Using a credential that uses docker

Brawndo · April 6, 2025, 1:26am

I am running n8n v 1.85 via docker (Mac OS) with the following command:

docker run -it --rm -e N8N_RUNNERS_ENABLED=true -e N8N_COMMUNITY_PACKAGES_ALLOW_TOOL_USAGE=true --name n8n -p 5678:5678 -v n8n_data:/home/node/.n8n docker.n8n.io/n8nio/n8n

I’m trying to pull in the GitHub MCP server. The one listed at

says it is deprecated and that we should use the newer one at:

the PROBLEM is that the NEWER location only shows examples of firing up the GitHub mcp server via DOCKER, whereas the older, deprecated GitHub location has an actual NPX example. The NPX example works in n8n but it is buggy. I have tried the newer docker version via the Claude desktop app and it works GREAT.

Issue: when I try to set the credential in n8n for the mcp tool using the docker settings, communication with the GitHub docker mcp server fails. But it works in Claude.

So, is there a way for a docker instance of n8n to be able to leverage a dockerized mcp server or not? Do I somehow have to run them together using Docker Compose or what?

thoughts?

jcuypers · April 6, 2025, 4:18am

Hi, yes but the standard N8N image doesn’t have docker installed so it doesn’t have a clue on what to do with docker run (both main and worker). So you need to map the docker socket when you start your N8N so that the commands are sent to the host docker DooD docker outside of docker

-v /var/run/docker.sock:/var/run/docker.sock

Is to be added when you start the container of N8N

I think I also needed to install docker-cli, but I’m not sure. You can see.

I did a similar setup for puppeteer, it works. The only problem is. If I remember correctly. You need to verify whether it doesn’t constantly spin up new instances without exiting

Reg,
J.

Brawndo · April 7, 2025, 7:52pm

Different approach. Rather than trying to get one docker container trying to talk to another. What I TRIED instead was:

downloaded the n8n starter kit and got it running
installed the n8n mcp client community node and got THAT working
I then grabbed the GitHub-mcp-server repo, pulled that down
I then cross-compiled that to aarch64 linux in my ‘go’ build command
Copied that built binary to the running docker container for n8n via:
- docker cp github_mcp_server <container_id>:/usr/local/bin/github_mcp_server
tested that it worked running inside the n8n running container instance via:
- docker exec -it <container_id> sh
- cd /usr/local/bin
- and executed the github_mcp_server binary I copied in there.

…and it works perfectly there…

then fired up a workflow in n8n GUI, add an MCP client tool and set the credentials to what the commands would be trying to start the binary locally, ex. /usr/local/bin/github_mcp_server

and nothing works.

So after all that, my question is: Is it possible to invoke an arbitrary binary that is available inside the container from the credential node in n8n?

jcuypers · April 7, 2025, 8:06pm

hi, it should ne possible, otherwise it would never be possible to use docker commands in it. normally if there is something wrong with the setup there is some form of logging in the n8n logs. another test would be to log onto the n8n server directly and try to start the github thing manually. see if it stays stable and there are no errors

reg,
J.

jasjeetsuri · April 8, 2025, 1:09pm

I managed to make some progress.
I’m running n8n in docker, using Portainer.

Rebuild n8n docker image with docker inside of docker. ChatGPT showed me how to do that.
Run n8n container with user: 0:0 (for whatever reason my setup disappears each time container restarts with this)
Enable docker socket in compose file for n8n

Now I can spin up MCP docker servers via +Credential.

Then problem is, eg I tried azure-cli MCP
Command: docker
Arguements: run -i --rm -e AZURE_CREDENTIALS arm/azure-cli-mcp:arm64

I get:

Failed to execute operation: Failed to connect to MCP server: MCP error -32603: Unrecognized field “prompts” (class io.modelcontextprotocol.spec.McpSchema$ClientCapabilities), not marked as ignorable (3 known properties: “experimental”, “roots”, “sampling”])
at [Source: UNKNOWN; byte offset: #UNKNOWN] (through reference chain: io.modelcontextprotocol.spec.McpSchema$InitializeRequest[“capabilities”]->io.modelcontextprotocol.spec.McpSchema$ClientCapabilities[“prompts”])

When I tried to create the docker container manually for azure-cli MCP inside portainer, n8n container has no way to talk to it, as the command in n8n credential is saying “docker”, which tells it to try create a docker container inside the n8n container. At least, to my understanding.

I wish I can make this work!

jcuypers · April 8, 2025, 1:22pm

Hi, strange error indeed. How you searched for issues / bugs for the plugin?
In addition, shouldn’t you use environment field instead of -e in the arguments (in the MCP plugin)

Reg,
J.

jasjeetsuri · April 8, 2025, 1:28pm

For env var, I tried a few things.

Using env var inside n8n credential
Using MCP_var in the n8n docker compose

Same result.

Interesting idea about the port. Wonder if that there is some issue there.

Brawndo · April 8, 2025, 2:25pm

That was the first thing I tried before going to all this trouble. The example from the GitHub-mcp-server repo has the following example for how to connect it to a Claude Desktop app:

{
  "mcpServers": {
    "github": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "GITHUB_PERSONAL_ACCESS_TOKEN",
        "ghcr.io/github/github-mcp-server"
      ],
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "<YOUR_TOKEN>"
      }
    }
  }
}

But that doesn’t work because docker is not installed in the running container (or is it?)

jasjeetsuri · April 8, 2025, 2:34pm

Its not. But you can install it by making a custom Dockerfile. GPT can make that for you.

Ive got as far as getting the Execute Command tool in n8n to create a docker container, and it shows up in my host/portainer as created.

But everytime I try this in a Credential for MCP server, it doesnt work.

Eg this runs OK in Execute command tool:
docker run -d -e AZURE_CREDENTIALS arm/azure-cli-mcp:arm64

But in credential, this does nothing
run -d -e AZURE_CREDENTIALS arm/azure-cli-mcp:arm64

This in Credential
run -i --rm -e AZURE_CREDENTIALS arm/azure-cli-mcp:arm64 → results in

Failed to execute operation: Failed to connect to MCP server: MCP error -32000: Connection closed

It should use -i so it can interact with the container, thats why the port is not important, i think.

jcuypers · April 8, 2025, 2:38pm

Hi,

You need to build a DooD solution. Docker outside of docker.

Just look it up.

In short.

Install docker-cli tools on the N8N
When starting it map the host docker socket to the N8N
After that you are able to use docker commands from within N8n

Regards
J.

jasjeetsuri · April 8, 2025, 2:44pm

Heres what i did for DooD

FROM docker.n8n.io/n8nio/n8n
USER root
RUN apt-get update &&
apt-get install -y docker.io &&
apt-get clean
USER node

And then built it

docker build -t n8n-arm-docker .

Then my compose

services:
n8n:
image: n8n-arm-docker
container_name: n8n
restart: always
privileged: true
user: 0:0
ports:
- “127.0.0.1:5678:5678”
environment:
- N8N_COMMUNITY_PACKAGES_ALLOW_TOOL_USAGE=true
- N8N_HOST=n8n.aaa.com
- N8N_PORT=5678
- N8N_PROTOCOL=https
- NODE_ENV=production
- WEBHOOK_URL=https://n8n.aaa.com/
- GENERIC_TIMEZONE=Europe/London
- MCP_AZURE_CREDENTIALS={“clientId”:“55d5994”,“clientSecret”:“Zdddddddct”,“tenantId”:“0dddddddd”}
volumes:
- /opt/n8n_data:/home/node/.n8n
- /opt/local-files:/files
- /home/jas/n8n/java_n8n/mcp:/mcp
- /var/run/docker.sock:/var/run/docker.sock

Now I can execute docker ps inside Execute tool and it lists the docker containers on the host.

But this still doesnt work…
This in Credential
command: docker
Arguement: run -i --rm -e AZURE_CREDENTIALS arm/azure-cli-mcp:arm64 → results in

Failed to execute operation: Failed to connect to MCP server: MCP error -32000: Connection closed

jcuypers · April 8, 2025, 2:55pm

Hi,

ok try the following for troubleshooting purposes

start the arm/azure-cli-mcp:arm64 manually in the host and make sure it runs stable.
give it a name (–name) so you can reference it. make sure you pass the env
go inside of it, and test whether you can use the azure cli tools as intended
docker exec
change the mcp configuration to
docker attach <name>

These steps will hopefully show some direction of where to look

reg,
J.

jasjeetsuri · April 8, 2025, 2:57pm

Thanks, i will try.

In the meantime, my env must be ok, because i got the Home Assistant MCP working wahoo

commnad: docker
arguement: run -i --rm -e HA_URL -e HA_TOKEN voska/hass-mcp
environment: HA_URL=myurl,HA_TOKEN=myToken

For Azure CLI, I have it working on Claude Desktop. I will keep trying to make it work with n8n. I have a feeling it is not working since i rebuilt it for ARM.

Also, I do not know why, but running n8n as root means i have to go through setup and lose all my files every single time i recreate the container. I let the container create all the directories and files itself, with root permissions, and it still cannot maintain state

Brawndo · April 8, 2025, 4:54pm

After vibe coding with AI, I got a bit further.

As jasjeetsuri mentions, I tried a custom Dockerfile + docker-compose.yml setup. In my Dockerfile I base my image of the n8n image:

# Dockerfile
FROM n8nio/n8n:latest

USER root

# Install bash and curl
RUN apk add --no-cache bash curl \
 && curl -L https://download.docker.com/linux/static/stable/x86_64/docker-24.0.7.tgz | tar -xz \
 && mv docker/* /usr/bin/ \
 && chmod +x /usr/bin/docker

In my docker-compose.yml file, down in the n8n area I modified it to be:

  n8n:
    <<: *service-n8n
    build:
      context: .
      dockerfile: Dockerfile
    ports:
      - 5678:5678
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    user: root

Which, after building and restarting n8n via ‘docker compose up --build’
allowed me to create a credential in the form of:

docker run -i --rm -e GITHUB_PERSONAL_ACCESS_TOKEN=ghp...  ghcr.io/github/github-mcp-server

(where ‘docker’ is the command and the rest is in the ‘argument’ text box)

It only worked (partially) if I used the ‘-I’ switch and put the environment variable for my personal access token in the argument text box. Putting it down in the environment box did NOT work.

Once that was in, in the chat trigger I entered the text “list tools” and it successfully connected to the GitHub mcp server and listed its tool capabilities.

UNFORTUNATELY…when I add a second mcp client tool with the ‘execute’ tool option, it is not working. n8n keeps send it a ‘sendMessage’ command but the mcp server wants the actual execution tool command like “list_commits”. Any ideas how to get past this?

jasjeetsuri · April 8, 2025, 9:36pm

I tried the azure cli MCP on x86 server. Still no luck

Command: docker
Argument: run -i --rm -e AZURE_CREDENTIALS Package azure-cli-mcp · GitHub
Environment: AZURE_CREDENTIALS=“{“clientId”:”…“,“clientSecret”:”…“,”tenantId”:”abc”}”

Failed to execute operation: Failed to connect to MCP server: MCP error -32603: Unrecognized field “prompts” (class io.modelcontextprotocol.spec.McpSchema$ClientCapabilities), not marked as ignorable (3 known properties: “experimental”, “roots”, “sampling”]) at [Source: UNKNOWN; byte offset: #UNKNOWN] (through reference chain: io.modelcontextprotocol.spec.McpSchema$InitializeRequest[“capabilities”]->io.modelcontextprotocol.spec.McpSchema$ClientCapabilities[“prompts”])

There is some issue with this one, considering I got the home assistant docker mcp server working with n8n.

system · July 7, 2025, 9:36pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.