1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>chef-client Man Pages — chef-client Man Pages</title>
<link rel="stylesheet" href="_static/guide.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
</head>
<body>
<div style="background-color: #212c35; text-align: left; padding: 0px 0px 0px 0px">
<a href="http://docs.getchef.com/"><img src="_static/chef_html_logo.png" border="0" alt="Chef"/></a>
</div>
<div class="document">
<div class="documentwrapper">
<div class="body">
<div class="section" id="chef-client-man-pages">
<h1>chef-client Man Pages<a class="headerlink" href="#chef-client-man-pages" title="Permalink to this headline">¶</a></h1>
<p>The following command line interfaces are available in the chef-client:</p>
<ul class="simple">
<li><a class="reference internal" href="ctl_chef_client.html"><em>chef-client</em></a></li>
<li><a class="reference internal" href="ctl_chef_server.html"><em>chef-server-ctl</em></a></li>
<li><a class="reference internal" href="ctl_chef_shell.html"><em>chef-shell</em></a></li>
<li><a class="reference internal" href="ctl_chef_solo.html"><em>chef-solo</em></a></li>
<li><a class="reference internal" href="knife.html"><em>knife</em></a></li>
</ul>
<div class="section" id="knife">
<h2>knife<a class="headerlink" href="#knife" title="Permalink to this headline">¶</a></h2>
<p>knife is a command-line tool that provides an interface between a local chef-repo and the Chef server. knife helps users to manage:</p>
<ul class="simple">
<li>Nodes</li>
<li>Cookbooks and recipes</li>
<li>Roles</li>
<li>Stores of JSON data (data bags), including encrypted data</li>
<li>Environments</li>
<li>Cloud resources, including provisioning</li>
<li>The installation of the chef-client on management workstations</li>
<li>Searching of indexed data on the Chef server</li>
</ul>
<p>The following sections describe functionality common to all knife subcommands:</p>
<ul class="simple">
<li><a class="reference internal" href="knife_using.html"><em>Working with Knife</em></a></li>
<li><a class="reference internal" href="knife_common_options.html"><em>Common Options</em></a></li>
</ul>
<p>knife includes the following sub-commands:</p>
<table border="1" class="docutils">
<colgroup>
<col width="25%" />
<col width="75%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Sub-command</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><a class="reference internal" href="knife_bootstrap.html"><em>knife bootstrap</em></a></td>
<td>The <strong>knife bootstrap</strong> subcommand is used to run a bootstrap operation that installs the chef-client on the target system. The bootstrap operation must specify the IP address or FQDN of the target system.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_client.html"><em>knife client</em></a></td>
<td>The <strong>knife client</strong> subcommand is used to manage an API client list and their associated RSA public key-pairs. This allows authentication requests to be made to the Chef server by any entity that uses the Chef server API, such as the chef-client and knife.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_configure.html"><em>knife configure</em></a></td>
<td>The <strong>knife configure</strong> subcommand is used to create the knife.rb and client.rb files so that they can be distributed to workstations and nodes.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_cookbook.html"><em>knife cookbook</em></a></td>
<td>The <strong>knife cookbook</strong> subcommand is used to interact with cookbooks that are located on the Chef server or the local chef-repo.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_cookbook_site.html"><em>knife cookbook site</em></a></td>
<td>The <strong>knife cookbook site</strong> subcommand is used to interact with cookbooks that are located at <a class="reference external" href="https://supermarket.getchef.com/cookbooks">https://supermarket.getchef.com/cookbooks</a>. A user account is required for any community actions that write data to this site. The following arguments do not require a user account: <tt class="docutils literal"><span class="pre">download</span></tt>, <tt class="docutils literal"><span class="pre">search</span></tt>, <tt class="docutils literal"><span class="pre">install</span></tt>, and <tt class="docutils literal"><span class="pre">list</span></tt>.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_data_bag.html"><em>knife data bag</em></a></td>
<td>The <strong>knife data bag</strong> subcommand is used to manage arbitrary stores of globally available JSON data.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_delete.html"><em>knife delete</em></a></td>
<td>The <strong>knife delete</strong> subcommand is used to delete an object from a Chef server. This subcommand works similar to <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">cookbook</span> <span class="pre">delete</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">data</span> <span class="pre">bag</span> <span class="pre">delete</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">environment</span> <span class="pre">delete</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">node</span> <span class="pre">delete</span></tt>, and <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">role</span> <span class="pre">delete</span></tt>, but with a single verb (and a single action).</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_deps.html"><em>knife deps</em></a></td>
<td>The <strong>knife deps</strong> subcommand is used to identify dependencies for a node, role, or cookbook.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_diff.html"><em>knife diff</em></a></td>
