OceanBase MCP Server
A Model Context Protocol (MCP) server that enables secure interaction with OceanBase databases.
This server allows AI assistants to list tables, read data, and execute SQL queries through a controlled interface, making database exploration and analysis safer and more structured.
Features
- List available OceanBase tables as resources
- Read table contents
- Execute SQL queries with proper error handling
- Secure database access through environment variables
- Comprehensive logging
Installation
pip install oceanbase-mcp-server
Configuration
Set the following environment variables:
OB_HOST=localhost # Database host
OB_PORT=2881 # Optional: Database port (defaults to 2881 if not specified)
OB_USER=your_username
OB_PASSWORD=your_password
OB_DATABASE=your_database
Usage
With Claude Desktop
Add this to your claude_desktop_config.json:
{
"mcpServers": {
"oceanbase": {
"command": "uv",
"args": [
"--directory",
"path/to/oceanbase_mcp_server",
"run",
"oceanbase_mcp_server"
],
"env": {
"OB_HOST": "localhost",
"OB_PORT": "2881",
"OB_USER": "your_username",
"OB_PASSWORD": "your_password",
"OB_DATABASE": "your_database"
}
}
}
}
As a standalone server
# Install dependencies
pip install -r requirements.txt
# Run the server
python -m oceanbase_mcp_server
Development
# Clone the repository
git clone https://github.com/yourusername/oceanbase_mcp_server.git
cd oceanbase_mcp_server
# Create virtual environment
python -m venv venv
source venv/bin/activate # or `venv\Scripts\activate` on Windows
# Install development dependencies
pip install -r requirements-dev.txt
# Run tests
pytest
Security Considerations
- Never commit environment variables or credentials
- Use a database user with minimal required permissions
- Consider implementing query whitelisting for production use
- Monitor and log all database operations
Security Best Practices
This MCP server requires database access to function. For security:
- Create a dedicated OceanBase user with minimal permissions
- Never use root credentials or administrative accounts
- Restrict database access to only necessary operations
- Enable logging for audit purposes
- Regular security reviews of database access
See OceanBase Security Configuration Guide for detailed instructions on:
- Creating a restricted OceanBase user
- Setting appropriate permissions
- Monitoring database access
- Security best practices
⚠️ IMPORTANT: Always follow the principle of least privilege when configuring database access.
License
Apache License - see LICENSE file for details.
Contributing
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request