Forum Discussion

mikenelson-pure's avatar
mikenelson-pure
Community Manager
1 day ago

Fusion MCP Server Is Now Released & Open Source

There’s a narrow band between “AI demo” and “actually useful in production,” and most tools miss it by a country mile. Fusion MCP Server doesn’t. Now that it’s open source, MCP-compatible AI assistants get a controlled bridge into Everpure FlashArray and FlashBlade environments, one built to answer real operational questions about fleet inventory, capacity, performance, alerts, volumes, file systems, workloads, and presets, without turning your storage estate into a science fair project. The AI Agent doesn’t get to vibe its way through your infrastructure. It works through a clean tool surface backed by real Everpure APIs, and writes stay hidden until you flip them on yourself.

What it actually solves

If you’ve ever wanted to ask a storage question in plain English and get something better than a dashboard scavenger hunt, this is that. Fusion MCP Server sits between your AI agent and your arrays: the assistant talks to the server, the server authenticates with configured array API tokens, calls supported Everpure APIs, and returns structured results. Your assistant never touches the arrays directly.

Practically, that means engineers can ask things like:

  • Show me the fleet overview
  • Which arrays have capacity concerns
  • Show array performance for the last 24 hours
  • List workload presets available in this fleet
  • Show active alerts with remediation links

The data was never the problem. Storage teams already have it. What eats the day is bouncing between menus, tabs, and API docs just to answer something like “which arrays are closest to full?” Think of it like swapping a pile of ad hoc curl commands and tribal knowledge for a typed interface your AI assistant can reason over. Calling it “screen scraping with confidence” undersells it. It behaves more like a junior SRE who actually reads the schema.

Why engineers should care

The release leads with reads, which is exactly the right default for infrastructure tooling. Out of the box, Fusion MCP Server covers fleet overview, capacity and performance, storage objects, configuration audit, and optional supervised actions for placement recommendations, preset creation and updates, and workload deployment.

A few details stand out:

  • It works with FlashArray and FlashBlade environments in a Fusion fleet, including mixed environments, as long as you provide at least one token for each platform type for Remote Execution. If the API version you have on your arrays does not yet have the endpoints with Remote Execution capability enabled, you must supply an API token for every array in the fleet. More on that in the next section.
  • Fleet discovery covers the supported read workflows broadly, though some, especially performance, still need a direct token for each array you want to query.
  • Built-in prompts handle fleet, performance, and config workflows, and it also works through plain natural-language questions if your agent doesn’t expose MCP prompts directly.
  • Read-only endpoint documentation plus a whitelisted authenticated GET fetch tool cover supported API surface beyond the dedicated tools.

Let’s talk Tokens first

Back in Purity REST API version 2.38, Everpure started to include a capability for API endpoints called Remote Execution. This is the mechanism that lets a client invoke a Purity REST API request on a different fleet member, and that request executes as though it were initiated locally on that remote member. The catch is that both arrays must have the same API version available on them as well as the endpoint being executed against must have Remote Execution capability. As of today, not all endpoints have this capability, so there must be an API token specified for each array in the fleet until they have all been enabled. We are diligently working to get all endpoints enabled to make this easier for everyone. Stay tuned!

Installation (that does not require a PhD)

The setup flow is refreshingly direct:

generate-config does more than write boilerplate. It validates tokens, detects each array’s API version, resolves array names, and writes the auth config with restrictive permissions: the config directory gets 0700 and the file gets 0600.

Want an even easier way? How you just tell your AI Agent to “Read this repository at https://github.com/PureStorage-OpenConnect/fusion-mcp-server and the included USER_GUIDE.md file and add the Fusion MCP server to this agent.” Easy-peasy as it’ll step you thought the process and create the config file for you.

A few caveats are worth flagging before you point this at anything that matters:

  • The published binaries aren’t signed, so macOS and Windows may throw a warning on first run.
  • Build from source if that’s a dealbreaker. It’s all there, have at it!
  • Keep the generated auth-config.json local, don’t share it, and rotate tokens if one ever leaks.

None of that is friction. It’s the fine print you’d want before trusting a tool with API tokens.

Supervised write actions: powerful, optional, and very much not on by default

Now for the part everyone asks about first, and the part some people should absolutely not enable first: write actions. Fusion MCP Server hides write tools by default. You turn them on explicitly, either during config generation with --enable-write-tools or later with update-config --enable-write-tools.

Enabled, the supervised actions cover these processes with more to come as the product evolves:

  • Placement recommendations
  • Workload preset creation
  • Workload preset updates
  • Workload deployment

The approval step is the clever bit. Write operations sit behind an explicit confirmation. If the agent supports MCP Elicitation, the server pops up an interactive dialog for every write tool, so you can review the proposed action and approve or decline before anything changes. If the agent doesn’t support Elicitation, it falls back to telling the agent, in plain instructions, to ask you for approval before resubmitting the call. One practical wrinkle: the write tools inherit whatever permissions live on the API tokens you configure, so the workflow only works if those tokens can perform the write.

So when should you flip the switch? Enable write tools if you want supervised acceleration on repeatable workflows: placing a workload from a known preset, updating a policy-backed preset, or turning a natural-language request into a deployment action that still needs a human to sign off. Skip it if you’re still validating token scope, using the server mainly for observability, or introducing MCP to a team that hasn’t built trust in the read-only workflows yet. Start with read-only. Make it boring. Then decide whether supervised writes are the next move. Write tools toggle on and off with a simple update-config command, so this isn’t a one-way door: turn them off again anytime with update-config --enable-write-tools=false.

Use cases that actually matter

This release isn’t for people who like screenshots of AI chats. It’s for engineers and operators who want faster answers and safer workflows.

A few obvious wins:

Fleet triage

Ask for a fleet overview with alerts, array inventory, Purity version, and fleet connections, the kind of first-response context you want before guessing which dashboard to open.

Capacity and performance review

Ask which configured arrays have the highest used capacity, which have high latency, or pull performance for the last 24 hours. For teams juggling multiple arrays, this turns routine health checks into a single conversation.

Storage object lookup

Query volumes by naming pattern, list file systems on FlashBlade, or inspect workloads on a specific array. Useful for anyone who inherited naming conventions from a previous geological era.

Configuration audit

Use the built-in documentation and read-only fetch coverage to compare settings across arrays and check for policy consistency. Handy if you’re trying to catch drift without hand-rolling an audit script every quarter.

Workload lifecycle acceleration

Enable supervised writes and the assistant can recommend placement, create or update presets, and deploy workloads from those presets. At that point the server stops acting like a reporting tool and starts acting like an interface layer for intent-driven operations.

On My Soapbox: Why the Open Source release matters

Being open source here changes the trust model, not just the distribution channel. You can inspect how the bridge works, check the security assumptions yourself, and contribute fixes instead of filing a ticket into the void. When reality disagrees with the documentation, which happens to every project sooner or later, you can open an issue instead of just living with it.

The repository is public under Apache 2.0, with contribution guidance, architecture notes, a developer guide, and a dedicated issue tracker for support, issues, and feature requests. That means the people who’ll stress-test this in real environments can also be the ones fixing it. For a tool sitting between AI agents and production-adjacent storage workflows, that’s where the engineering conversation belongs.

Final thought

Fusion MCP Server is short on hype and long on mechanical sympathy. Read workflows stay front and center, write workflows require your explicit sign-off, and installation doesn’t eat your afternoon. If you’re running Fusion-managed fleets (which y’all should be!), it’s worth a look. Grab the latest release, point it at your MCP-capable agent, start read-only, and see how fast “show me my fleet overview” becomes second nature. It’s open source. Once you’ve kicked the tires, contribute code if you build something useful, and open an issue when you hit an edge case. That’s the whole deal.

No RepliesBe the first to reply