mcp-apache-spark-history-server/config.yaml at main · kubeflow/mcp-apache-spark-history-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# WARNING: Do not commit your sensitive credentials
servers:
  local:
    default: true  # if server name is not provided in tool calls, this Spark History Server is used
    url: "http://localhost:18080"
    # Optional authentication (can also use environment variables).
    # auth:
    #   username: ${SHS_SERVERS_LOCAL_AUTH_USERNAME}
    #   password: ${SHS_SERVERS_LOCAL_AUTH_PASSWORD}
    #   token: ${SHS_SPARK_TOKEN}

  # Production server example
  # production:
  #   url: "https://spark-history.company.com:18080"
  #   verify_ssl: true
  #   auth:
      # Use environment variables for production
      # username: ${SHS_SERVERS_PRODUCTION_AUTH_USERNAME}
      # password: ${SHS_SERVERS_PRODUCTION_AUTH_PASSWORD}
      # token: ${SHS_SPARK_TOKEN}

  # Staging server example
  # staging:
  #   url: "https://staging-spark-history.company.com:18080"
  #   verify_ssl: true
  #   auth:
      # username: ${SHS_SERVERS_STAGING_AUTH_USERNAME}
      # token: ${SHS_SERVERS_STAGING_AUTH_PASSWORD}

  # AWS Glue Spark History Server example
  # glue_ec2:
  #   url: ""
  #   verify_ssl: false

  # Amazon EMR-EC2 Spark History Server example
#    emr_cluster_arn: "<EMR Cluster ARN>"

mcp:
  transports:
    - streamable-http # streamable-http or stdio. you can only specify one right now.
  port: "18888"
  debug: true
  address: localhost

  # Transport security settings for DNS rebinding protection
  # See: https://github.com/modelcontextprotocol/python-sdk/issues/1798
  # This is only relevant when actual mcp package version is higher than 1.23.0
  #transport_security:
    # Enable DNS rebinding protection. Set to true for production deployments
    # with proper allowed_hosts/allowed_origins configuration.
    #enable_dns_rebinding_protection: false

    # List of allowed Host header values. Required when enable_dns_rebinding_protection is true.
    # Supports wildcard ports (e.g., "localhost:*", "127.0.0.1:*", "your-gateway:*").
    # allowed_hosts:
    #   - "localhost:*"
    #   - "127.0.0.1:*"
    #   - "your-proxy-domain:*"

    # List of allowed Origin header values. Required when enable_dns_rebinding_protection is true.
    # Supports wildcard ports (e.g., "http://localhost:*", "http://your-gateway:*").
    # allowed_origins:
    #   - "http://localhost:*"
    #   - "http://127.0.0.1:*"
    #   - "http://your-proxy-domain:*"


# Available Environment Variables:
# SHS_MCP_PORT - Port for MCP server (default: 18888)
# SHS_MCP_DEBUG - Enable debug mode (default: false)
# SHS_MCP_ADDRESS - Address for MCP server (default: localhost)
# SHS_MCP_TRANSPORT - MCP transport mode (default: streamable-http)
# SHS_MCP_TRANSPORT_SECURITY_ENABLE_DNS_REBINDING_PROTECTION - Enable DNS rebinding protection (true/false)
# SHS_MCP_TRANSPORT_SECURITY_ALLOWED_HOSTS - JSON array of allowed hosts (e.g., '["localhost:*","127.0.0.1:*"]')
# SHS_MCP_TRANSPORT_SECURITY_ALLOWED_ORIGINS - JSON array of allowed origins (e.g., '["http://localhost:*"]')
# SHS_SERVERS_*_URL - URL for a specific server
# SHS_SERVERS_*_AUTH_USERNAME - Username for a specific server
# SHS_SERVERS_*_AUTH_PASSWORD - Password for a specific server
# SHS_SERVERS_*_AUTH_TOKEN - Token for a specific server
# SHS_SERVERS_*_VERIFY_SSL - Whether to verify SSL for a specific server (true/false)
# SHS_SERVERS_*_EMR_CLUSTER_ARN - EMR cluster ARN for a specific server