1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
|
<!DOCTYPE html>
<html>
<head>
<meta http-equiv='content-type' value='text/html;charset=utf8'>
<meta name='generator' value='Ronn/v0.7.3 (http://github.com/rtomayko/ronn/tree/0.7.3)'>
<title>knife-data-bag(1) - Store arbitrary data on a Chef Server</title>
<style type='text/css' media='all'>
/* style: man */
body#manpage {margin:0}
.mp {max-width:100ex;padding:0 9ex 1ex 4ex}
.mp p,.mp pre,.mp ul,.mp ol,.mp dl {margin:0 0 20px 0}
.mp h2 {margin:10px 0 0 0}
.mp > p,.mp > pre,.mp > ul,.mp > ol,.mp > dl {margin-left:8ex}
.mp h3 {margin:0 0 0 4ex}
.mp dt {margin:0;clear:left}
.mp dt.flush {float:left;width:8ex}
.mp dd {margin:0 0 0 9ex}
.mp h1,.mp h2,.mp h3,.mp h4 {clear:left}
.mp pre {margin-bottom:20px}
.mp pre+h2,.mp pre+h3 {margin-top:22px}
.mp h2+pre,.mp h3+pre {margin-top:5px}
.mp img {display:block;margin:auto}
.mp h1.man-title {display:none}
.mp,.mp code,.mp pre,.mp tt,.mp kbd,.mp samp,.mp h3,.mp h4 {font-family:monospace;font-size:14px;line-height:1.42857142857143}
.mp h2 {font-size:16px;line-height:1.25}
.mp h1 {font-size:20px;line-height:2}
.mp {text-align:justify;background:#fff}
.mp,.mp code,.mp pre,.mp pre code,.mp tt,.mp kbd,.mp samp {color:#131211}
.mp h1,.mp h2,.mp h3,.mp h4 {color:#030201}
.mp u {text-decoration:underline}
.mp code,.mp strong,.mp b {font-weight:bold;color:#131211}
.mp em,.mp var {font-style:italic;color:#232221;text-decoration:none}
.mp a,.mp a:link,.mp a:hover,.mp a code,.mp a pre,.mp a tt,.mp a kbd,.mp a samp {color:#0000ff}
.mp b.man-ref {font-weight:normal;color:#434241}
.mp pre {padding:0 4ex}
.mp pre code {font-weight:normal;color:#434241}
.mp h2+pre,h3+pre {padding-left:0}
ol.man-decor,ol.man-decor li {margin:3px 0 10px 0;padding:0;float:left;width:33%;list-style-type:none;text-transform:uppercase;color:#999;letter-spacing:1px}
ol.man-decor {width:100%}
ol.man-decor li.tl {text-align:left}
ol.man-decor li.tc {text-align:center;letter-spacing:4px}
ol.man-decor li.tr {text-align:right;float:right}
</style>
<style type='text/css' media='all'>
/* style: toc */
.man-navigation {display:block !important;position:fixed;top:0;left:113ex;height:100%;width:100%;padding:48px 0 0 0;border-left:1px solid #dbdbdb;background:#eee}
.man-navigation a,.man-navigation a:hover,.man-navigation a:link,.man-navigation a:visited {display:block;margin:0;padding:5px 2px 5px 30px;color:#999;text-decoration:none}
.man-navigation a:hover {color:#111;text-decoration:underline}
</style>
</head>
<!--
The following styles are deprecated and will be removed at some point:
div#man, div#man ol.man, div#man ol.head, div#man ol.man.
The .man-page, .man-decor, .man-head, .man-foot, .man-title, and
.man-navigation should be used instead.
-->
<body id='manpage'>
<div class='mp' id='man'>
<div class='man-navigation' style='display:none'>
<a href="#NAME">NAME</a>
<a href="#SYNOPSIS">SYNOPSIS</a>
<a href="#DESCRIPTION">DESCRIPTION</a>
<a href="#DATA-BAG-SUB-COMMANDS">DATA BAG SUB-COMMANDS</a>
<a href="#CREATE">CREATE</a>
<a href="#DELETE">DELETE</a>
<a href="#EDIT">EDIT</a>
<a href="#FROM-FILE">FROM FILE</a>
<a href="#LIST">LIST</a>
<a href="#SHOW">SHOW</a>
<a href="#ENCRYPTION-SUPPORT">ENCRYPTION SUPPORT</a>
<a href="#SEE-ALSO">SEE ALSO</a>
<a href="#AUTHOR">AUTHOR</a>
<a href="#DOCUMENTATION">DOCUMENTATION</a>
<a href="#CHEF">CHEF</a>
</div>
<ol class='man-decor man-head man head'>
<li class='tl'>knife-data-bag(1)</li>
<li class='tc'>Chef Manual</li>
<li class='tr'>knife-data-bag(1)</li>
</ol>
<h2 id="NAME">NAME</h2>
<p class="man-name">
<code>knife-data-bag</code> - <span class="man-whatis">Store arbitrary data on a Chef Server</span>
</p>
<h2 id="SYNOPSIS">SYNOPSIS</h2>
<p><strong>knife</strong> <strong>data bag</strong> <em>sub-command</em> <em>(options)</em></p>
<h2 id="DESCRIPTION">DESCRIPTION</h2>
<p>Data bags are stores of arbitrary JSON data. Each data bag is a
collection that may contain many items. Data Bag Items are indexed by
the Chef Server and can be searched via <strong>knife-search</strong>(1).</p>
<p>Data bags are available to all nodes configured by <strong>chef-client</strong>(8),
and are therefore a convenient mechanism to store global information,
such as lists of administrative accounts that should be configured on
all hosts.</p>
