10 MCP Servers Every DevOps Engineer Should Be Running
10 MCP servers that connect Copilot to your entire DevOps stack
You’re deep in a Kubernetes incident. Three browser tabs open. Terminal on one monitor. Slack on the other. You’re typing kubectl describe pod for the fifth time, switching to Grafana to check metrics, bouncing to PagerDuty for context.
Your AI assistant sits there, useless. It doesn’t know your cluster. It can’t see your dashboards. It can’t check your Terraform state.
That’s the gap MCP fills.
What is MCP?
MCP (Model Context Protocol) is an open standard that lets AI tools connect directly to external services. Your editor’s AI can now query your Kubernetes cluster, check your Grafana dashboards, and manage PagerDuty incidents. Directly. Without you copy-pasting anything.
Think of it as giving your AI a set of hands that can reach into your actual stack.
I’ve been running these 10 servers for the past few months. Here’s what’s worth your time, organized by where it fits in your workflow.
How to set this up
All of these work with GitHub Copilot in VS Code. Create .vscode/mcp.json in your repo root:
{
"inputs": [],
"servers": {}
}Add servers to the servers object. VS Code handles the rest. Use ${input:variable-id} for secrets — it prompts you securely on first use.
You need GitHub Copilot with Agent mode enabled. Let’s dive in.
Plan & Code
1. GitHub MCP
Official | github/github-mcp-server
The one you install first. It gives Copilot direct access to your repos, PRs, issues, and Actions workflows.
Ask it to triage open PRs, search code across repos, check workflow run statuses, or create issues. All without switching context.
"github": {
"command": "docker",
"args": ["run", "-i", "--rm", "ghcr.io/github/github-mcp-server"],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "${input:github-token}"
}
}Best for: PR triage, cross-repo code search, CI/CD status checks.
Infrastructure as Code
2. Terraform MCP
Official — HashiCorp | hashicorp/terraform-mcp-server
HashiCorp built this one themselves. It connects to the Terraform Registry and your HCP Terraform workspace.
Ask it to look up a provider’s resource schema, check available module versions, or inspect workspace run status. Useful when you’re writing Terraform and need docs without switching tabs.
"terraform": {
"command": "docker",
"args": ["run", "-i", "--rm", "hashicorp/terraform-mcp-server"],
"env": {
"TFE_TOKEN": "${input:tfe-token}",
"TFE_ADDRESS": "https://app.terraform.io"
}
}Best for: Provider and module docs, workspace run management, HCP Terraform integration.
Honest tradeoff: Needs Docker running locally. Registry-only use (docs, schema lookups) works without a TFE token. Workspace features require HCP Terraform.
Build
3. Docker MCP
Community | https://github.com/0xshariq/docker-mcp-server
16 Docker tools. Covers what you do most: list containers, inspect images, check logs, manage networks.
Useful for asking “which containers are running and which one is consuming 4GB” without pulling up Docker Desktop.
"docker": {
"command": "npx",
"args": ["-y", "@0xshariq/docker-mcp-server@latest"]
}Best for: Container debugging, image management, compose operations.
Deploy
4. Kubernetes MCP
Official — Red Hat | containers/kubernetes-mcp-server
The best Kubernetes MCP server available right now. Built in Go by Red Hat. Uses your existing kubeconfig. No extra setup.
Ask it to describe pods, check deployment rollout status, fetch logs, or scale resources. It talks directly to the Kubernetes API, not just wrapping kubectl.
"kubernetes": {
"command": "npx",
"args": ["-y", "kubernetes-mcp-server"]
}Best for: Pod debugging, deployment status, namespace exploration.
Honest tradeoff: Picks up whatever cluster your current kubeconfig context points to. Double-check your context before running destructive operations.
5. AWS EKS MCP
Official — AWS Labs | awslabs/mcp/eks-mcp-server
If you’re running Kubernetes on AWS, this is more useful than the generic K8s server for EKS-specific operations. Node group management, addon status, cluster upgrade checks, IAM permissions context.
Requires uvx (install with pip install uv).
"eks-mcp": {
"command": "uvx",
"args": ["awslabs.eks-mcp-server@latest"],
"env": {
"AWS_PROFILE": "${input:aws-profile}",
"AWS_REGION": "us-east-1",
"FASTMCP_LOG_LEVEL": "ERROR"
}
}
Best for: EKS node groups, addon management, AWS-native cluster context.
6. Helm MCP
Community | zekker6/mcp-helm
Helm chart and repository management via HTTP. No local install needed.
Useful for asking “what’s the latest stable cert-manager chart version” or checking a chart’s values schema without pulling the chart locally.
"helm": {
"type": "http",
"url": "https://mcp-helm.zekker.dev/mcp"
}
Best for: Chart discovery, version lookups, values reference.
7. ArgoCD MCP
Official — Argo Labs | argoproj-labs/mcp-for-argocd
If you’re running GitOps with ArgoCD, this connects your AI to application sync status, health checks, and rollback operations.
Ask “which apps are out of sync and why” and it pulls the answer straight from your ArgoCD instance.
"argocd": {
"command": "npx",
"args": ["argocd-mcp@latest"],
"env": {
"ARGOCD_BASE_URL": "${input:argocd-server}",
"ARGOCD_API_TOKEN": "${input:argocd-token}"
}
}Best for: GitOps status visibility, sync troubleshooting, rollback operations.
Monitor
8. Grafana MCP
Official — Grafana Labs | grafana/mcp-grafana
The observability server you actually want. Access to Grafana dashboards, Prometheus queries, Loki logs, and alerting — in one server.
Ask “show me CPU usage for the payments service over the last hour” and it runs the PromQL query against your Grafana datasource and returns the result.
