Portainer MCP
AI Skill Hub 强烈推荐:Portainer MCP 是一款优质的MCP工具。AI 综合评分 8.0 分,在同类工具中表现稳健。如果你正在寻找可靠的MCP工具解决方案,这是一个值得深入了解的选择。
📚 深度解析
通过安装 Portainer MCP,你的 AI 助手将获得额外的工具调用能力,可以用自然语言直接操控该工具的功能,无需学习复杂的命令行语法。MCP 工具的核心价值在于"一次配置,永久增强"——配置完成后,每次与 AI 对话时都可以无缝调用这些工具。
在技术实现上,MCP 工具通过标准的 JSON-RPC 协议与 AI 客户端通信,工具的功能以"工具列表"的形式暴露给 AI 模型,AI 可以按需调用。Portainer MCP 提供了结构化的工具调用接口,使 AI 模型能够精确地理解和使用每个功能点,显著降低 AI 在工具使用上的错误率。
与传统的 API 集成相比,MCP 工具的优势在于无需编写代码——用户只需在配置文件中添加几行 JSON,即可让 AI 获得全新能力。AI Skill Hub 将 Portainer MCP 评为 AI 评分 8.0 分,属于同类工具中的优质选择。
📋 工具概览
Portainer MCP 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。
📖 中文文档
Portainer MCP 是一款遵循 MCP(Model Context Protocol)标准协议的 AI 工具扩展。通过 MCP 协议,它可以让 Claude、Cursor 等主流 AI 客户端直接访问和操作外部工具、数据源和服务,实现 AI 能力的无缝扩展。无论是文件操作、数据库查询还是 API 调用,都可以通过自然语言在 AI 对话中直接触发,极大提升生产效率。
- 通过标准 MCP 协议与 Claude、Cursor 等主流 AI 客户端深度集成
- 提供结构化工具调用接口,显著降低 AI 集成复杂度
- 支持 Claude Desktop 和 Claude Code 无缝接入,开箱即用
- 可与其他 MCP 工具组合叠加,构建完整 AI 工作站
- 轻量无侵入设计,不影响现有系统架构
- 在 Claude Desktop 对话中直接调用本地工具,实现 AI 与系统的深度联动
- 通过自然语言驱动复杂的多步骤自动化任务,代替繁琐手动操作
- 将多个 MCP 工具组合使用,构建个人专属 AI 工作站
# 方式一:通过 Claude Code CLI 一键安装
claude skill install https://github.com/portainer/portainer-mcp
# 方式二:手动配置 claude_desktop_config.json
{
"mcpServers": {
"portainer-mcp": {
"command": "npx",
"args": ["-y", "portainer-mcp"]
}
}
}
# 配置文件位置
# macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
# Windows: %APPDATA%/Claude/claude_desktop_config.json
- 确认已安装 Node.js(v18 或以上版本)
- 打开 Claude Desktop 或 Claude Code 的 MCP 配置文件
- 按「交给 Agent 安装 → Claude Desktop」标签中的 JSON 配置填入 mcpServers 字段
- 保存配置文件并重启 Claude 客户端
- 重启后,在对话中即可使用本工具
# 安装后在 Claude 对话中直接使用 # 示例: 用户: 请帮我用 Portainer MCP 执行以下任务... Claude: [自动调用 Portainer MCP MCP 工具处理请求] # 查看可用工具列表 # 在 Claude 中输入:"列出所有可用的 MCP 工具"
// claude_desktop_config.json 配置示例
{
"mcpServers": {
"portainer_mcp": {
"command": "npx",
"args": ["-y", "portainer-mcp"],
"env": {
// "API_KEY": "your-api-key-here"
}
}
}
}
// 保存后重启 Claude Desktop 生效
Portainer MCP
Official MCP server for Portainer, generated from the Portainer OpenAPI spec via FastMCP.
