A collection of Model Context Protocol (MCP) servers that enable AI assistants to interact with HPE GreenLake platform services.
- What is the Model Context Protocol?
- What's in this Repository?
- Available MCP Servers
- Quick Start
- MCP Client Configuration
- Tool Modes
- Architecture Overview
- Security Considerations
- Troubleshooting
- Getting Help
- Resources
- License
The Model Context Protocol (MCP) is an open protocol that enables seamless integration between LLM applications and external data sources and tools. Whether you're building an AI-powered IDE, enhancing a chat interface, or creating custom AI workflows, MCP provides a standardized way to connect LLMs with the context they need.
This repository contains production-ready MCP servers for HPE GreenLake platform services. Each server provides AI assistants with secure, read-only access to specific GreenLake APIs, enabling natural language interactions with your HPE infrastructure.
- Standardized Architecture: All servers follow consistent patterns for authentication, configuration, and error handling
- OAuth2 Authentication: Secure access using HPE GreenLake workspace credentials with automatic token management
- Dual Tool Modes: Each server supports both static (individual tools per endpoint) and dynamic (meta-tools) operation modes
- Type-Safe: Built with Pydantic models for runtime validation and type safety
- Production Ready: Comprehensive logging, error handling, and Docker support
- Well Tested: Extensive unit and integration test coverage
Manage and query HPE GreenLake devices in your workspace. Filter devices by type, serial number, tags, and other properties.
Key Capabilities:
- Retrieve device lists with advanced filtering
- Get detailed device information by ID
- Query devices by tags, device type, serial number, and more
Interact with HPE GreenLake workspace management APIs. View workspace details and manage workspace-level configurations.
Key Capabilities:
- List and query workspaces
- Retrieve workspace details and configurations
- Access workspace-level settings
Access subscription information and licensing details for your HPE GreenLake services.
Key Capabilities:
- View active subscriptions
- Query subscription details and licensing
- Monitor subscription status
Query and analyze HPE GreenLake audit logs with powerful filtering capabilities.
Key Capabilities:
- Search audit logs by category, user, timestamp, and more
- Filter logs using advanced query operators (eq, contains, in)
- Retrieve detailed audit log information
- Track user activities and system events
Manage user accounts and access controls in HPE GreenLake workspaces.
Key Capabilities:
- List and query workspace users
- View user details and permissions
- Monitor user activity
- Python 3.10 or higher
- uv package manager
- HPE GreenLake workspace with API credentials
All servers require the following HPE GreenLake credentials:
export GREENLAKE_API_BASE_URL="https://global.api.greenlake.hpe.com"
export GREENLAKE_CLIENT_ID="your-client-id"
export GREENLAKE_CLIENT_SECRET="your-client-secret"
export GREENLAKE_WORKSPACE_ID="your-workspace-id"# Navigate to a server directory
cd src/audit-logs
# Install dependencies
uv sync
# Run the server
uv run python __main__.pyAdd servers to your claude_desktop_config.json:
{
"mcpServers": {
"greenlake-audit-logs": {
"command": "uv",
"args": ["run", "python", "__main__.py"],
"cwd": "/path/to/gl-mcp/src/audit-logs",
"env": {
"GREENLAKE_API_BASE_URL": "https://global.api.greenlake.hpe.com",
"GREENLAKE_CLIENT_ID": "your-client-id",
"GREENLAKE_CLIENT_SECRET": "your-client-secret",
"GREENLAKE_WORKSPACE_ID": "your-workspace-id"
}
},
"greenlake-devices": {
"command": "uv",
"args": ["run", "python", "__main__.py"],
"cwd": "/path/to/gl-mcp/src/devices",
"env": {
"GREENLAKE_API_BASE_URL": "https://global.api.greenlake.hpe.com",
"GREENLAKE_CLIENT_ID": "your-client-id",
"GREENLAKE_CLIENT_SECRET": "your-client-secret",
"GREENLAKE_WORKSPACE_ID": "your-workspace-id"
}
}
}
}These servers use the standard stdio transport and work with any MCP-compatible client. See individual server READMEs for specific configuration examples.
All servers support two operation modes that can be switched at runtime using the MCP_TOOL_MODE environment variable:
- Individual tools: Each API endpoint becomes a dedicated MCP tool
- Type-safe: Explicit tool definitions with compile-time validation
- Discoverable: Tools appear individually in MCP client interfaces
- Best for: Smaller APIs and focused workflows
export MCP_TOOL_MODE=static- Meta-tools: 3 generic tools that can handle any API endpoint
list_endpoints- Discover available API endpointsget_endpoint_schema- Get detailed schema informationinvoke_dynamic_tool- Execute API calls with runtime validation
- Memory efficient: Lower overhead for large APIs
- Best for: Large APIs with many endpoints
export MCP_TOOL_MODE=dynamic| Python Version | Status | Notes |
|---|---|---|
| 3.12 | ✅ Supported | Recommended |
| 3.11 | ✅ Supported | Recommended |
| 3.10 | ✅ Supported | Minimum version |
flowchart TB
subgraph clients["<b> MCP Clients </b>"]
direction TB
claude["Claude Desktop"]
vscode["VS Code"]
other["..."]