<h2 id="DATA-BAG-SUB-COMMANDS">DATA BAG SUB-COMMANDS</h2>
<h2 id="CREATE">CREATE</h2>
<p><strong>knife data bag create</strong> <em>bag name</em> [item id] <em>(options)</em></p>
<dl>
<dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd>
<dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt
the data bag item.</dd>
</dl>
<p>If <em>item id</em> is given, creates a new, empty data bag item and opens it for
editing in your editor. The data bag will be created if it does not
exist.</p>
<p>If <em>item id</em> is not given, the data bag will be created.</p>
<h2 id="DELETE">DELETE</h2>
<p><strong>knife data bag delete</strong> <em>bag name</em> [item id] <em>(options)</em></p>
<p>Delete a data bag, or an item from a data bag.</p>
<h2 id="EDIT">EDIT</h2>
<p><strong>knife data bag edit</strong> <em>bag name</em> <em>item id</em> <em>(options)</em></p>
<dl>
<dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd>
<dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt
the data bag item.</dd>
</dl>
<p>Edit an item in a data bag.</p>
<h2 id="FROM-FILE">FROM FILE</h2>
<p><strong>knife data bag from file</strong> <em>bag name</em> <em>file</em> <em>(options)</em></p>
<dl>
<dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd>
<dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt
the data bag item.</dd>
</dl>
<p>Load a data bag item from a JSON file. If <em>file</em> is a relative or
absolute path to the file, that file will be used. Otherwise, the <em>file</em>
parameter is treated as the base name of a data bag file in a Chef
repository, and <code>knife</code> will search for the file in
<code>./data_bags/bag_name/file</code>. For example <code>knife data bag from file users
dan.json</code> would attempt to load the file <code>./data_bags/users/dan.json</code>.</p>
<h2 id="LIST">LIST</h2>
<p><strong>knife data bag list</strong> <em>(options)</em></p>
<dl>
<dt><code>-w</code>, <code>--with-uri</code></dt><dd>Show corresponding URIs</dd>
</dl>
<p>Lists the data bags that exist on the Chef Server.</p>
<h2 id="SHOW">SHOW</h2>
<p><strong>knife data bag show BAG [ITEM]</strong> <em>(options)</em></p>
<dl>
<dt><code>-s</code>, <code>--secret SECRET</code></dt><dd>A secret key used to encrypt the data bag item. See <strong>encryption support</strong> below.</dd>
<dt><code>--secret-file SECRET_FILE</code></dt><dd>The path to a file containing the secret key to be used to encrypt
the data bag item.</dd>
</dl>
<p>Show a specific data bag or an item in a data bag. The output will be
formatted according to the --format option.</p>
<h2 id="ENCRYPTION-SUPPORT">ENCRYPTION SUPPORT</h2>
<p>Data Bag Items may be encrypted to keep their contents secret. This may
be desireable when storing sensitive information such as database
passwords, API keys, etc.</p>
<p>Data Bag Item encryption uses the AES-256 CBC symmetric key algorithm.</p>
<p><strong>CAVEATS:</strong> Keys are not encrypted; only values are encrypted. The "id"
of a Data Bag Item is not encrypted, since it is used by Chef Server to
store the item in its database. For example, given the following data bag item:</p>
<pre><code>{"id": "important_passwords", "secret_password": "opensesame"}
</code></pre>
<p>The key "secret_password" will be visible to an evesdropper, but the
value "opensesame" will be protected. Both the key "id" and its value
"important_passwords" will be visible to an evesdropper.</p>
<p>Chef Server does not provide a secure mechanism for distributing
encryption keys.</p>
<h2 id="SEE-ALSO">SEE ALSO</h2>
<p> <strong>knife-search</strong>(1)</p>
<h2 id="AUTHOR">AUTHOR</h2>
<p> Chef was written by Adam Jacob <a href="mailto:adam@opscode.com" data-bare-link="true">adam@opscode.com</a> with many contributions from the community.</p>
<h2 id="DOCUMENTATION">DOCUMENTATION</h2>
<p> This manual page was written by Joshua Timberman <a href="mailto:joshua@opscode.com" data-bare-link="true">joshua@opscode.com</a>.
Permission is granted to copy, distribute and / or modify this document under the terms of the Apache 2.0 License.</p>
<h2 id="CHEF">CHEF</h2>
<p> Knife is distributed with Chef. http://wiki.opscode.com/display/chef/Home</p>
<ol class='man-decor man-foot man foot'>
<li class='tl'>Chef 0.10.0</li>
<li class='tc'>April 2011</li>
<li class='tr'>knife-data-bag(1)</li>
</ol>
</div>
</body>
</html>
|