DOCKER
AI INTEGRATION
TUTORIAL
🐳 Docker Desktop 4.50: Model Context Protocol (MCP) Support & AI Integration Guide
Dillip Chowdary
November 12, 2025 • 15 min read
What's New in Docker Desktop 4.50
Key Features
-
Model Context Protocol (MCP) Support: Connect AI assistants directly to Docker containers and contexts
-
AI Integration Features: Natural language commands for container management
-
Enterprise Security Controls: Enhanced security policies and compliance features
-
Release Cadence: Now releasing every 2 weeks (moving to weekly by end of 2025)
Understanding Model Context Protocol (MCP)
The Model Context Protocol (MCP) is an open standard developed by Anthropic that enables AI assistants (like Claude, ChatGPT, or local LLMs) to interact with external tools and services through a standardized interface.
How MCP Works with Docker
1
AI Assistant sends request via MCP protocol
Example: "Show me all running containers using more than 500MB RAM"
2
Docker MCP Server translates to Docker API calls
docker stats --no-stream + filtering logic
3
Docker Engine executes and returns data
Container stats, logs, network info, etc.
4
AI Assistant presents results in natural language
"3 containers exceed 500MB: nginx-prod (750MB), postgres-db (1.2GB), redis-cache (600MB)"
Installing Docker Desktop 4.50
Step 1: Upgrade Docker Desktop
For macOS:
# Check current version
docker --version
# Download Docker Desktop 4.50 from official site
open https://www.docker.com/products/docker-desktop/
# Or use Homebrew
brew upgrade --cask docker
# Verify installation
docker versionFor Windows:
# Check current version
docker --version
# Download from Docker website
start https://www.docker.com/products/docker-desktop/
# Or use winget
winget upgrade Docker.DockerDesktop
# Verify installation
docker versionFor Linux:
# Update Docker Desktop
sudo apt-get update
sudo apt-get install docker-desktop
# Verify
docker --versionSetting Up Docker MCP Server
Step 2: Install Docker MCP Server
# Create MCP config directory
mkdir -p ~/.config/mcp
# Install Docker MCP server (Node.js example)
npm install -g @docker/mcp-server
# Or use Python implementation
pip install docker-mcp-server
# Verify installation
docker-mcp --versionStep 3: Configure MCP Server
Create MCP configuration file:
# Create config file
cat > ~/.config/mcp/docker-config.json << 'EOF'
{
"name": "docker-mcp",
"version": "1.0.0",
"transport": {
"type": "stdio"
},
"capabilities": {
"containers": {
"list": true,
"inspect": true,
"logs": true,
"stats": true,
"exec": false
},
"images": {
"list": true,
"pull": false,
"build": false
},
"compose": {
"up": false,
"down": false,
"ps": true
}
},
"security": {
"readonly": true,
"allowedNetworks": ["bridge", "host"],
"maxContainers": 100
}
}
EOF⚠️ Security Note: The above config sets readonly: true to prevent AI from modifying containers. Adjust exec, pull, build permissions based on your security requirements.
Integrating with Claude Desktop
Step 4: Configure Claude Desktop MCP
Edit Claude Desktop MCP configuration:
# macOS/Linux
code ~/Library/Application\ Support/Claude/claude_desktop_config.json
# Add Docker MCP server
cat > ~/Library/Application\ Support/Claude/claude_desktop_config.json << 'EOF'
{
"mcpServers": {
"docker": {
"command": "docker-mcp",
"args": ["--config", "~/.config/mcp/docker-config.json"],
"env": {
"DOCKER_HOST": "unix:///var/run/docker.sock"
}
}
}
}
EOFStep 5: Restart Claude Desktop
# macOS
killall Claude
open -a Claude
# Linux
pkill claude
claude &
# Verify MCP connection in Claude
# Type: "List all running Docker containers"Example Use Cases
1. Container Health Monitoring
Ask Claude:
"Which containers are using the most CPU right now?"