<td>The <strong>knife diff</strong> subcommand is used to compare the differences between files and directories on the Chef server and in the chef-repo. For example, to compare files on the Chef server prior to an uploading or downloading files using the <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">download</span></tt> and <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">upload</span></tt> subcommands, or to ensure that certain files in multiple production environments are the same. This subcommand is similar to the <tt class="docutils literal"><span class="pre">git</span> <span class="pre">diff</span></tt> command that can be used to diff what is in the chef-repo with what is synced to a git repository.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_download.html"><em>knife download</em></a></td>
<td>The <strong>knife download</strong> subcommand is used to download roles, cookbooks, environments, nodes, and data bags from the Chef server to the current working directory. It can be used to back up data on the Chef server, inspect the state of one or more files, or to extract out-of-process changes users may have made to files on the Chef server, such as if a user made a change that bypassed version source control. This subcommand is often used in conjunction with <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">diff</span></tt>, which can be used to see exactly what changes will be downloaded, and then <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">upload</span></tt>, which does the opposite of <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">download</span></tt>.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_edit.html"><em>knife edit</em></a></td>
<td>The <strong>knife edit</strong> subcommand is used to edit objects on the Chef server. This subcommand works similar to <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">cookbook</span> <span class="pre">edit</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">data</span> <span class="pre">bag</span> <span class="pre">edit</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">environment</span> <span class="pre">edit</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">node</span> <span class="pre">edit</span></tt>, and <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">role</span> <span class="pre">edit</span></tt>, but with a single verb (and a single action).</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_environment.html"><em>knife environment</em></a></td>
<td>The <strong>knife environment</strong> subcommand is used to manage environments within a single organization on the Chef server.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_exec.html"><em>knife exec</em></a></td>
<td>The <strong>knife exec</strong> subcommand uses the knife configuration file to execute Ruby scripts in the context of a fully configured chef-client. This subcommand is most often used to run scripts that will only access Chef server one time (or otherwise very infrequently). Use this subcommand any time that an operation does not warrant full usage of the knife subcommand library.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_index_rebuild.html"><em>knife index rebuild</em></a></td>
<td>The <strong>knife index rebuild</strong> subcommand is used to rebuild the search indexes for the open source Chef server. This operation is destructive and may take some time.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_list.html"><em>knife list</em></a></td>
<td>The <strong>knife list</strong> subcommand is used to view a list of objects on the Chef server. This subcommand works similar to <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">cookbook</span> <span class="pre">list</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">data</span> <span class="pre">bag</span> <span class="pre">list</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">environment</span> <span class="pre">list</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">node</span> <span class="pre">list</span></tt>, and <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">role</span> <span class="pre">list</span></tt>, but with a single verb (and a single action).</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_node.html"><em>knife node</em></a></td>
<td>The <strong>knife node</strong> subcommand is used to manage the nodes that exist on a Chef server.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_raw.html"><em>knife raw</em></a></td>
<td>The <strong>knife raw</strong> subcommand is used to send a REST request to a specified path using the Chef server API.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_recipe_list.html"><em>knife recipe list</em></a></td>
<td>The <strong>knife recipe list</strong> subcommand is used to view all of the recipes that are on a Chef server. A regular expression can be used to limit the results to recipes that match a specific pattern. The regular expression must be within quotes and not be surrounded by forward slashes (/).</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_role.html"><em>knife role</em></a></td>
<td>The <strong>knife role</strong> subcommand is used to manage the roles that are associated with one or more nodes on a Chef server.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_search.html"><em>knife search</em></a></td>
<td>The <strong>knife search</strong> subcommand is used run a search query for information that is indexed on a Chef server.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_serve.html"><em>knife serve</em></a></td>
<td>The <strong>knife serve</strong> subcommand is used to run a persistent chef-zero against the local chef-repo. (chef-zero is a lightweight Chef server that runs in-memory on the local machine.) This is the same as running the chef-client executable with the <tt class="docutils literal"><span class="pre">--local-mode</span></tt> option. The <tt class="docutils literal"><span class="pre">chef_repo_path</span></tt> is located automatically and the Chef server will bind to the first available port between <tt class="docutils literal"><span class="pre">8889</span></tt> and <tt class="docutils literal"><span class="pre">9999</span></tt>. <strong>knife serve</strong> will print the URL for the local Chef server, so that it may be added to the knife.rb file.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_show.html"><em>knife show</em></a></td>
