kubopt
Kubernetes cluster cost analysis and optimization. Query costs, find savings opportunities, get rightsizing recommendations, and analyze pod spend across AKS, EKS, and GKE — directly from Claude
README
KubeOpt
The Cost Engineer for Kubernetes
KubeOpt analyzes your Kubernetes clusters, identifies cost optimization opportunities, and generates actionable implementation plans with copy-paste kubectl commands.
Works with Azure AKS, AWS EKS, and Google GKE.
What It Does
- Connects to your cloud provider APIs and Kubernetes clusters
- Runs 16 optimization algorithms (rightsizing, HPA, storage, networking, node pools, anomaly detection)
- Calculates actual vs optimal costs with specific dollar savings per resource
- Generates a 3-week implementation plan with kubectl commands ready to execute
- Dashboard with cost breakdowns, workload analysis, and optimization scores
Claude AI Integration (MCP)
Ask Claude about your Kubernetes costs in plain English.
KubeOpt ships an MCP server (mcp_server/) that exposes 6 tools over stdio transport. Once connected, Claude Desktop, Cursor, or Windsurf can query your cluster data directly — no copy-pasting dashboards.
Tools exposed:
| Tool | What it does |
|---|---|
list_clusters |
List all monitored clusters with cost data |
get_cost_summary |
Portfolio-level cost summary across all clusters |
get_cluster_analysis |
Detailed analysis for a specific cluster |
get_recommendations |
Actionable recommendations sorted by savings impact |
analyze_cluster |
Trigger a fresh analysis and poll until complete |
get_pod_costs |
Per-pod cost breakdown, filterable by namespace |
Prerequisites
- KubeOpt running locally (
python main.py) or deployed on Railway - Python virtual environment with dependencies installed (
pip install -r requirements.txt)
Claude Desktop
Edit ~/.claude/claude_desktop_config.json:
{
"mcpServers": {
"kubeopt": {
"command": "/path/to/kubeopt/.venv/bin/python3",
"args": ["-m", "mcp_server.server"],
"env": {
"KUBEOPT_API_URL": "http://localhost:5001",
"KUBEOPT_USERNAME": "kubeopt",
"KUBEOPT_PASSWORD": "your-password"
}
}
}
}
Restart Claude Desktop after saving.
Cursor
Open Cursor Settings → MCP and add a new server entry:
{
"kubeopt": {
"command": "/path/to/kubeopt/.venv/bin/python3",
"args": ["-m", "mcp_server.server"],
"env": {
"KUBEOPT_API_URL": "http://localhost:5001",
"KUBEOPT_USERNAME": "kubeopt",
"KUBEOPT_PASSWORD": "your-password"
}
}
}
Windsurf / Codeium
Edit ~/.codeium/windsurf/mcp_config.json (create it if it doesn't exist):
{
"mcpServers": {
"kubeopt": {
"command": "/path/to/kubeopt/.venv/bin/python3",
"args": ["-m", "mcp_server.server"],
"env": {
"KUBEOPT_API_URL": "http://localhost:5001",
"KUBEOPT_USERNAME": "kubeopt",
"KUBEOPT_PASSWORD": "your-password"
}
}
}
}
Restart Windsurf after saving.
Example prompts
What are my top 3 cost savings opportunities across all clusters?
Which pods are costing the most in the production namespace?
Give me a summary of total Kubernetes spend this month.
What's the optimization score for my staging cluster?
Trigger a fresh analysis on cluster prod-aks-eastus and report back.
For more on the protocol: modelcontextprotocol.io
GitHub Action
Run a Kubernetes cost scan on every pull request or on a schedule. The action posts a summary as a PR comment (upserted on re-runs) and writes results to the GitHub Step Summary.
What you get on each PR:
## KubeOpt Cost Scan — 2026-04-27
| Cluster | Provider | Monthly Spend | Savings Available |
|------------------|----------|---------------|-------------------|
| prod-eks-us-east | AWS | $4,120 | $890/mo |
| staging-aks-weu | Azure | $1,340 | $210/mo |
**Total potential savings: $1,100/mo**
<details>
<summary>Top opportunities</summary>
1. $540/mo — prod-eks-us-east — Rightsize 6 over-provisioned node groups
2. $350/mo — prod-eks-us-east — Enable HPA on 4 deployments with static replicas
3. $210/mo — staging-aks-weu — Remove 3 idle nodes outside business hours
</details>
Setup
1. Add secrets to your repository
Go to Settings → Secrets and variables → Actions and add:
| Secret | Value |
|---|---|
KUBEOPT_URL |
URL of your KubeOpt instance (e.g. https://demo.kubeopt.com) |
KUBEOPT_USERNAME |
KubeOpt username |
KUBEOPT_PASSWORD |
KubeOpt password |
2. Create .github/workflows/cost-scan.yml
name: K8s Cost Scan
on:
pull_request:
types: [opened, synchronize]
schedule:
- cron: '0 8 * * 1' # Every Monday at 08:00 UTC
workflow_dispatch:
permissions:
contents: read
pull-requests: write
jobs:
cost-scan:
name: KubeOpt Cost Scan
runs-on: ubuntu-latest
steps:
- name: Run KubeOpt cost scan
id: kubeopt
uses: kubeopt/kubeopt@v1
with:
kubeopt-url: ${{ secrets.KUBEOPT_URL }}
kubeopt-username: ${{ secrets.KUBEOPT_USERNAME }}
kubeopt-password: ${{ secrets.KUBEOPT_PASSWORD }}
top: 5
post-comment: ${{ github.event_name == 'pull_request' && 'true' || 'false' }}
- name: Print savings to log
if: always()
run: echo "Total savings available: ${{ steps.kubeopt.outputs.total-savings }}/mo"
Inputs
| Input | Required | Default | Description |
|---|---|---|---|
kubeopt-url |
yes | URL of your KubeOpt instance | |
kubeopt-username |
yes | kubeopt |
KubeOpt username |
kubeopt-password |
yes | KubeOpt password | |
cluster-id |
no | (all clusters) | Scan a specific cluster only |
top |
no | 5 |
Number of top savings opportunities to show |
post-comment |
no | true |
Post results as a PR comment |
Outputs
| Output | Description |
|---|---|
total-savings |
Total potential monthly savings in USD |
scan-summary |
Full markdown summary (use in downstream steps) |
Scan a specific cluster
- uses: kubeopt/kubeopt@v1
with:
kubeopt-url: ${{ secrets.KUBEOPT_URL }}
kubeopt-username: ${{ secrets.KUBEOPT_USERNAME }}
kubeopt-password: ${{ secrets.KUBEOPT_PASSWORD }}
cluster-id: prod-eks-us-east-1
top: 10
Notes
- The action checks out
kubeopt/kubeopt@v1at runtime to run the scan. No local install needed. - PR comments are upserted: re-running the action updates the existing comment rather than adding a new one.
- Requires
pull-requests: writepermission to post comments. - The action does not modify your cluster. It is read-only.
Architecture
KubeOpt Platform
+----------------------------------------------------------+
| |
| React SPA (Recharts) FastAPI REST API (v2) |
| frontend/dist/ presentation/api/v2/ |
| |
+---------------------------+------------------------------+
|
+------------------+------------------+
| | |
+-------v------+ +-------v------+ +--------v-------+
| Algorithms | | Analytics | | ML Models |
| (16 modules)| | Collectors | | Anomaly Det. |
| rightsizing | | Processors | | CPU Optimizer |
| HPA, storage| | Scorer | | Workload Cls |
+--------------+ +--------------+ +----------------+
| | |
+-------v------------------v------------------v-------+
| Cloud Provider Abstraction |
| 6 interfaces: Auth, Executor, Metrics, Costs, |
| Accounts, Inspector |
+---+-----------------+-----------------+-------------+
| | |
+---v---+ +----v----+ +----v----+
| Azure | | AWS | | GCP |
| (AKS) | | (EKS) | | (GKE) |
+-------+ +---------+ +---------+
Hosted Services (not in this repo)
| Service | Purpose | Endpoint |
|---|---|---|
| Plan Generation | Generates optimization plans | plan.kubeopt.com |
| AI Chat | Conversational cluster analysis | ai.kubeopt.com |
| License Manager | License validation | license.kubeopt.com |
These services require a PRO or ENTERPRISE license. The core analysis engine works without them.
