Nutanix AIops
Governed AI-ops for Nutanix Prism Central (v4 REST API) — clusters, hosts, VMs (AHV + ESXi), storage, network, catalog, data protection / DR, alerts, LCM upgrades, and capacity.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Nutanix AIopslist all VMs in Prism Central"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Nutanix AIops (preview)
Disclaimer: Community-maintained open-source project. Not affiliated with, endorsed by, or sponsored by Nutanix. Product and trademark names belong to their owners. MIT licensed.
Governed AI-ops for Nutanix Prism Central (v4 REST API) — clusters, hosts,
VMs (AHV + ESXi), storage, network, catalog, data protection / DR, alerts, LCM
upgrades, and capacity — with a built-in governance harness: unified audit
log, policy engine, token/runaway budget guard, undo-token recording, and
graduated-autonomy risk tiers. Connects to Prism Central on HTTPS :9440 with
HTTP Basic auth (username + encrypted password). Self-contained: no dependencies
beyond httpx and the MCP SDK. Preview — mock-validated only, not yet verified
against a live Prism Central.
Why this over a read-only Nutanix MCP
Automatic ETag / If-Match on every mutation. The v4 API rejects an update or delete without the entity's current ETag — the classic footgun. This tool fetches and sends
If-Matchfor you.Automatic pagination — list tools return the full set, not just page one.
Mixed-hypervisor VM listing —
vm_listreturns both AHV and ESXi guests under the same Prism Central (built for hypervisor-migration estates).Governance harness — audit / token+call budget / risk-tier approval / undo-token / prompt-injection sanitize, with dry-run + double-confirm on destructive writes.
Related MCP server: nutanix-mcp
Capability matrix (47 MCP tools)
Group | Tools | Count | R/W |
Clusters |
| 4 | 4 read |
VMs |
| 11 | 2 read · 9 write |
Storage |
| 4 | 1 read · 3 write |
Network |
| 4 | 2 read · 2 write |
Catalog |
| 5 | 2 read · 3 write |
Data protection / DR |
| 8 | 3 read · 5 write |
Alerts |
| 6 | 4 read · 2 write |
LCM (upgrades) |
| 3 | 1 read · 2 write |
Capacity |
| 2 | 2 read |
Total | 47 | 21 read · 26 write |
analyze_alert is the flagship read: it correlates an alert with its related
events into a probable-cause + suggested-actions summary. High-risk writes
(vm_delete, vm_migrate, storage_container_delete, subnet_delete,
snapshot_delete, snapshot_restore, pd_failover, image_delete,
lcm_update) support dry_run and, at the CLI, double confirmation.
Install
uv tool install nutanix-aiops # or: pipx install nutanix-aiopsQuick start
nutanix-aiops init # wizard: PC host / port 9440 / username / verify_ssl + encrypted password
nutanix-aiops doctor # config, secrets, connectivity + REST-RBAC preflight
nutanix-aiops overview # one-shot estate summary
nutanix-aiops vm list # AHV + ESXi VMsRun as an MCP server (stdio):
export NUTANIX_AIOPS_MASTER_PASSWORD=... # unlock the encrypted secret store non-interactively
nutanix-aiops mcpCLI
nutanix-aiops (Typer): init, overview, doctor, mcp; cluster list/health/hosts/util; vm list/get/power/delete/migrate (delete & migrate
take --dry-run + double confirm); secret set/list/rm/migrate/rotate-password.
The CLI is a convenience subset — the full 47-tool surface is via the MCP server.
Governance
Every MCP tool passes through the bundled @governed_tool harness:
Audit — every call (params, result, status, duration, risk tier, approver, rationale) is logged to
~/.nutanix-aiops/audit.db(relocatable viaNUTANIX_AIOPS_HOME).Budget / runaway guard — token and call budgets trip a circuit breaker.
Risk tiers — graduated autonomy; high-risk ops can require a named approver (
NUTANIX_AUDIT_APPROVED_BY/NUTANIX_AUDIT_RATIONALE).Undo recording — reversible writes record an inverse descriptor (
vm_update→ prior CPU/memory,vm_migrate→ prior host).
Credentials
The Prism Central password is stored encrypted in
~/.nutanix-aiops/secrets.enc (Fernet + scrypt) — never plaintext on disk.
Unlock with a master password from NUTANIX_AIOPS_MASTER_PASSWORD (MCP/CI) or an
interactive prompt (CLI). The non-secret connection details (host, port,
username, verify_ssl) live in ~/.nutanix-aiops/config.yaml. A legacy plaintext
env var NUTANIX_<TARGET>_PASSWORD is honoured as a fallback.
Gotcha: the Prism Central account needs REST API rights, not just Web UI access.
doctor's REST-RBAC preflight catches this early.
Supported scope & limitations
Preview / mock-only. All behaviour is validated against mocked v4 REST responses; it has not been run against a live Prism Central. The fastest live check is
nutanix-aiops doctor.Self-testable free on Nutanix Community Edition (CE): a single-node CE cluster + an X-Small Prism Central VM.
Least-verified paths: LCM update (
lcm_update), protection-domain failover (pd_failover), and ESXi-VM listing in particular need live validation.Out of scope this release: IAM / users / roles, Files / Objects / Volumes services, reports, X-Play playbooks, and anything outside Prism Central v4.
Missing a capability?
Missing a tool, an API dialect, or a workflow? Open an issue or PR — feedback and contributions are welcome.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/AIops-tools/Nutanix-AIops'
If you have feedback or need assistance with the MCP directory API, please join our Discord server