end
subgraph servers["<b> MCP Servers </b>"]
direction TB
audit["Audit Logs"]
devices["Devices"]
users["Users"]
workspaces["Workspaces"]
subscriptions["Subscriptions"]
serviceX["..."]
subgraph shared["<i> Shared Components </i>"]
direction LR
oauth["OAuth2 Token Manager<br/>(with caching)"]
end
end
subgraph platform["<b> HPE GreenLake Platform </b>"]
direction TB
api["APIs"]
end
clients ==>|JSON-RPC/stdio| servers
servers ==>|HTTPS/REST + OAuth2| platform
classDef clientStyle fill:#2196F3,stroke:none,color:#fff,rx:10,ry:10
classDef serverStyle fill:#4CAF50,stroke:none,color:#fff,rx:10,ry:10
classDef authStyle fill:#FF9800,stroke:none,color:#fff,rx:10,ry:10
classDef platformStyle fill:#01a982,stroke:none,color:#fff,rx:10,ry:10
classDef clientContainerStyle fill:none,stroke:#2196F3,stroke-width:3px,rx:15,ry:15
classDef serverContainerStyle fill:none,stroke:#4CAF50,stroke-width:3px,rx:15,ry:15
classDef authContainerStyle fill:none,stroke:#FF9800,stroke-width:2px,stroke-dasharray:5 5,rx:10,ry:10
classDef platformContainerStyle fill:none,stroke:#01a982,stroke-width:3px,rx:15,ry:15
class claude,vscode,other clientStyle
class audit,devices,users,workspaces,subscriptions,serviceX serverStyle
class oauth authStyle
class api platformStyle
class clients clientContainerStyle
class servers serverContainerStyle
class shared authContainerStyle
class platform platformContainerStyle
- Client Request: MCP client sends tool invocation via JSON-RPC over stdio
- Authentication: Server authenticates with HPE GreenLake using OAuth2 (tokens cached and auto-refreshed)
- API Call: Server makes authenticated HTTPS request to GreenLake API
- Response: Server processes response and returns data to client via MCP protocol
All servers share a common architecture:
server/
├── __main__.py # Entry point
├── auth/ # OAuth2 authentication
├── config/ # Settings and logging
├── models/ # Pydantic data models
├── server/ # MCP server core
├── tools/ # Tool implementations
│ ├── base.py # Base tool class
│ ├── registry.py # Tool registration
│ └── implementations/ # Tool implementations
├── utils/ # HTTP client and utilities
└── tests/ # Unit and integration tests
All servers use OAuth2 client credentials flow with automatic token management:
- Tokens are cached and automatically refreshed
- Thread-safe token management
- Configurable retry logic with exponential backoff
Servers use structured logging with MCP protocol compliance:
- stderr: Diagnostic logs (controlled by
GREENLAKE_LOG_LEVEL) - File logging: Optional detailed logging to
~/.hpe/mcp-logs/ - stdout: Reserved for JSON-RPC messages only
- Read-Only Access: All servers provide read-only API access by design
- Credential Management: Never commit credentials to version control
- Token Security: OAuth2 tokens are cached in memory only
- Workspace Isolation: Operations are scoped to the configured workspace
- HTTPS Only: All API communications use TLS encryption
Server won't start:
- Verify all required environment variables are set
- Check that
uvis installed and dependencies are synced - Review stderr output for configuration errors
Authentication failures:
- Verify client credentials are valid for your workspace
- Ensure
GREENLAKE_WORKSPACE_IDmatches your credential scope - Check network connectivity to GreenLake APIs
MCP client connection issues:
- Verify the
cwdpath in client configuration is correct - Check that the server starts successfully when run manually
- Review client logs for specific error messages
Enable detailed logging for troubleshooting:
export GREENLAKE_LOG_LEVEL=DEBUG
export GREENLAKE_FILE_LOGGING=trueLog files are written to: ~/.hpe/mcp-logs/{service-name}/
The primary support channel for this project is GitHub Issues. When reporting an issue, please include:
- Environment details: OS, Python version,
uvversion - Server name: Which MCP server you're using (audit-logs, devices, etc.)
- Error messages: Complete error output with stack traces
- Configuration: Relevant environment variable settings (DO NOT include credentials)
- Steps to reproduce: Detailed description of how to reproduce the issue
- Check existing issues: Search open and closed issues
- Review troubleshooting: Check the Troubleshooting section above
- Enable debug logging: Run with
GREENLAKE_LOG_LEVEL=DEBUGandGREENLAKE_FILE_LOGGING=trueto gather detailed logs - Test authentication: Verify your credentials work with the GreenLake APIs directly
- Bug Report: For unexpected behavior, errors, or crashes
- Feature Request: For suggesting new capabilities or improvements
- Question: For clarification on usage, configuration, or architecture
- Documentation: For reporting documentation issues or suggesting improvements
This project is licensed under the Apache 2.0 - see the LICENSE file for details.