"grafana": {
"command": "uvx",
"args": ["mcp-grafana"],
"env": {
"GRAFANA_SERVICE_ACCOUNT_TOKEN": "${input:grafana-token}",
"GRAFANA_URL": "${input:grafana-url}"
}
}Best for: Prometheus queries, log exploration, alert status, dashboard data.
9. Datadog MCP
Official — Datadog | Link
If you’re on Datadog instead of Grafana/Prometheus, this is your observability server. APM traces, log querying, metric exploration, monitor status.
During an incident, ask it to pull the distributed trace for a specific request ID. It returns the full span breakdown without you logging into the UI.
"datadog": {
"type": "http",
"url": "https://mcp.datadoghq.com/api/unstable/mcp-server/mcp",
"env": {
"DD_API_KEY": "${input:datadog-api-key}",
"DD_APP_KEY": "${input:datadog-app-key}"
}
}Best for: APM traces, log queries, monitor status, SLO tracking.
Honest tradeoff: Run Grafana MCP or Datadog MCP, not both. They overlap heavily. Use whichever matches your actual stack.
Respond
10. PagerDuty MCP
Official — PagerDuty | PagerDuty/pagerduty-mcp-server
Incident management without leaving your editor. Check active incidents, see who’s on call, acknowledge alerts, check service health.
During an incident, ask “what’s the active P1 and who’s the current responder” and it pulls straight from PagerDuty.
"pagerduty": {
"type": "stdio",
"command": "uvx",
"args": ["pagerduty-mcp", "--enable-write-tools"],
"env": {
"PAGERDUTY_USER_API_KEY": "${input:pagerduty-key}",
"PAGERDUTY_API_HOST": "https://api.pagerduty.com"
}
}
Best for: Incident triage, on-call visibility, alert acknowledgement.
Full .vscode/mcp.json
Here’s the complete config. Drop it in your repo root. VS Code prompts for secrets on first use — nothing is hardcoded.
{
"inputs": [
{
"type": "promptString",
"id": "github-token",
"description": "GitHub Personal Access Token",
"password": true
},
{
"type": "promptString",
"id": "tfe-token",
"description": "Terraform Cloud API Token",
"password": true
},
{
"type": "promptString",
"id": "aws-profile",
"description": "AWS Profile Name"
},
{
"type": "promptString",
"id": "argocd-server",
"description": "ArgoCD Server URL (e.g., https://argocd.example.com)"
},
{
"type": "promptString",
"id": "argocd-token",
"description": "ArgoCD API Token",
"password": true
},
{
"type": "promptString",
"id": "grafana-url",
"description": "Grafana URL (e.g., http://localhost:3000)",
"password": false
},
{
"type": "promptString",
"id": "grafana-token",
"description": "Grafana Service Account Token",
"password": true
},
{
"type": "promptString",
"id": "datadog-api-key",
"description": "Datadog API Key (DD_API_KEY)",
"password": true
},
{
"type": "promptString",
"id": "datadog-app-key",
"description": "Datadog Application Key (DD_APP_KEY)",
"password": true
},
{
"type": "promptString",
"id": "pagerduty-key",
"description": "PagerDuty User API Key",
"password": true
}
],
"servers": {
"github": {
"command": "docker",
"args": ["run", "-i", "--rm", "ghcr.io/github/github-mcp-server"],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "${input:github-token}"
}
},
"terraform": {
"command": "docker",
"args": ["run", "-i", "--rm", "hashicorp/terraform-mcp-server"],
"env": {
"TFE_TOKEN": "${input:tfe-token}",
"TFE_ADDRESS": "https://app.terraform.io"
}
},
"docker": {
"command": "npx",
"args": ["@0xshariq/docker-mcp-server"]
},
"kubernetes": {
"command": "npx",
"args": ["-y", "kubernetes-mcp-server"]
},
"eks-mcp": {
"command": "uvx",
"args": ["awslabs.eks-mcp-server@latest"],
"env": {
"AWS_PROFILE": "${input:aws-profile}",
"AWS_REGION": "us-east-1",
"FASTMCP_LOG_LEVEL": "ERROR"
}
},
"helm": {
"type": "http",
"url": "https://mcp-helm.zekker.dev/mcp"
},
"argocd": {
"command": "npx",
"args": ["argocd-mcp@latest"],
"env": {
"ARGOCD_BASE_URL": "${input:argocd-server}",
"ARGOCD_API_TOKEN": "${input:argocd-token}"
}
},
"grafana": {
"command": "uvx",
"args": ["mcp-grafana"],
"env": {
"GRAFANA_SERVICE_ACCOUNT_TOKEN": "${input:grafana-token}",
"GRAFANA_URL": "${input:grafana-url}"
}
},
"datadog": {
"type": "http",
"url": "https://mcp.datadoghq.com/api/unstable/mcp-server/mcp",
"env": {
"DD_API_KEY": "${input:datadog-api-key}",
"DD_APP_KEY": "${input:datadog-app-key}"
}
},
"pagerduty": {
"type": "stdio",
"command": "uvx",
"args": ["pagerduty-mcp", "--enable-write-tools"],
"env": {
"PAGERDUTY_USER_API_KEY": "${input:pagerduty-key}",
"PAGERDUTY_API_HOST": "https://api.pagerduty.com"
}
}
}
}Quick tip: Don’t install all 10 at once. Start with the ones relevant to your current project. GitHub and Kubernetes are good first installs. Add the rest as you need them.
That’s it for this week. Part 2 covers how to actually use these during incidents and deployments. Real prompts, real workflows.
Which MCP server are you most likely to try first? Share it in the comments.
See you next Wednesday. Try not to break production before then:)
Keep decoding, Bhanu from DecodeOps