Kubeconfig mount path doesn't match container user (appuser vs root) #243
Description
Hey,
I was trying to get the Kubernetes MCP server working with Docker MCP Gateway on Windows, and ran into a permission issue that took me a while to track down.
What's happening
The kubeconfig file gets mounted to /root/.kube/config, but the container actually runs as appuser (uid 1001), not root. So when the server tries to read the config, it gets "Permission denied".
Quick proof
# The container runs as appuser
$ docker run --rm mcp/kubernetes id
uid=1001(appuser) gid=1001(appuser)
# Mounting to /root fails
$ docker run --rm -v "$HOME/.kube/config:/root/.kube/config" mcp/kubernetes cat /root/.kube/config
cat: /root/.kube/config: Permission denied
# But mounting to /home/appuser works perfectly
$ docker run --rm -v "$HOME/.kube/config:/home/appuser/.kube/config" mcp/kubernetes kubectl get nodes
NAME STATUS ROLES AGE VERSION
k3s-01 Ready <none> 9d v1.26.10+k3s2
k3s-02 Ready <none> 9d v1.26.10+k3s2
... (all nodes work fine)My setup
- Windows 11
- Docker Desktop 29.1.2
- Docker MCP v0.28.0
- K3S cluster (5 nodes, works great with local kubectl)
Update
After investigating further, I found that the correct mount path (/home/appuser/.kube/config) is already documented in ADVANCED_README.md. The issue is actually in Docker MCP Gateway, which appears to be mounting to the wrong path.
This issue should be reported to the Docker MCP Gateway team instead.