diff options
Diffstat (limited to 'distro/common/man/man1/knife-data-bag.1')
-rw-r--r-- | distro/common/man/man1/knife-data-bag.1 | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/distro/common/man/man1/knife-data-bag.1 b/distro/common/man/man1/knife-data-bag.1 new file mode 100644 index 0000000000..1a7bc0c398 --- /dev/null +++ b/distro/common/man/man1/knife-data-bag.1 @@ -0,0 +1,136 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "KNIFE\-DATA\-BAG" "1" "September 2012" "Chef 11.0.0.alpha" "Chef Manual" +. +.SH "NAME" +\fBknife\-data\-bag\fR \- Store arbitrary data on a Chef Server +. +.SH "SYNOPSIS" +\fBknife\fR \fBdata bag\fR \fIsub\-command\fR \fI(options)\fR +. +.SH "DESCRIPTION" +Data bags are stores of arbitrary JSON data\. Each data bag is a collection that may contain many items\. Data Bag Items are indexed by the Chef Server and can be searched via \fBknife\-search\fR(1)\. +. +.P +Data bags are available to all nodes configured by \fBchef\-client\fR(8), and are therefore a convenient mechanism to store global information, such as lists of administrative accounts that should be configured on all hosts\. +. +.SH "DATA BAG SUB\-COMMANDS" +. +.SH "CREATE" +\fBknife data bag create\fR \fIbag name\fR [item id] \fI(options)\fR +. +.TP +\fB\-s\fR, \fB\-\-secret SECRET\fR +A secret key used to encrypt the data bag item\. See \fBencryption support\fR below\. +. +.TP +\fB\-\-secret\-file SECRET_FILE\fR +The path to a file containing the secret key to be used to encrypt the data bag item\. +. +.P +If \fIitem id\fR is given, creates a new, empty data bag item and opens it for editing in your editor\. The data bag will be created if it does not exist\. +. +.P +If \fIitem id\fR is not given, the data bag will be created\. +. +.SH "DELETE" +\fBknife data bag delete\fR \fIbag name\fR [item id] \fI(options)\fR +. +.P +Delete a data bag, or an item from a data bag\. +. +.SH "EDIT" +\fBknife data bag edit\fR \fIbag name\fR \fIitem id\fR \fI(options)\fR +. +.TP +\fB\-s\fR, \fB\-\-secret SECRET\fR +A secret key used to encrypt the data bag item\. See \fBencryption support\fR below\. +. +.TP +\fB\-\-secret\-file SECRET_FILE\fR +The path to a file containing the secret key to be used to encrypt the data bag item\. +. +.P +Edit an item in a data bag\. +. +.SH "FROM FILE" +\fBknife data bag from file\fR \fIbag name\fR \fIfile\fR \fI(options)\fR +. +.P +\fBknife data bag from file\fR \fIbag name\fR \fIfile1\fR \fIfile2\fR \fIfile3\fR \fI(options)\fR +. +.P +\fBknife data bag from file\fR \fIbag name\fR \fIfolder\fR \fI(options)\fR +. +.TP +\fB\-s\fR, \fB\-\-secret SECRET\fR +A secret key used to encrypt the data bag item\. See \fBencryption support\fR below\. +. +.TP +\fB\-\-secret\-file SECRET_FILE\fR +The path to a file containing the secret key to be used to encrypt the data bag item\. +. +.P +Load a data bag item from a JSON file\. If \fIfile\fR is a relative or absolute path to the file, that file will be used\. Otherwise, the \fIfile\fR parameter is treated as the base name of a data bag file in a Chef repository, and \fBknife\fR will search for the file in \fB\./data_bags/bag_name/file\fR\. For example \fBknife data bag from file users dan\.json\fR would attempt to load the file \fB\./data_bags/users/dan\.json\fR\. +. +.SH "LIST" +\fBknife data bag list\fR \fI(options)\fR +. +.TP +\fB\-w\fR, \fB\-\-with\-uri\fR +Show corresponding URIs +. +.P +Lists the data bags that exist on the Chef Server\. +. +.SH "SHOW" +\fBknife data bag show BAG [ITEM]\fR \fI(options)\fR +. +.TP +\fB\-s\fR, \fB\-\-secret SECRET\fR +A secret key used to encrypt the data bag item\. See \fBencryption support\fR below\. +. +.TP +\fB\-\-secret\-file SECRET_FILE\fR +The path to a file containing the secret key to be used to encrypt the data bag item\. +. +.P +Show a specific data bag or an item in a data bag\. The output will be formatted according to the \-\-format option\. +. +.SH "ENCRYPTION SUPPORT" +Data Bag Items may be encrypted to keep their contents secret\. This may be desireable when storing sensitive information such as database passwords, API keys, etc\. +. +.P +Data Bag Item encryption uses the AES\-256 CBC symmetric key algorithm\. +. +.P +\fBCAVEATS:\fR Keys are not encrypted; only values are encrypted\. The "id" of a Data Bag Item is not encrypted, since it is used by Chef Server to store the item in its database\. For example, given the following data bag item: +. +.IP "" 4 +. +.nf + +{"id": "important_passwords", "secret_password": "opensesame"} +. +.fi +. +.IP "" 0 +. +.P +The key "secret_password" will be visible to an evesdropper, but the value "opensesame" will be protected\. Both the key "id" and its value "important_passwords" will be visible to an evesdropper\. +. +.P +Chef Server does not provide a secure mechanism for distributing encryption keys\. +. +.SH "SEE ALSO" +\fBknife\-search\fR(1) +. +.SH "AUTHOR" +Chef was written by Adam Jacob \fIadam@opscode\.com\fR with many contributions from the community\. +. +.SH "DOCUMENTATION" +This manual page was written by Joshua Timberman \fIjoshua@opscode\.com\fR\. Permission is granted to copy, distribute and / or modify this document under the terms of the Apache 2\.0 License\. +. +.SH "CHEF" +Knife is distributed with Chef\. http://wiki\.opscode\.com/display/chef/Home |