Overview
This MCP server exposes the Portainer REST API as MCP tools: list and inspect environments, manage GitOps workflows, troubleshoot Docker and Kubernetes resources. It also supports proxying requests to the underlying Docker and K8s APIs of each environment.
Match the MCP server's minor version to your Portainer instance's minor — e.g. MCP server 2.42.x with Portainer 2.42.x. See Version compatibility for details.
Restricting and expanding the MCP server capabilities
The MCP server comes with the following capabilities enabled by default: Basic Portainer operation support (settings, version, environments...) Docker operation support Kubernetes operation support Docker and Kubernetes proxy support * Redacting environment variables values (enabled by default)
For restricting or expanding this set of capabilities, see docs/profiles.md.
Getting started
The MCP server can be executed locally via uvx or as a container.
Use the first approach to explore the MCP capabilities locally and deploy it inside your infrastructure as a container for a team based deployment setup.
[!NOTE] Before using the MCP, make sure to generate an API key in Portainer under My Account → Access tokens first as both paths need it.
Team deployment (container)
The recommended way to have multiple users interacting with your Portainer instance via MCP. Deployed as a container inside your infrastructure, accessed by users from their workstations over HTTPS. A shared secret gates the MCP server and every client also forwards its own Portainer API key so that each user acts under their own Portainer identity.
[!IMPORTANT] Both the gate secret and each user Portainer API key are sent across the wire. The container deployment requires you to declare a transport posture: bring your own TLS certificates, attest a TLS-terminating reverse proxy setup or explicitly opt-in to plaintext. Plaintext is a deliberate, dangerous choice — see the three options below. It is NOT recommended to expose this MCP server on the public internet, host it inside your private infrastructure even behind a TLS proxy.
See more info below about the different deployment scenarios. For any of these scenarios: Set PORTAINER_MCP_ALLOWED_HOSTS to the hostname or IP address that users will use to reach the MCP — otherwise the DNS-rebinding allowlist 421-rejects the request. PORTAINER_MCP_AUTH_TOKEN is required in HTTP mode. It's the shared front-gate secret you distribute to your users; their MCP client sends it via the Authorization header. It only admits the request — what each user can do is governed by their own Portainer API key.
Option A - BYO certificates
[!NOTE] The server will warn if using self-signed certificates. Using a private CA cert won't warn, but in both cases you will likely need to jump through some hoops to configure the MCP clients to accept it.
Deploy the container to use your own set of TLS certificates:
`bash
TOKEN=$(openssl rand -hex 32)
docker run -d --name portainer-mcp -p 17717:17717 \
-v /etc/portainer-mcp/tls:/tls:ro \
-e PORTAINER_URL=https://portainer.example.com \
-e PORTAINER_MCP_AUTH_TOKEN="$TOKEN" \
-e PORTAINER_MCP_ALLOWED_HOSTS=mcp.example.com:17717 \
-e PORTAINER_MCP_TLS_CERT=/tls/cert.pem \
-e PORTAINER_MCP_TLS_KEY=/tls/key.pem \
portainer/portainer-mcp:2.42Then connect your client:
`bash
claude mcp add portainer --transport http https://mcp.example.com:17717/mcp \
--header "Authorization: Bearer <gate-token>" \
--header "X-Portainer-API-Key: <ptr_user_key>"Option B - TLS-terminated reverse proxy
[!NOTE] Don't publish the container port when using a reverse proxy in front of the MCP container, only the proxy should be able to reach it. Use your proxy exact IP if stable forPORTAINER_MCP_FORWARDED_ALLOW_IPS. Make sure that your proxy forwards the originalHostand theX-Forwarded-Proto: httpsheaders.
