You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Instantly share code, notes, and snippets.
Brett Tofel
bentito
See https://github.com/bentitopolis for more projects.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We are implementing a NIDS (netedge) MCP toolset. We must choose a strategy for delivering and integrating our toolset into OpenShift clusters, and it'll save time and effort later if we decide now where it's going to be located and how it will get built for production.
Integrate the toolset directly into the openshift-mcp-server repository under pkg/toolsets/netedge. This repository serves as the convergence point for MCP work from multiple teams.
Presentation Proposal: MCP Dev Summit North America 2026
Title: Diagnosis with Agent Evals: Building an MCP Server for Network Troubleshooting
Session Type: 25-minute Session
Track: Security & Operations / MCP Best Practices
Abstract
Troubleshooting Kubernetes network ingress and DNS issues is notoriously complex, requiring deep domain knowledge and context hopping between multiple layers (HAProxy, CoreDNS, generic K8s resources). While LLMs promise to democratize this knowledge, giving them raw kubectl access is risky and often ineffective.
In this session, we present our journey building and rigorously validating a production-grade NetEdge MCP server. We detail how we evolved from a "Phase 0" prototype using gen-mcp to a robust Go implementation, but more importantly, we ask the hard question: Do these specialized MCP tools actually help agents solve these networking problems better?
Demo: Preflight RBAC Check in Action (OpenShift Example)
To solidify these concepts, let’s walk through a real example on OpenShift. We will attempt to install the OpenShift Pipelines Operator as a cluster extension, but we’ll initially misconfigure its RBAC to trigger the preflight checks. Then we’ll fix the permissions.
Step 1: Create a Service Account with limited RBAC. In this example, we create a service account pipelines-installer in the pipelines project, and give it a deliberately minimal ClusterRole that is missing some permissions we know the operator will need:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters