Mission Control
Operations
AI-powered operations platform for infrastructure visibility, vulnerability scanning, Active Directory security, and compliance — in a single portal.
The Problem
Most IT teams are drowning in tools. The infrastructure admin has vCenter. The security team has a scanner. The sysadmin has a SIEM. The network engineer has their own console. The CISO wants a compliance report that pulls from all of them. Nobody talks to each other, and the data certainly doesn't.
We built MCO — Mission Control Operations to fix that. One portal, one audit trail, one AI that actually knows your environment.
Who It's For
Fleet health at a glance without logging into five consoles
Single export with vulnerability findings, AD posture, and audit log
AI-generated PowerShell and kubectl without writing from scratch
Open ports, stale AD accounts, and exploitable SPNs in one place
Full audit trail with maintenance window enforcement
See It In Action
Click to expand any screenshot
Live infrastructure dashboard with readiness scoring
Scored readiness reports with trend tracking across six dimensions
CIDR-based scanning with nmap + Nuclei and delta tracking
Privileged group analysis, Kerberoastable SPNs, stale accounts
Natural language to API calls and PowerShell scripts
Kubernetes operations accessible to the whole team
Full Kubernetes management built into MCO
VMware Tools status for every VM at a glance
What's Inside
Everything your team needs in a single platform
Fleet View
Live dashboard — every host, VM, cluster, and datastore with CPU headroom, memory pressure, storage latency, and a deterministic readiness score tracked over time.
AI Analysis
Scored readiness reports with AI-generated findings grounded in your actual environment data — not generic documentation.
Vulnerability Scanning
Built on nmap + Nuclei. CIDR-based scans with safe / standard / full profiles, scheduled runs, and delta tracking between scans.
AD Security
Enumerate privileged groups, Kerberoastable SPNs, stale accounts, and cross-reference stale accounts still in privileged groups.
Workspace & Kubectl
Describe what you want in plain English. MCO generates the API call, PowerShell script, or kubectl command — explains it, then executes it.
Platform Console
Full Kubernetes management — nodes, pods, workloads, services, RBAC, secrets, and config maps — all inside the same portal.
VM Guest Inventory
Every powered-on VM sorted by VMware Tools status. Filter by name, OS, or hostname. Export to CSV.
MCP AI Agent
Conversational AI with live access to your clusters, audit events, and AD findings — not a generic chatbot.
Maintenance Windows
Gate operations at the API level. If a window isn't active, changes are blocked — policy is enforced, not just documented.
Audit Log & Compliance
Every action logged — user, IP, timestamp, operation, result. One-button compliance export bundles everything for auditors.
Alerts
Rules on any metric or event. Route to Slack, Teams, PagerDuty, or webhooks.
Bulk Operations
Provision VMs, manage AD users, apply config changes across groups — all gated by maintenance windows.
How It's Built
Python (FastAPI) backend, React + TypeScript frontend, running on Kubernetes. 16 services, each with a clear responsibility.
| Service | Role |
|---|---|
| api-gateway | Single entry point; 18 routers; auth enforcement; audit logging |
| orchestrator | Coordinates multi-step analysis pipelines |
| tools | Infrastructure API calls and data normalization |
| collector-vcenter | vCenter inventory and health |
| collector-vrops | Metrics and alarms from VMware Operations |
| collector-sddc | SDDC Manager domain data |
| collector-logs | Log aggregation |
| scoring-engine | Deterministic 0–100 scoring; history in TimescaleDB |
| llm-gateway | Claude / OpenAI / Gemini / Ollama abstraction layer |
| config-store | Encrypted credential storage; conversation history |
| discovery-engine | nmap + Nuclei; scan scheduling; live output streaming |
| powercli | Containerized PowerShell execution |
| ui | React SPA served by nginx |
| postgresql | TimescaleDB for time-series data and conversations |
| redis | Fleet cache; pub/sub for scan output; alert debounce |
AI Layer
The LLM gateway abstracts over four providers. Pick the one that fits — swap anytime, no restart needed.
Default for analysis and agent tasks
Alternative for analysis tasks
Large-context tasks
Air-gapped deployments
Recommended Ollama Models (Air-Gapped)
Minimum 32 GB RAM, dedicated GPU recommended.
| Use Case | Model |
|---|---|
| Analysis + agent (best quality) | qwen2.5:14b |
| Fast responses | mistral:7b |
| General purpose | llama3.1:8b |
| Script generation | codellama:13b |
Authentication
Dex OIDC + oauth2-proxy — both run as pods alongside the application. Dex handles identity (static accounts + Active Directory LDAP connector). When you save AD settings in MCO, the platform automatically updates the Dex LDAP connector and restarts Dex — AD users can log in immediately without touching Kubernetes.
Things We Learned
The audit trail is the most underrated feature
We built it because compliance requires it. It turned out to be one of the most useful things in the platform — not for auditors, but for the ops team. "Who changed that config?" and "what happened between 2am and 3am last night?" are questions that come up constantly.
Maintenance windows belong in the platform, not in the calendar
Most change management lives in a spreadsheet or ticketing system with no connection to the tools that actually make changes. Putting maintenance windows in MCO and having them gate operations at the API level means the policy is enforced, not just documented.
AI is most useful when it knows your specific environment
A generic LLM that answers questions about infrastructure is moderately useful. An agent that has your actual host names, your current AD stale accounts, and your last three audit events is a different thing entirely. The value compounds with the data.
Microservices are the right call, but own the complexity
16 services means 16 images, 16 health checks, and 16 places to look when something breaks. The benefit is that pushing a new scanner doesn't touch auth, the AI layer, or the UI. That independence made fast iteration possible.
What's Next
Helm Chart
General distribution so any team can install MCO in their own Kubernetes cluster.
Agent RAG
Giving the AI agent access to knowledge bases and runbooks for richer recommendations.
Multi-Tenant
Separate namespaces per team or customer environment.
Try MCO
MCO is open source. If your team wants a single platform for infrastructure visibility, security scanning, AD analysis, and AI-assisted operations — give it a try. The repo includes a Helm chart and a full installation guide.
github.com/eliranbarhum/ai-opsIssues and contributions are welcome.