DevOps is the killer domain for MCP — the work is mostly reading heterogeneous systems and making small, careful writes. Here are the ten MCP servers that should be in every SRE’s loadout in 2026.
1. Kubernetes MCP
kubectl-grade access for agents. Inspect pods, stream logs, roll back deployments. RBAC-scoped to whatever the kubeconfig allows — use a read-only service account for day-to-day.
2. Terraform MCP
Read state, preview plans, inspect module outputs. “Why is this diff showing — did someone modify resources out-of-band?” answered in one turn.
3. AWS MCP
Cross-service triage: S3 inventory, Lambda invocations, CloudWatch log queries, RDS status. Use a read-only IAM role by default.
4. Grafana MCP
Dashboards, alerts, panel data. Ask “show me the p99 latency for the auth service in the last hour”; get a number without logging into the UI.
5. Datadog MCP
Monitors, logs, APM, incidents. Especially useful during on-call — the agent triages logs while you focus on the fix.
6. PagerDuty MCP
Incident status, on-call schedules, escalation policies. “Who is on-call for the auth service right now?” –– instant answer.
7. Argo CD MCP
GitOps deployments status. Inspect diffs between cluster and git, trigger sync, roll back — safely.
8. Cloudflare MCP
Workers, KV, R2, DNS, WAF rules. For incident response: flip a rate-limit rule without logging into the dashboard.
9. HashiCorp Vault MCP
Retrieve secrets on demand, list policies, audit leases. Especially important when an agent needs temporary credentials for a one-off task.
10. Sentry MCP
Error triage during rollouts. “Any new error signatures since the last deploy?” — agent diffs the releases and tells you.
Example: the 3 AM incident loop
With this loadout, a 3 AM page collapses to:
- Ask agent: “what changed in the last hour?” → Sentry + Datadog tell you error rate tripled for service X.
- “what deployed to X recently?” → Argo CD shows the git SHA; GitHub MCP shows the PR.
- “roll back” → Argo CD reverts.
- “confirm error rate dropped” → Datadog confirms.
Four chat turns, no dashboard hopping.
Safety notes
DevOps MCP servers have the widest blast radius. Defaults matter:
- Kubernetes — read-only by default; a write-capable instance only in a locked-down host config.
- AWS — scoped IAM, no
iam:*, no production write access. - Cloudflare / DNS — explicit approval required for every write call.
- Vault — short-lived tokens only; audit log every access.
Where to go next
- Browse all DevOps MCP servers in our directory.
- How to install MCP in Claude Desktop.
- Write your own MCP server if your internal tool does not have one yet.