFE NFS exports and mounts
storage_quotas SAFE Disk quotas by user/group

Containers (18 tools)

Tool Tier Description
docker_container_list SAFE List containers
docker_container_inspect SAFE Container details
docker_container_logs SAFE Container logs
docker_container_stats SAFE Live container stats
docker_container_start DANGEROUS Start container
docker_container_stop DANGEROUS Stop container
docker_container_restart DANGEROUS Restart container
docker_image_list SAFE Local images
docker_network_list SAFE Docker networks
docker_volume_list SAFE Docker volumes
docker_compose_status SAFE Compose project status
k8s_pod_list SAFE Kubernetes pods
k8s_pod_logs SAFE Pod logs
k8s_deployment_list SAFE Deployments
k8s_service_list SAFE Services
k8s_node_list SAFE Cluster nodes
k8s_events SAFE Cluster events
k8s_scale_deployment DANGEROUS Scale replicas

Cloud (11 tools)

Tool Tier Description
aws_ec2_instances SAFE EC2 instances
aws_s3_buckets SAFE S3 buckets
aws_rds_instances SAFE RDS instances
aws_lambda_functions SAFE Lambda functions
aws_cloudwatch_metrics SAFE CloudWatch metrics
aws_route53_zones SAFE Route53 DNS zones
azure_vm_list SAFE Azure VMs
azure_aks_clusters SAFE AKS clusters
azure_storage_accounts SAFE Storage accounts
gcp_compute_instances SAFE GCE instances
gcp_gke_clusters SAFE GKE clusters

CI/CD (4 tools)

Tool Tier Description
cicd_github_workflows SAFE GitHub Actions workflows
cicd_github_workflow_runs SAFE Workflow run history
cicd_gitlab_pipelines SAFE GitLab pipelines
cicd_gitlab_jobs SAFE Pipeline jobs

Database (8 tools)

Tool Tier Description
db_postgres_query SAFE PostgreSQL read-only query
db_postgres_health SAFE PostgreSQL health check
db_mysql_query SAFE MySQL read-only query
db_mysql_health SAFE MySQL health check
db_mongodb_query SAFE MongoDB query
db_mongodb_health SAFE MongoDB health check
db_redis_info SAFE Redis INFO stats
db_redis_health SAFE Redis health check

IaC (5 tools)

Tool Tier Description
iac_terraform_state SAFE Terraform state
iac_terraform_plan DANGEROUS Run terraform plan
iac_ansible_inventory SAFE Ansible inventory
iac_ansible_playbook_run DANGEROUS Run playbook (--check)
iac_pulumi_stacks SAFE Pulumi stacks

Security (5 tools)

Tool Tier Description
security_cve_scan SAFE CVE vulnerability scan (Trivy)
security_secrets_scan SAFE Secrets detection (Gitleaks)
security_cert_check SAFE TLS certificate inspection
security_compliance_check SAFE CIS/STIG benchmarks
security_port_audit SAFE Open port security audit

Remote (3 tools)

Tool Tier Description
remote_ssh_exec SAFE Execute command via SSH
remote_fleet_command DANGEROUS Command across multiple hosts
remote_host_inventory SAFE Host inventory with status

DNS (3 tools)

Tool Tier Description
dns_records SAFE Query DNS records
dns_propagation_check SAFE Global DNS propagation
dns_zone_query SAFE Zone transfer query

Backup (3 tools)

Tool Tier Description
backup_status SAFE Backup status check
backup_integrity_check SAFE Verify backup integrity
backup_restore_test DANGEROUS Test restore to temp

Monitoring (4 tools)

Tool Tier Description
monitoring_custom_metrics SAFE Query Prometheus metrics
monitoring_uptime_check SAFE HTTP/TCP uptime check
monitoring_alerts SAFE Active alerts
monitoring_sla_status SAFE SLA percentage calculator

Security Model

The 3-tier permission system protects against unintended operations:

Tier Behavior Examples
SAFE No confirmation needed All list, info, health, read-only queries
DANGEROUS Requires confirm: true process_kill, service_control, docker start/stop, fleet_command, terraform_plan
BLOCKED Disabled by default DB writes, delete operations (enable in config)

Example: Dangerous Operation

{
  "name": "system_process_kill",
  "arguments": {
    "pid": 1234,
    "confirm": true
  }
}

Without confirm: true, dangerous tools return an error message explaining the requirement.

Configuration

Config File (config/default.yaml)

The server loads configuration from:

  1. ./config/default.yaml (project directory)
  2. ~/.infra-ops-mcp/config.yaml (user home)
  3. Environment variables (highest priority)

Environment Variables

Variable Description
GITHUB_TOKEN GitHub personal access token
GITLAB_TOKEN GitLab access token
INFRA_AWS_REGION AWS region
INFRA_AWS_PROFILE AWS profile name
INFRA_GCP_PROJECT GCP project ID
INFRA_AZURE_SUBSCRIPTION Azure subscription ID
INFRA_PG_HOST PostgreSQL host
INFRA_PG_PORT PostgreSQL port
INFRA_PG_USER PostgreSQL user
INFRA_PG_PASSWORD PostgreSQL password
INFRA_PG_DATABASE PostgreSQL database
INFRA_REDIS_HOST Redis host
INFRA_REDIS_PORT Redis port
INFRA_REDIS_PASSWORD Redis password

Host Inventory (config/hosts.yaml)

Ansible-style host definitions for remote operations:

hosts:
  - host: web-01.example.com
    user: deploy
    port: 22
    privateKey: ~/.ssh/web_servers
    groups:
      - webservers
      - production
    labels:
      environment: production
      role: web

Architecture

src/
├── index.ts           # Entry point
├── server.ts          # MCP Server + StdioTransport
├── registry.ts        # ToolRegistry with permission guards
├── core/              # Platform detection, executor, permissions, errors
├── infra/             # SSH pool, circuit breaker, cache, rate limiter
├── config/            # YAML config loader, env overrides
├── tools/             # 13 tool modules (76 tools total)
└── utils/             # Parsers, formatters

Requirements

  • Node.js >= 18.0.0
  • Optional: Docker, kubectl, AWS CLI, Azure CLI, gcloud, Terraform, Ansible, Trivy, Gitleaks

Tools gracefully handle missing dependencies - if Docker isn't installed, Docker tools will return appropriate error messages rather than crashing.

License

MIT

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured