Infra Ops
FreeNot checkedA comprehensive MCP server for infrastructure operations with 92 tools across 13 categories, covering system monitoring, networking, containers, multi-cloud man
About
A comprehensive MCP server for infrastructure operations with 92 tools across 13 categories, covering system monitoring, networking, containers, multi-cloud management, databases, CI/CD, IaC, security, and remote SSH fleet management.
README
The most comprehensive MCP (Model Context Protocol) server for infrastructure operations. 92 tools across 13 categories covering everything from local system monitoring to multi-cloud management.
npm version License: MIT Node.js
Features
- 92 Infrastructure Tools organized in 13 categories
- Cross-platform: Windows (PowerShell), Linux, macOS
- Multi-cloud: AWS, Azure, GCP
- Containers: Docker + Kubernetes
- Databases: PostgreSQL, MySQL, MongoDB, Redis
- CI/CD: GitHub Actions, GitLab CI
- IaC: Terraform, Ansible, Pulumi
- Security: CVE scanning, secrets detection, TLS checks
- Remote: SSH fleet management with connection pooling
- 3-tier permission model: SAFE, DANGEROUS, BLOCKED
Quick Start
Install
npm install -g infra-ops-mcp
Configure with Claude Desktop
Add to your Claude Desktop config (claude_desktop_config.json):
{
"mcpServers": {
"infra-ops": {
"command": "infra-ops-mcp",
"env": {
"GITHUB_TOKEN": "ghp_xxx",
"INFRA_AWS_REGION": "us-east-1"
}
}
}
}
Run Standalone
# With default config
infra-ops-mcp
# With custom config
INFRA_CONFIG_PATH=./my-config.yaml infra-ops-mcp
Development
git clone https://github.com/your-org/infra-ops-mcp.git
cd infra-ops-mcp
npm install
npm run build
npm run dev
Tool Categories
System (12 tools)
| Tool | Tier | Description |
|---|---|---|
system_cpu_info |
SAFE | CPU cores, model, speed, load average |
system_memory_info |
SAFE | RAM usage, swap, top memory consumers |
system_disk_usage |
SAFE | Disk space by mount point, inodes |
system_process_list |
SAFE | Process list with filter and sort |
system_process_kill |
DANGEROUS | Kill process by PID |
system_service_list |
SAFE | System services status |
system_service_control |
DANGEROUS | Start/stop/restart services |
system_uptime |
SAFE | System uptime, last boot time |
system_users |
SAFE | User accounts, groups, logged in |
system_scheduled_tasks |
SAFE | Cron jobs / Task Scheduler |
system_hardware_info |
SAFE | BIOS, motherboard, PCI devices |
system_drivers |
SAFE | Loaded drivers / kernel modules |
Network (9 tools)
| Tool | Tier | Description |
|---|---|---|
network_interfaces |
SAFE | Adapters, IPs, MAC, speed |
network_routes |
SAFE | Routing table, default gateway |
network_dns_resolve |
SAFE | DNS lookup (A, AAAA, MX, CNAME, etc.) |
network_firewall_rules |
SAFE | Firewall rules list |
network_listening_ports |
SAFE | Open ports with associated process |
network_active_connections |
SAFE | Active TCP/UDP connections |
network_wifi_info |
SAFE | WiFi SSID, signal, channel |
network_bandwidth_test |
SAFE | Network throughput measurement |
network_traceroute |
SAFE | Hop-by-hop route trace |
Storage (7 tools)
| Tool | Tier | Description |
|---|---|---|
storage_raid_status |
SAFE | RAID array status |
storage_lvm_info |
SAFE | LVM volumes and groups |
storage_mounts |
SAFE | Mounted filesystems |
storage_smart_health |
SAFE | Disk SMART health data |
storage_partitions |
SAFE | Partition table info |
storage_nfs_shares |
SAFE | NFS exports and mounts |
storage_quotas |
SAFE | Disk quotas by user/group |
Containers (18 tools)
| Tool | Tier | Description |
|---|---|---|
docker_container_list |
SAFE | List containers |
docker_container_inspect |
SAFE | Container details |
docker_container_logs |
SAFE | Container logs |
docker_container_stats |
SAFE | Live container stats |
docker_container_start |
DANGEROUS | Start container |
docker_container_stop |
DANGEROUS | Stop container |
docker_container_restart |
DANGEROUS | Restart container |
docker_image_list |
SAFE | Local images |
docker_network_list |
SAFE | Docker networks |
docker_volume_list |
SAFE | Docker volumes |
docker_compose_status |
SAFE | Compose project status |
k8s_pod_list |
SAFE | Kubernetes pods |
k8s_pod_logs |
SAFE | Pod logs |
k8s_deployment_list |
SAFE | Deployments |
k8s_service_list |
SAFE | Services |
k8s_node_list |
SAFE | Cluster nodes |
k8s_events |
SAFE | Cluster events |
k8s_scale_deployment |
DANGEROUS | Scale replicas |
Cloud (11 tools)
| Tool | Tier | Description |
|---|---|---|
aws_ec2_instances |
SAFE | EC2 instances |
aws_s3_buckets |
SAFE | S3 buckets |
aws_rds_instances |
SAFE | RDS instances |
aws_lambda_functions |
SAFE | Lambda functions |
aws_cloudwatch_metrics |
SAFE | CloudWatch metrics |
aws_route53_zones |
SAFE | Route53 DNS zones |
azure_vm_list |
SAFE | Azure VMs |
azure_aks_clusters |
SAFE | AKS clusters |
azure_storage_accounts |
SAFE | Storage accounts |
gcp_compute_instances |
SAFE | GCE instances |
gcp_gke_clusters |
SAFE | GKE clusters |
CI/CD (4 tools)
| Tool | Tier | Description |
|---|---|---|
cicd_github_workflows |
SAFE | GitHub Actions workflows |
cicd_github_workflow_runs |
SAFE | Workflow run history |
cicd_gitlab_pipelines |
SAFE | GitLab pipelines |
cicd_gitlab_jobs |
SAFE | Pipeline jobs |
Database (8 tools)
| Tool | Tier | Description |
|---|---|---|
db_postgres_query |
SAFE | PostgreSQL read-only query |
db_postgres_health |
SAFE | PostgreSQL health check |
db_mysql_query |
SAFE | MySQL read-only query |
db_mysql_health |
SAFE | MySQL health check |
db_mongodb_query |
SAFE | MongoDB query |
db_mongodb_health |
SAFE | MongoDB health check |
db_redis_info |
SAFE | Redis INFO stats |
db_redis_health |
SAFE | Redis health check |
IaC (5 tools)
| Tool | Tier | Description |
|---|---|---|
iac_terraform_state |
SAFE | Terraform state |
iac_terraform_plan |
DANGEROUS | Run terraform plan |
iac_ansible_inventory |
SAFE | Ansible inventory |
iac_ansible_playbook_run |
DANGEROUS | Run playbook (--check) |
iac_pulumi_stacks |
SAFE | Pulumi stacks |
Security (5 tools)
| Tool | Tier | Description |
|---|---|---|
security_cve_scan |
SAFE | CVE vulnerability scan (Trivy) |
security_secrets_scan |
SAFE | Secrets detection (Gitleaks) |
security_cert_check |
SAFE | TLS certificate inspection |
security_compliance_check |
SAFE | CIS/STIG benchmarks |
security_port_audit |
SAFE | Open port security audit |
Remote (3 tools)
| Tool | Tier | Description |
|---|---|---|
remote_ssh_exec |
SAFE | Execute command via SSH |
remote_fleet_command |
DANGEROUS | Command across multiple hosts |
remote_host_inventory |
SAFE | Host inventory with status |
DNS (3 tools)
| Tool | Tier | Description |
|---|---|---|
dns_records |
SAFE | Query DNS records |
dns_propagation_check |
SAFE | Global DNS propagation |
dns_zone_query |
SAFE | Zone transfer query |
Backup (3 tools)
| Tool | Tier | Description |
|---|---|---|
backup_status |
SAFE | Backup status check |
backup_integrity_check |
SAFE | Verify backup integrity |
backup_restore_test |
DANGEROUS | Test restore to temp |
Monitoring (4 tools)
| Tool | Tier | Description |
|---|---|---|
monitoring_custom_metrics |
SAFE | Query Prometheus metrics |
monitoring_uptime_check |
SAFE | HTTP/TCP uptime check |
monitoring_alerts |
SAFE | Active alerts |
monitoring_sla_status |
SAFE | SLA percentage calculator |
Security Model
The 3-tier permission system protects against unintended operations:
| Tier | Behavior | Examples |
|---|---|---|
| SAFE | No confirmation needed | All list, info, health, read-only queries |
| DANGEROUS | Requires confirm: true |
process_kill, service_control, docker start/stop, fleet_command, terraform_plan |
| BLOCKED | Disabled by default | DB writes, delete operations (enable in config) |
Example: Dangerous Operation
{
"name": "system_process_kill",
"arguments": {
"pid": 1234,
"confirm": true
}
}
Without confirm: true, dangerous tools return an error message explaining the requirement.