BYO proxy and set up a TLS-terminated proxy in front of the container:
`bash
TOKEN=$(openssl rand -hex 32)
docker run -d --name portainer-mcp \
-e PORTAINER_URL=https://portainer.example.com \
-e PORTAINER_MCP_AUTH_TOKEN="$TOKEN" \
-e PORTAINER_MCP_ALLOWED_HOSTS=mcp.example.com \
-e PORTAINER_MCP_TRUST_PROXY_TLS=1 \
-e PORTAINER_MCP_FORWARDED_ALLOW_IPS=172.18.0.0/16 \
portainer/portainer-mcp:2.42Then connect your client:
`bash
claude mcp add portainer --transport http https://mcp.example.com/mcp \
--header "Authorization: Bearer <gate-token>" \
--header "X-Portainer-API-Key: <ptr_user_key>"Option C - Plaintext HTTP
[!WARNING] It is NOT recommended to use this outside of a trusted private network deployment.
Use the PORTAINER_MCP_DANGEROUSLY_ALLOW_PLAINTEXT_HTTP=1 flag to start the server with HTTP only.
`bash
TOKEN=$(openssl rand -hex 32)
docker run -d --name portainer-mcp -p 17717:17717 \
-e PORTAINER_URL=https://portainer.example.com \
-e PORTAINER_MCP_AUTH_TOKEN="$TOKEN" \
-e PORTAINER_MCP_ALLOWED_HOSTS=mcp.example.com:17717 \
-e PORTAINER_MCP_DANGEROUSLY_ALLOW_PLAINTEXT_HTTP=1 \
portainer/portainer-mcp:2.42Then connect your client:
`bash
claude mcp add portainer --transport http http://mcp.example.com:17717/mcp \
--header "Authorization: Bearer <gate-token>" \
--header "X-Portainer-API-Key: <ptr_user_key>"Configuration
The MCP server exposes different capabilities such as: Enable different set of tools based on specific profile configuration Widen the API coverage by specifying extra tags to cover Expose only read-only capabilities Disable proxy capabilities Tuning the transport capabilities and configuring the TLS posture Logging configuration
For more information about the MCP server configuration, refer to docs/configuration.md.
高质量的MCP工具,易于使用
⚡ 核心功能
- 通过标准 MCP 协议与 Claude、Cursor 等主流 AI 客户端深度集成
- 提供结构化工具调用接口,显著降低 AI 集成复杂度
- 支持 Claude Desktop 和 Claude Code 无缝接入,开箱即用
- 可与其他 MCP 工具组合叠加,构建完整 AI 工作站
- 轻量无侵入设计,不影响现有系统架构
👥 适合人群
🎯 使用场景
- 在 Claude Desktop 对话中直接调用本地工具,实现 AI 与系统的深度联动
- 通过自然语言驱动复杂的多步骤自动化任务,代替繁琐手动操作
- 将多个 MCP 工具组合使用,构建个人专属 AI 工作站
⚖️ 优点与不足
- +MIT 协议,可免费商用
- +标准化 MCP 协议,生态互联性强
- +与 Claude 官方生态无缝对接
- +即插即用,配置简单快捷
- −依赖 Claude 客户端,非 Claude 用户无法使用
- −MCP 协议仍在持续演进,接口可能变更
- −需要一定的配置步骤
AI Skill Hub 为第三方内容聚合平台,本页面信息基于公开数据整理,不对工具功能和质量作任何法律背书。
建议在沙箱或测试环境中充分验证后,再部署至生产环境,并做好必要的安全评估。
✅ MIT 协议 — 最宽松的开源协议之一,可自由商用、修改、分发,仅需保留版权声明。
❓ 常见问题 FAQ
总体来看,Portainer MCP 是一款质量优秀的MCP工具,在同类工具中具备一定竞争力。AI Skill Hub 将持续追踪其更新动态,建议收藏备用,结合自身场景选择合适时机引入使用。
| 原始名称 | portainer-mcp |
| 原始描述 | 开源MCP工具:Official Portainer MCP server。⭐182 · Python |
| Topics | aicontainerizationllmmcppython |
| GitHub | https://github.com/portainer/portainer-mcp |
| License | MIT |
| 语言 | Python |
收录时间:2026-06-18 · 更新时间:2026-06-18 · License:MIT · AI Skill Hub 不对第三方内容的准确性作法律背书。