{"id":31055437,"url":"https://github.com/knuckles-team/container-manager-mcp","last_synced_at":"2026-06-01T01:04:34.469Z","repository":{"id":314003365,"uuid":"1053759173","full_name":"Knuckles-Team/container-manager-mcp","owner":"Knuckles-Team","description":"Manage containers on docker, podman, compose, and docker swarm through an MCP Server for Agentic AI","archived":false,"fork":false,"pushed_at":"2026-03-25T05:55:41.000Z","size":394,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-26T10:37:57.315Z","etag":null,"topics":["a2a","a2a-server","ag-ui","agentic-ai","ai","compose","container","docker","dockers-compose","dockerswarm","mcp-server","podman","podman-compose","python","swarm"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Knuckles-Team.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-09-09T22:25:57.000Z","updated_at":"2026-03-25T05:55:16.000Z","dependencies_parsed_at":"2026-02-18T06:02:10.788Z","dependency_job_id":null,"html_url":"https://github.com/Knuckles-Team/container-manager-mcp","commit_stats":null,"previous_names":["knuckles-team/container-manager-mcp"],"tags_count":81,"template":false,"template_full_name":null,"purl":"pkg:github/Knuckles-Team/container-manager-mcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Knuckles-Team%2Fcontainer-manager-mcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Knuckles-Team%2Fcontainer-manager-mcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Knuckles-Team%2Fcontainer-manager-mcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Knuckles-Team%2Fcontainer-manager-mcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Knuckles-Team","download_url":"https://codeload.github.com/Knuckles-Team/container-manager-mcp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Knuckles-Team%2Fcontainer-manager-mcp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31291132,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T13:12:26.723Z","status":"ssl_error","status_checked_at":"2026-04-01T13:12:25.102Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["a2a","a2a-server","ag-ui","agentic-ai","ai","compose","container","docker","dockers-compose","dockerswarm","mcp-server","podman","podman-compose","python","swarm"],"created_at":"2025-09-15T04:48:16.245Z","updated_at":"2026-06-01T01:04:34.454Z","avatar_url":"https://github.com/Knuckles-Team.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Container Manager Mcp\n## CLI or API | MCP | Agent\n\n![PyPI - Version](https://img.shields.io/pypi/v/container-manager-mcp)\n![MCP Server](https://badge.mcpx.dev?type=server 'MCP Server')\n![PyPI - Downloads](https://img.shields.io/pypi/dd/container-manager-mcp)\n![GitHub Repo stars](https://img.shields.io/github/stars/Knuckles-Team/container-manager-mcp)\n![GitHub forks](https://img.shields.io/github/forks/Knuckles-Team/container-manager-mcp)\n![GitHub contributors](https://img.shields.io/github/contributors/Knuckles-Team/container-manager-mcp)\n![PyPI - License](https://img.shields.io/pypi/l/container-manager-mcp)\n![GitHub](https://img.shields.io/github/license/Knuckles-Team/container-manager-mcp)\n![GitHub last commit (by committer)](https://img.shields.io/github/last-commit/Knuckles-Team/container-manager-mcp)\n![GitHub pull requests](https://img.shields.io/github/issues-pr/Knuckles-Team/container-manager-mcp)\n![GitHub closed pull requests](https://img.shields.io/github/issues-pr-closed/Knuckles-Team/container-manager-mcp)\n![GitHub issues](https://img.shields.io/github/issues/Knuckles-Team/container-manager-mcp)\n![GitHub top language](https://img.shields.io/github/languages/top/Knuckles-Team/container-manager-mcp)\n![GitHub language count](https://img.shields.io/github/languages/count/Knuckles-Team/container-manager-mcp)\n![GitHub repo size](https://img.shields.io/github/repo-size/Knuckles-Team/container-manager-mcp)\n![GitHub repo file count (file type)](https://img.shields.io/github/directory-file-count/Knuckles-Team/container-manager-mcp)\n![PyPI - Wheel](https://img.shields.io/pypi/wheel/container-manager-mcp)\n![PyPI - Implementation](https://img.shields.io/pypi/implementation/container-manager-mcp)\n\n*Version: 1.35.0*\n\n---\n\n## Overview\n\n**Container Manager Mcp** is a production-grade Agent and Model Context Protocol (MCP) server designed to interface directly with Container Manager - manage Docker, Docker Swarm, and Podman containers. MCP+A2A Servers Out of the Box!.