# TeleMcp

Telemetry + MCP bridge that auto-deploys on a Linux-based Kubernetes host via **Ansible + Helm**.
It exposes read-only metrics, logs, and k8s object state through an **MCP server** so an LLM agent can bootstrap, monitor, and operate the host.

## Components
- **kube-prometheus-stack** (Prometheus, Alertmanager, Grafana, node-exporter, kube-state-metrics)
- **Loki + Promtail** (logs)
- **OpenTelemetry Collector** (optional fan-out)
- **mcp-telemetry-bridge** (FastAPI service exposing MCP resources/tools/prompts)

## Quick Start

### 0) Prereqs
- Ubuntu 24.04 host with k8s (k3s or kubeadm) reachable and `kubectl` context configured
- Ansible 2.15+ on your control machine
- Helm 3 on the host (Ansible role installs if missing)

### 1) Run Ansible
```bash
cd ansible
ansible-playbook -i inventories/local.ini playbook.yml
```

### 2) Smoke tests (from any machine with kubectl context)
```bash
kubectl get pods -n monitoring
kubectl get pods -n logging
kubectl get pods -n mcp
kubectl port-forward -n mcp svc/mcp-telemetry-bridge 8080:80
curl http://localhost:8080/mcp/schema | jq .
```

### 3) Point your LLM Agent
Configure your agent's MCP client to the service endpoint (ClusterIP/Ingress).
Use tools:
- `promql.query`
- `loki.query`
- `k8s.get`
- `k8s.events`
- `inventory.snapshot`

## Repo layout
```
telemcp/
  ansible/
  helm/
  mcp-telemetry-bridge/
  environments/
```

## Security
- MCP bridge ServiceAccount is read-only (RBAC get/list/watch)
- Optional NetworkPolicy limits egress/ingress
- Consider mTLS/OIDC if exposing outside the cluster