Claude responds:
Here are the top 3 CPU consumers:
1. ml-training: 87.3% CPU (8 cores)
2. webpack-dev: 45.2% CPU (4 cores)
3. postgres-db: 12.1% CPU (2 cores)
Recommendation: ml-training container may need CPU limits.
2. Debugging Container Issues
Ask Claude:
"Why did my api-server container restart? Show me the last 100 lines of logs."
Claude executes and analyzes:
# Claude runs:
docker logs --tail 100 api-server
# Analyzes output and responds:
# "Container restarted due to OOM (Out of Memory) kill.
# Memory usage: 1.8GB / 1GB limit
# Recommendation: Increase memory limit to 2GB in docker-compose.yml"3. Docker Compose Troubleshooting
Ask Claude:
"I'm getting connection refused errors. Check if all my Docker Compose services are healthy."
Claude investigates:
# Claude runs:
docker-compose ps
docker inspect --format='{{json .State.Health}}' $(docker-compose ps -q)
# Analysis:
# "Found the issue: 'redis' service is unhealthy (0/3 health checks passed).
# Logs show: 'redis-cli: connect: Connection refused'
#
# Root cause: Redis container started before network was ready.
# Fix: Add 'restart: on-failure' to redis service in docker-compose.yml"Advanced Configuration
Custom Docker MCP Tools
Create custom tools for your AI assistant:
// ~/.config/mcp/custom-tools.js
module.exports = {
tools: [
{
name: "cleanup_stopped_containers",
description: "Remove all stopped containers older than 24 hours",
handler: async () => {
const { execSync } = require('child_process');
const result = execSync(
`docker container prune --filter "until=24h" --force`
).toString();
return { cleaned: result };
}
},
{
name: "get_container_network_info",
description: "Get detailed network information for a container",
parameters: {
container_id: { type: "string", required: true }
},
handler: async ({ container_id }) => {
const { execSync } = require('child_process');
const result = JSON.parse(
execSync(`docker inspect ${container_id}`).toString()
);
return {
networks: result[0].NetworkSettings.Networks,
ports: result[0].NetworkSettings.Ports,
ipAddress: result[0].NetworkSettings.IPAddress
};
}
}
]
};
// Load custom tools in MCP config
// docker-mcp --config ~/.config/mcp/docker-config.json \
// --tools ~/.config/mcp/custom-tools.jsEnterprise Security Settings
{
"security": {
"readonly": true,
"allowedCommands": [
"ps", "stats", "logs", "inspect"
],
"blockedCommands": [
"exec", "rm", "rmi", "system prune"
],
"auditLog": {
"enabled": true,
"path": "~/.config/mcp/audit.log",
"format": "json"
},
"rateLimit": {
"maxRequestsPerMinute": 60,
"maxConcurrentRequests": 10
},
"authentication": {
"required": true,
"method": "api_key",
"apiKey": "${DOCKER_MCP_API_KEY}"
}
}
}Troubleshooting
Error: "Cannot connect to Docker daemon"
Solution:
# Check if Docker is running
docker info
# Start Docker Desktop
open -a Docker # macOS
# or use system tray on Windows
# Verify socket permissions
ls -la /var/run/docker.sock
sudo chmod 666 /var/run/docker.sock # if neededClaude doesn't see Docker MCP server
Solution:
# Check Claude config path
cat ~/Library/Application\ Support/Claude/claude_desktop_config.json
# Test MCP server directly
docker-mcp --test
# Check Claude logs
tail -f ~/Library/Logs/Claude/mcp.logBest Practices
✅ DO
- • Start with readonly mode for safety
- • Enable audit logging in production
- • Use rate limiting to prevent abuse
- • Test custom tools in development first
- • Keep Docker Desktop updated
❌ DON'T
- • Grant exec permissions without security review
- • Expose Docker socket to untrusted networks
- • Allow AI to run docker system prune
- • Skip authentication in production
- • Disable audit logs