\n\n---\n\n## Key Features\n\n- **Consolidated Action-Routed MCP Tools:** Minimizes token overhead and eliminates tool bloat in LLM contexts by grouping methods into optimized, togglable tool modules.\n- **Enterprise-Grade Security:** Comprehensive support for Eunomia policies, OIDC token delegation, and granular execution context tracking.\n- **Integrated Graph Agent:** Built-in Pydantic AI agent supporting the Agent Control Protocol (ACP) and standard Web interfaces (AG-UI).\n- **Native Telemetry \u0026 Tracing:** Out-of-the-box OpenTelemetry exports and native Langfuse tracing.\n\n---\n\n## Multi-Host \u0026 Zero-Script Remote Docker Orchestration\n\n`container-manager-mcp` allows a single master instance of the MCP server on your controller to route container and volume operations securely to remote hosts over SSH standard tunneling.\n\n- **Unified Inventory**: Connection endpoints are loaded dynamically from XDG `~/.config/agent_utilities/inventory.yaml`.\n- **Zero TCP Socket Exposure**: Operations route directly over the standard SSH channel securely, removing the need to expose Docker socket TCP ports.\n\nTo configure and utilize the multi-host remote routing, see the detailed [Multi-Host Architecture Guide](docs/multi_host.md).\n\n---\n\n## CLI or API\n\nThis agent wraps the Container Manager - manage Docker, Docker Swarm, and Podman containers. MCP+A2A Servers Out of the Box! API. You can interact with it programmatically or via its integrated execution entrypoints.\n\nDetailed instructions on how to use the underlying API wrappers, extended schema bindings, and developer SDK references are maintained in [docs/index.md](docs/index.md).\n\n---\n\n## MCP\n\nThis server utilizes dynamic Action-Routed tools to optimize token overhead and maximize IDE compatibility.\n\n### Available MCP Tools\n| Tool Module | Toggle Env Var | Enabled by Default | Description \u0026 Nested Methods |\n|-------------|----------------|--------------------|------------------------------|\n| **Info** | `INFO_TOOL` | `True` | Manage container manager info operations. Action-routed methods: `get_info`, `get_version`. |\n| **Image** | `IMAGE_TOOL` | `True` | Manage container images. Action-routed methods: `list_images`, `prune_images`, `pull_image`, `remove_image`. |\n| **Container** | `CONTAINER_TOOL` | `True` | Manage container operations. Action-routed methods: `exec_in_container`, `get_container_logs`, `list_containers`, `prune_containers`, `remove_container`, `stop_container`. |\n| **Volume** | `VOLUME_TOOL` | `True` | Manage volume operations. Action-routed methods: `create_volume`, `list_volumes`, `prune_volumes`, `remove_volume`. |\n| **Network** | `NETWORK_TOOL` | `True` | Manage network operations. Action-routed methods: `create_network`, `list_networks`, `prune_networks`, `remove_network`. |\n| **Swarm** | `SWARM_TOOL` | `True` | Manage swarm operations. Action-routed methods: `create_service`, `init_swarm`, `leave_swarm`, `list_nodes`, `list_services`, `remove_service`. |\n| **System** | `SYSTEM_TOOL` | `True` | Manage container manager system operations. Action-routed methods: `get_info`, `get_version`, `prune_system`. |\n| **Compose** | `COMPOSE_TOOL` | `True` | Manage docker-compose or podman-compose operations. Action-routed methods: `down`, `logs`, `ps`, `up`. |\n| **Misc** | `MISC_TOOL` | `True` | Manage container manager mcp misc operations. |\n\nDetailed tool schemas, parameter shapes, and validation constraints are preserved in [docs/mcp.md](docs/mcp.md).\n\n### Dynamic Tool Selection \u0026 Visibility\n\nThis MCP server supports dynamic toolset selection and visibility filtering at runtime. This allows you to restrict the set of exposed tools in order to prevent blowing up the LLM's context window.\n\nYou can configure tool filtering via multiple input channels:\n\n- **CLI Arguments:** Pass `--tools` or `--toolsets` (or their disabled counterparts `--disabled-tools` and `--disabled-toolsets`) during startup.