Quick Start
Prerequisites
- Python 3.11+
- Node.js 18+ (for frontend build)
- Cloud provider credentials (Azure, AWS, or GCP)
Run Locally
# Clone and install
git clone https://github.com/kubeopt/kubeopt.git
cd kubeopt
pip install -r requirements.txt
# Set up credentials (copy and fill in your values)
cp .env.example .env
# Build frontend
cd frontend && npm install && npm run build && cd ..
# Run
python main.py
# Open http://localhost:5001
Run with Docker
docker build -t kubeopt .
docker run -p 5001:5001 --env-file .env kubeopt
Run via CLI
npx kubeopt clusters # List clusters
npx kubeopt analyze <id> # Run analysis
npx kubeopt report <id> # View report
Cloud Provider Setup
Azure (AKS)
Set these environment variables:
AZURE_SUBSCRIPTION_ID=your-subscription-id
AZURE_CLIENT_ID=your-client-id
AZURE_CLIENT_SECRET=your-client-secret
AZURE_TENANT_ID=your-tenant-id
Requires a Service Principal with Reader role. See docs/setup/AZURE-SETUP.md.
AWS (EKS)
AWS_ACCESS_KEY_ID=your-access-key
AWS_SECRET_ACCESS_KEY=your-secret-key
AWS_DEFAULT_REGION=us-east-1
Requires IAM user with EKS, Cost Explorer, and CloudWatch read access.
Google Cloud (GKE)
GCP_SERVICE_ACCOUNT_KEY={"type":"service_account",...}
GCP_BILLING_DATASET=your_billing_dataset
GCP_BILLING_ACCOUNT_ID=your-billing-account-id
See docs/setup/GCP-BILLING-SETUP.md.
Project Structure
kubeopt/
algorithms/ 16 optimization algorithm modules
analytics/ Cost collectors, processors, cluster scorer
application/ Orchestrator, command generators
infrastructure/
cloud_providers/ Azure, AWS, GCP adapters (6 interfaces each)
services/ Auth, caching, license validation, settings
persistence/ Database, analysis engine
machine_learning/ Anomaly detection, CPU optimizer, workload classifier
presentation/
api/v2/ FastAPI routers, schemas, dependencies
frontend/ React SPA (TypeScript, Recharts, Tailwind)
shared/
standards/ 16 YAML-based optimization standards
config/ Application configuration
mcp_server/ MCP server (6 tools, stdio transport)
Technology Stack
| Component | Technology |
|---|---|
| Backend | Python 3.11+, FastAPI, uvicorn |
| Frontend | React 19, TypeScript, Vite, Recharts, Tailwind CSS |
| ML | Pandas, NumPy, Scikit-learn |
| Cloud | Azure SDK, boto3, google-cloud SDK |
| Database | SQLite (dev), PostgreSQL (prod) |
| Deployment | Docker, Railway, Kubernetes |
License
Apache License 2.0. See LICENSE.
The core analysis engine is open source and free to use. Plan generation and AI chat are hosted services that require a PRO or ENTERPRISE license.
Contributing
See CONTRIBUTING.md for guidelines.
Security
To report security vulnerabilities, email support@kubeopt.com. See SECURITY.md.
Built by Nivaya Technologies
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.