<td>The <strong>knife show</strong> subcommand is used to view the details of one (or more) objects on the Chef server. This subcommand works similar to <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">cookbook</span> <span class="pre">show</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">data</span> <span class="pre">bag</span> <span class="pre">show</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">environment</span> <span class="pre">show</span></tt>, <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">node</span> <span class="pre">show</span></tt>, and <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">role</span> <span class="pre">show</span></tt>, but with a single verb (and a single action).</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_ssh.html"><em>knife ssh</em></a></td>
<td>The <strong>knife ssh</strong> subcommand is used to invoke SSH commands (in parallel) on a subset of nodes within an organization, based on the results of a <a class="reference external" href="http://docs.opscode.com/essentials_search.html">search query</a> made to the Chef server.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_ssl_check.html"><em>knife ssl check</em></a></td>
<td><p class="first">The <strong>knife ssl check</strong> subcommand is used to verify the SSL configuration for the Enterprise Chef and/or Open Source Chef servers, or at another location specified by a URL or URI.</p>
<div class="last admonition warning">
<p class="first admonition-title">Warning</p>
<p class="last">When verification of a remote server’s SSL certificate is disabled, the chef-client will issue a warning similar to “SSL validation of HTTPS requests is disabled. HTTPS connections are still encrypted, but the chef-client is not able to detect forged replies or man-in-the-middle attacks.” To configure SSL for the chef-client, set <tt class="docutils literal"><span class="pre">ssl_verify_mode</span></tt> to <tt class="docutils literal"><span class="pre">:verify_peer</span></tt> (recommended) <strong>or</strong> <tt class="docutils literal"><span class="pre">verify_api_cert</span></tt> to <tt class="docutils literal"><span class="pre">true</span></tt> in the client.rb file.</p>
</div>
</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_ssl_fetch.html"><em>knife ssl fetch</em></a></td>
<td><p class="first">The <strong>knife ssl fetch</strong> subcommand is used to copy SSL certificates from an HTTPS server to the <tt class="docutils literal"><span class="pre">trusted_certs_dir</span></tt> directory that is used by knife and the chef-client to store trusted SSL certificates. When these certificates match the hostname of the remote server, running <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">ssl</span> <span class="pre">fetch</span></tt> is the only step required to verify a remote server that is accessed by either knife or the chef-client.</p>
<div class="last admonition warning">
<p class="first admonition-title">Warning</p>
<p class="last">It is the user’s responsibility to verify the authenticity of every SSL certificate before downloading it to the <tt class="docutils literal"><span class="pre">trusted_certs_dir</span></tt> directory. knife will use any certificate in that directory as if it is a 100% trusted and authentic SSL certificate. knife will not be able to determine if any certificate in this directory has been tampered with, is forged, malicious, or otherwise harmful. Therefore it is essential that users take the proper steps before downloading certificates into this directory.</p>
</div>
</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_status.html"><em>knife status</em></a></td>
<td>The <strong>knife status</strong> subcommand is used to display a brief summary of the nodes on a Chef server, including the time of the most recent successful chef-client run.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_tag.html"><em>knife tag</em></a></td>
<td>The <strong>knife tag</strong> subcommand is used to apply tags to nodes on a Chef server.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_upload.html"><em>knife upload</em></a></td>
<td>The <strong>knife upload</strong> subcommand is used to upload roles, cookbooks, environments, and data bags to the Chef server from the current working directory in the chef-repo. This subcommand is often used in conjunction with <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">diff</span></tt>, which can be used to see exactly what changes will be uploaded, and then <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">download</span></tt>, which does the opposite of <tt class="docutils literal"><span class="pre">knife</span> <span class="pre">upload</span></tt>.</td>
</tr>
<tr class="row-even"><td><a class="reference internal" href="knife_user.html"><em>knife user</em></a></td>
<td>The <strong>knife user</strong> subcommand is used to manage the list of users and their associated RSA public key-pairs.</td>
</tr>
<tr class="row-odd"><td><a class="reference internal" href="knife_xargs.html"><em>knife xargs</em></a></td>
<td>The <strong>knife xargs</strong> subcommand is used to take patterns from standard input, download as JSON, run a command against the downloaded JSON, and then upload any changes.</td>
</tr>
</tbody>
</table>
<div class="toctree-wrapper compound">
</div>
</div>
</div>
</div>
</div>
<div class="clearer"></div>
</div>
</body>
</html>
|