\n- **Environment Variables:** Define standard environment variables:\n  - `MCP_ENABLED_TOOLS` / `MCP_DISABLED_TOOLS`\n  - `MCP_ENABLED_TAGS` / `MCP_DISABLED_TAGS`\n- **HTTP SSE Request Headers:** Pass custom headers during transport initialization:\n  - `x-mcp-enabled-tools` / `x-mcp-disabled-tools`\n  - `x-mcp-enabled-tags` / `x-mcp-disabled-tags`\n- **HTTP SSE Request Query Parameters:** Append query parameters directly to your transport connection URL:\n  - `?tools=tool1,tool2`\n  - `?tags=tag1`\n\nWhen query strings or parameters are supplied, an LLM-free **Knowledge Graph resolution layer** (using `DynamicToolOrchestrator`) matches query intents against known tool tags, names, or descriptions, with safe fallback and automated 24-hour background cache refreshing.\n\n---\n\n### MCP Configuration Examples\n\n#### stdio Transport (Recommended for local IDEs e.g., Cursor, Claude Desktop)\nConfigure your IDE's `mcp.json` to launch the MCP server via `uvx`:\n\n```json\n{\n  \"mcpServers\": {\n    \"container-manager-mcp\": {\n      \"command\": \"uvx\",\n      \"args\": [\n        \"--from\",\n        \"container-manager-mcp\",\n        \"container-manager-mcp\"\n      ],\n      \"env\": {\n        \"SYSTEM_TOOLS_ENABLE\": \"your_system_tools_enable_here\",\n        \"SYSTEMS_MANAGER_ENABLE\": \"your_systems_manager_enable_here\",\n        \"WEBSITE_BUILDER_ENABLE\": \"your_website_builder_enable_here\",\n        \"WEB_ARTIFACTS_ENABLE\": \"your_web_artifacts_enable_here\",\n        \"SECURITY_TOOLS_ENABLE\": \"your_security_tools_enable_here\",\n        \"DEVELOPER_UTILITIES_ENABLE\": \"your_developer_utilities_enable_here\",\n        \"BROWSER_TOOLS_ENABLE\": \"your_browser_tools_enable_here\"\n      }\n    }\n  }\n}\n```\n\n#### Streamable-HTTP Transport (Recommended for production deployments)\nConfigure your client's `mcp.json` to launch the Streamable-HTTP server via `uvx` with explicit host and port definition:\n\n```json\n{\n  \"mcpServers\": {\n    \"container-manager-mcp\": {\n      \"command\": \"uvx\",\n      \"args\": [\n        \"--from\",\n        \"container-manager-mcp\",\n        \"container-manager-mcp\"\n      ],\n      \"env\": {\n        \"TRANSPORT\": \"streamable-http\",\n        \"HOST\": \"0.0.0.0\",\n        \"PORT\": \"8000\",\n        \"SYSTEM_TOOLS_ENABLE\": \"your_system_tools_enable_here\",\n        \"SYSTEMS_MANAGER_ENABLE\": \"your_systems_manager_enable_here\",\n        \"WEBSITE_BUILDER_ENABLE\": \"your_website_builder_enable_here\",\n        \"WEB_ARTIFACTS_ENABLE\": \"your_web_artifacts_enable_here\",\n        \"SECURITY_TOOLS_ENABLE\": \"your_security_tools_enable_here\",\n        \"DEVELOPER_UTILITIES_ENABLE\": \"your_developer_utilities_enable_here\",\n        \"BROWSER_TOOLS_ENABLE\": \"your_browser_tools_enable_here\"\n      }\n    }\n  }\n}\n```\n\nAlternatively, connect to a pre-deployed remote or local Streamable-HTTP instance:\n\n```json\n{\n  \"mcpServers\": {\n    \"container-manager-mcp\": {\n      \"url\": \"http://localhost:8000/container-manager-mcp/mcp\"\n    }\n  }\n}\n```\n\nDeploying the Streamable-HTTP server via Docker:\n\n```bash\ndocker run -d \\\n  --name container-manager-mcp-mcp \\\n  -p 8000:8000 \\\n  -e TRANSPORT=streamable-http \\\n  -e PORT=8000 \\\n  -e SYSTEM_TOOLS_ENABLE=\"your_value\" \\\n  -e SYSTEMS_MANAGER_ENABLE=\"your_value\" \\\n  -e WEBSITE_BUILDER_ENABLE=\"your_value\" \\\n  -e WEB_ARTIFACTS_ENABLE=\"your_value\" \\\n  -e SECURITY_TOOLS_ENABLE=\"your_value\" \\\n  -e DEVELOPER_UTILITIES_ENABLE=\"your_value\" \\\n  -e BROWSER_TOOLS_ENABLE=\"your_value\" \\\n  knucklessg1/container-manager-mcp:latest\n```\n\n---\n\n## Agent\n\nThis repository features a fully integrated Pydantic AI Graph Agent. It communicates over the **Agent Control Protocol (ACP)** and interacts seamlessly with the **Agent Web UI (AG-UI)** and Terminal interface.