Delegates agentic sessions to Kubernetes-hosted Claude agents running on the Ambient Code Platform, enabling creation and management of AI agent sessions, sending messages to sessions, and monitoring session status through OpenShift/Kubernetes cluster integration.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Ambient Code Platform MCP Serverlist my agentic sessions in the development project"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
MCP ACP Server
A Model Context Protocol (MCP) server for managing Ambient Code Platform (ACP) sessions on OpenShift/Kubernetes clusters.
Quick Start
Get started in 5 minutes:
First Command: List my ambient sessions that are older than a week
Overview
This MCP server provides 27 comprehensive tools for interacting with the Ambient Code Platform, enabling:
Session Management: List, create, delete, restart, clone sessions
Label Management: Tag and organize sessions with custom labels
Bulk Operations: Efficiently manage multiple sessions at once
Advanced Filtering: Filter by status, age, display name, labels, and more
Debugging: Retrieve logs, transcripts, and metrics
Cluster Management: Multi-cluster support with easy switching
Safety First: Dry-run mode on all mutating operations
Security: This server implements comprehensive security measures including input validation, command injection prevention, timeout controls, and resource limits. See SECURITY.md for details.
Features
Session Management
acp_list_sessions: Enhanced filtering by status, display name, age, labels, and sorting
acp_delete_session: Delete sessions with dry-run preview
acp_restart_session: Restart stopped sessions
acp_clone_session: Clone existing session configurations
acp_create_session_from_template: Create sessions from predefined templates
acp_update_session: Update session metadata
Label Management
acp_label_resource: Add labels to sessions or other resources
acp_unlabel_resource: Remove labels from resources
acp_bulk_label_resources: Label multiple resources (max 3 with confirmation)
acp_bulk_unlabel_resources: Remove labels from multiple resources
acp_list_sessions_by_label: List sessions matching label selectors
Bulk Operations
acp_bulk_delete_sessions: Delete multiple sessions with confirmation
acp_bulk_stop_sessions: Stop multiple running sessions with confirmation
acp_bulk_delete_sessions_by_label: Delete sessions by label selector
acp_bulk_stop_sessions_by_label: Stop sessions by label selector
acp_bulk_restart_sessions: Restart multiple sessions (max 3)
acp_bulk_restart_sessions_by_label: Restart sessions by label selector
Debugging & Monitoring
acp_get_session_logs: Retrieve container logs for debugging
acp_get_session_transcript: Retrieve conversation history
acp_get_session_metrics: Get usage statistics and analytics
acp_export_session: Export session data for archival
Cluster Management
acp_list_clusters: List configured cluster aliases
acp_whoami: Check authentication status
acp_login: Web-based authentication flow
acp_switch_cluster: Switch between configured clusters
acp_add_cluster: Add new cluster configurations
Workflows
acp_list_workflows: Discover available workflows
Safety Features:
Dry-Run Mode: All mutating operations support a
dry_runparameter for safe preview before executingBulk Operation Limits: Maximum 3 items per bulk operation with confirmation requirement
Label Format:
acp.ambient-code.ai/label-{key}={value}for Kubernetes compatibility
Installation
From PyPI (when published)
From Source
Requirements:
Python 3.10+
OpenShift CLI (
oc) installed and in PATHAccess to an OpenShift cluster with ACP
See QUICKSTART.md for detailed installation instructions.
Configuration
1. Create Cluster Configuration
Create ~/.config/acp/clusters.yaml:
2. Configure MCP Client
For Claude Desktop, edit your configuration file:
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
Linux: ~/.config/claude/claude_desktop_config.json
Add the ACP server:
3. Authenticate with OpenShift
Note: Direct OpenShift CLI authentication is required for testing until the frontend API is available (tracked in PR #558).
Usage Examples
List Sessions with Filtering
Label Management
Delete Session with Dry-Run
Bulk Operations
Get Session Logs
See QUICKSTART.md for detailed examples and workflow patterns.
Tool Reference
For complete API specifications, see API_REFERENCE.md.
Quick Reference
Category | Tool | Description |
Session |
| List/filter sessions with advanced options |
| Delete session with dry-run support | |
| Restart stopped sessions | |
| Clone session configuration | |
| Update session metadata | |
Labels |
| Add labels to sessions |
| Remove labels from sessions | |
| Find sessions by label | |
Bulk Ops |
| Delete multiple sessions (max 3) |
| Stop multiple sessions (max 3) | |
| Restart multiple sessions (max 3) | |
| Delete sessions by label | |
Debug |
| Get container logs |
| Get conversation history | |
| Get usage statistics | |
| Export session data | |
Cluster |
| List configured clusters |
| Check authentication status | |
| Authenticate to cluster | |
| Switch cluster context | |
| Add cluster to config | |
Workflows |
| Discover available workflows |
| Create from template |
Architecture
The server is built using:
MCP SDK: Standard MCP protocol implementation
OpenShift CLI: Underlying
occommands for ACP operationsAsync I/O: Non-blocking operations for performance
YAML Configuration: Flexible cluster management
See CLAUDE.md for complete system design.
Security
This server implements defense-in-depth security:
Input Validation: DNS-1123 format validation for all resource names
Command Injection Prevention: Secure subprocess execution (never shell=True)
Resource Exhaustion Protection: Timeouts and limits on all operations
Secure Temporary Files: Random prefixes, 0600 permissions
Path Traversal Prevention: Configuration and workflow file validation
Resource Type Whitelist: Only agenticsession, pods, event resources
Sensitive Data Filtering: Tokens/passwords removed from logs
See SECURITY.md for complete security documentation.
Development
Running Tests
Code Quality
See CLAUDE.md for contributing guidelines.
Documentation
QUICKSTART.md - Complete usage guide with examples
API_REFERENCE.md - Full API specifications for all 27 tools
CLAUDE.md - System architecture and design
SECURITY.md - Security features and best practices
CLAUDE.md - Development and contributing guide
Roadmap
Current implementation provides all planned features (19 tools). Future enhancements may include:
Rate Limiting: Per-client request limits for HTTP exposure
Audit Logging: Structured audit trail and SIEM integration
Enhanced Authentication: OAuth2/OIDC support, MFA
Network Security: mTLS for MCP transport, certificate pinning
Advanced Metrics: Cost analysis, performance tracking
See the GitHub issue tracker for planned features and community requests.
Contributing
Contributions are welcome! Please:
Fork the repository
Create a feature branch
Add tests for new functionality
Ensure all tests pass (
pytest)Ensure code quality checks pass (
make check)Submit a pull request
See CLAUDE.md for detailed guidelines.
License
MIT License - See LICENSE file for details
Support
For issues and feature requests, please use the GitHub issue tracker.
For usage questions, see:
QUICKSTART.md - Complete usage guide
API_REFERENCE.md - API specifications
SECURITY.md - Security features
Status
Code: ✅ Production-Ready Tests: ✅ All Passing (13/13 security tests) Documentation: ✅ Complete Security: ✅ Hardened with defense-in-depth Tools: ✅ 27 tools fully implemented Features: ✅ Label management, bulk operations, advanced filtering
Ready for production use 🚀