Configuration
Config File (config/default.yaml)
The server loads configuration from:
./config/default.yaml(project directory)~/.infra-ops-mcp/config.yaml(user home)- Environment variables (highest priority)
Environment Variables
| Variable | Description |
|---|---|
GITHUB_TOKEN |
GitHub personal access token |
GITLAB_TOKEN |
GitLab access token |
INFRA_AWS_REGION |
AWS region |
INFRA_AWS_PROFILE |
AWS profile name |
INFRA_GCP_PROJECT |
GCP project ID |
INFRA_AZURE_SUBSCRIPTION |
Azure subscription ID |
INFRA_PG_HOST |
PostgreSQL host |
INFRA_PG_PORT |
PostgreSQL port |
INFRA_PG_USER |
PostgreSQL user |
INFRA_PG_PASSWORD |
PostgreSQL password |
INFRA_PG_DATABASE |
PostgreSQL database |
INFRA_REDIS_HOST |
Redis host |
INFRA_REDIS_PORT |
Redis port |
INFRA_REDIS_PASSWORD |
Redis password |
Host Inventory (config/hosts.yaml)
Ansible-style host definitions for remote operations:
hosts:
- host: web-01.example.com
user: deploy
port: 22
privateKey: ~/.ssh/web_servers
groups:
- webservers
- production
labels:
environment: production
role: web
Architecture
src/
├── index.ts # Entry point
├── server.ts # MCP Server + StdioTransport
├── registry.ts # ToolRegistry with permission guards
├── core/ # Platform detection, executor, permissions, errors
├── infra/ # SSH pool, circuit breaker, cache, rate limiter
├── config/ # YAML config loader, env overrides
├── tools/ # 13 tool modules (76 tools total)
└── utils/ # Parsers, formatters
Requirements
- Node.js >= 18.0.0
- Optional: Docker, kubectl, AWS CLI, Azure CLI, gcloud, Terraform, Ansible, Trivy, Gitleaks
Tools gracefully handle missing dependencies - if Docker isn't installed, Docker tools will return appropriate error messages rather than crashing.
License
MIT
Install Infra Ops in Claude Desktop, Claude Code & Cursor
unyly install infra-ops-mcpInstalls into Claude Desktop, Claude Code, Cursor & VS Code — handles npx, uvx and build-from-source repos for you.
First time? Get the CLI: curl -fsSL https://unyly.org/install | sh
Or configure manually
Run in your terminal:
claude mcp add infra-ops-mcp -- npx -y github:skyvanguard/infra-ops-mcpFAQ
Is Infra Ops MCP free?
Yes, Infra Ops MCP is free — one-click install via Unyly at no cost.
Does Infra Ops need an API key?
No, Infra Ops runs without API keys or environment variables.
Is Infra Ops hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install Infra Ops in Claude Desktop, Claude Code or Cursor?
Open Infra Ops on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
GitHub
PRs, issues, code search, CI status
by GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
by mcpdotdirectCompare Infra Ops with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All development MCPs