\n\n### Running the Agent CLI\nTo start the interactive command-line agent:\n\n```bash\n# Set credentials\nexport SYSTEM_TOOLS_ENABLE=\"your_value\"\nexport SYSTEMS_MANAGER_ENABLE=\"your_value\"\nexport WEBSITE_BUILDER_ENABLE=\"your_value\"\nexport WEB_ARTIFACTS_ENABLE=\"your_value\"\nexport SECURITY_TOOLS_ENABLE=\"your_value\"\nexport DEVELOPER_UTILITIES_ENABLE=\"your_value\"\nexport BROWSER_TOOLS_ENABLE=\"your_value\"\n\n# Run the agent server\ncontainer-manager-agent --provider openai --model-id gpt-4o\n```\n\n### Docker Compose Orchestration\nThe following `docker/agent.compose.yml` configures the Agent, Web UI, and Terminal Interface together:\n\n```yaml\nversion: '3.8'\n\nservices:\n  container-manager-mcp-mcp:\n    image: knucklessg1/container-manager-mcp:latest\n    container_name: container-manager-mcp-mcp\n    hostname: container-manager-mcp-mcp\n    restart: always\n    env_file:\n      - ../.env\n    environment:\n      - PYTHONUNBUFFERED=1\n      - HOST=0.0.0.0\n      - PORT=8000\n      - TRANSPORT=streamable-http\n    ports:\n      - \"8000:8000\"\n    healthcheck:\n      test: [\"CMD\", \"python3\", \"-c\", \"import urllib.request; urllib.request.urlopen('http://localhost:8000/health')\"]\n      interval: 30s\n      timeout: 10s\n      retries: 3\n      start_period: 10s\n    logging:\n      driver: json-file\n      options:\n        max-size: \"10m\"\n        max-file: \"3\"\n\n  container-manager-mcp-agent:\n    image: knucklessg1/container-manager-mcp:latest\n    container_name: container-manager-mcp-agent\n    hostname: container-manager-mcp-agent\n    restart: always\n    depends_on:\n      - container-manager-mcp-mcp\n    env_file:\n      - ../.env\n    command: [ \"container-manager-agent\" ]\n    environment:\n      - PYTHONUNBUFFERED=1\n      - HOST=0.0.0.0\n      - PORT=9019\n      - MCP_URL=http://container-manager-mcp-mcp:8000/mcp\n      - PROVIDER=${PROVIDER:-openai}\n      - MODEL_ID=${MODEL_ID:-gpt-4o}\n      - ENABLE_WEB_UI=True\n      - ENABLE_OTEL=True\n    ports:\n      - \"9019:9019\"\n    healthcheck:\n      test: [\"CMD\", \"python3\", \"-c\", \"import urllib.request; urllib.request.urlopen('http://localhost:9019/health')\"]\n      interval: 30s\n      timeout: 10s\n      retries: 3\n      start_period: 10s\n    logging:\n      driver: json-file\n      options:\n        max-size: \"10m\"\n        max-file: \"3\"\n\n```\n\nDetailed graph node architecture explanations, custom skill configurations, and agentic trace guides are available in [docs/agent.md](docs/agent.md).\n\n---\n\n## Security \u0026 Governance\n\nBuilt directly upon the enterprise-ready [`agent-utilities`](https://github.com/Knuckles-Team/agent-utilities) core, standard security parameters are fully supported:\n\n### Access Control \u0026 Policy Enforcement\n- **Eunomia Policies:** Fine-grained, policy-driven tool authorization. Supports `none`, local `embedded` (`mcp_policies.json`), or centralized `remote` modes.\n- **OIDC Token Delegation:** Compliant with RFC 8693 token exchange for flowing authenticating user credentials from Web UI / ACP → Agent → MCP.\n- **Scoped Credentials:** Execution context runs restricted to the specific caller identity.\n\n### Runtime Security Grid\n| Feature | Functionality | Enablement |\n|---------|---------------|------------|\n| **Tool Guard** | Sensitivity inspection with human-in-the-loop validation | Enabled by default |\n| **Prompt Injection Defense** | Input scanning, repetition monitoring, and recursive loop blocks | Enabled by default |\n| **Context Safety Guard** | Stuck-loop detectors and contextual overflow preemptive alerts | Enabled by default |\n\n---\n\n## Installation\n\nInstall the Python package locally:\n\n```bash\n# Using uv (highly recommended)\nuv pip install container-manager-mcp[all]\n\n# Using standard pip\npython -m pip install container-manager-mcp[all]\n```\n\n---\n\n## Repository Owners\n\n\u003cimg width=\"100%\" height=\"180em\" src=\"https://github-readme-stats.vercel.app/api?username=Knucklessg1\u0026show_icons=true\u0026hide_border=true\u0026\u0026count_private=true\u0026include_all_commits=true\" /\u003e\n\n![GitHub followers](https://img.shields.io/github/followers/Knucklessg1)\n![GitHub User's stars](https://img.shields.io/github/stars/Knucklessg1)\n\n---\n\n## Contribute\n\nContributions are welcome! Please ensure code quality by executing local checks before submitting pull requests:\n- Format code using `ruff format .`\n- Lint code using `ruff check .`\n- Validate type-safety with `mypy .`\n- Execute test suites using `pytest`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fknuckles-team%2Fcontainer-manager-mcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fknuckles-team%2Fcontainer-manager-mcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fknuckles-team%2Fcontainer-manager-mcp/lists"}