chef

This MCP server provides read-only access to Chef Server data via the MCP protocol. It exposes a suite of tools that let you list and inspect nodes, roles, users, cookbooks, data bags, environments, and organizations, as well as perform Chef searches (decoded and raw JSON). Each tool can be scoped to a specific organization with per-request organization settings, enabling smooth multi-organization workflows. To use it, deploy the server (commonly via Docker as shown) and invoke tools such as listNodes or search from your AI assistant or IDE integration. The docker-based deployment keeps the server isolated and easy to run across environments.

The available tools include: listNodes, getNode, listRoles, getRole, listUsers, getUser, search, searchJSON, getOrganization, listCookbooks, getCookbook, listDataBags, listDataBagItems, getDataBagItem, listEnvironments, and getEnvironment. When using multi-organization setups, specify the desired organization in the tool call (either via a per-request parameter or via the CHEF_DEFAULT_ORG / CHEF_ORG_ALIASES configuration). This enables AI assistants to fetch Chef data tailored to different teams or environments without changing the global configuration.

Prerequisites:

• Docker installed on the host machine
• Access credentials for the Chef Server (CHEF_USER and private key)
• Network access from the host to the Chef Server

1. Install Docker

• Windows/macOS: install Docker Desktop from https://www.docker.com/products/docker-desktop
• Linux: follow your distribution's Docker installation guide

2. Prepare environment and credentials

• Ensure you have your Chef user and private key (.pem) available locally, and note the Chef Server URL.
• Create or identify a directory that contains your local .chef configurations (if mapping a volume).

3. Run the MCP Chef server container

• Use the docker command provided in the configuration below or adapt with your environment values.

Example run command (from README configuration):

docker run --rm -i \
  --env CHEF_USER=your-username \
  --env CHEF_KEY_PATH=/chef/your-username.pem \
  --env CHEF_SERVER_URL=https://your-chef-server.com/ \
  --env CHEF_ORG_ALIASES=qa=qa1,prod=production \
  --env CHEF_DEFAULT_ORG=qa1 \
  --volume /path/to/.chef:/chef:ro \
  ghcr.io/aknarts/chef-server-mcp:latest

Notes:

• The CHEF_KEY_PATH path is interpreted inside the container; map your local .chef directory to /chef to ensure the key is accessible.
• Adjust the organization aliases and default organization as needed for your setup.

Tips and common issues:

• If you modify organization mappings (CHEF_ORG_ALIASES), ensure you pass the correct per-request organization when calling tools that support multi-org usage.
• The container runs in read-only mode for container data unless you explicitly mount volumes; ensure the /chef path is mounted with your private key for authentication.
• When using search or get operations, consider using the decoded results (search) for human readability or the raw JSON (searchJSON) for integration with downstream systems.
• If you encounter TLS/SSL certificate issues contacting the Chef Server, verify the CHEF_SERVER_URL is correct and that the network path is allowed in your environment.
• For development or testing, you can point CHEF_DEFAULT_ORG to a test organization to isolate changes from production data.