1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>knife client — chef-client Man Pages</title>
<link rel="stylesheet" href="_static/guide.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: './',
VERSION: '',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
</head>
<body>
<div style="background-color: #212c35; text-align: left; padding: 0px 0px 0px 0px">
<a href="http://docs.getchef.com/"><img src="_static/chef_html_logo.png" border="0" alt="Chef"/></a>
</div>
<div class="document">
<div class="documentwrapper">
<div class="body">
<div class="section" id="knife-client">
<h1>knife client<a class="headerlink" href="#knife-client" title="Permalink to this headline">¶</a></h1>
<p>The <strong>knife client</strong> subcommand is used to manage an API client list and their associated RSA public key-pairs. This allows authentication requests to be made to the Chef server by any entity that uses the Chef server API, such as the chef-client and knife.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Review the list of <a class="reference internal" href="knife_common_options.html"><em>common options</em></a> available to this (and all) knife subcommands and plugins.</p>
</div>
<div class="section" id="bulk-delete">
<h2>bulk delete<a class="headerlink" href="#bulk-delete" title="Permalink to this headline">¶</a></h2>
<p>The <tt class="docutils literal"><span class="pre">bulk</span> <span class="pre">delete</span></tt> argument is used to delete any API client that matches a pattern defined by a regular expression. The regular expression must be within quotes and not be surrounded by forward slashes (<tt class="docutils literal"><span class="pre">/</span></tt>).</p>
<div class="section" id="syntax">
<h3>Syntax<a class="headerlink" href="#syntax" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following syntax:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client bulk delete REGEX
</pre></div>
</div>
</div>
<div class="section" id="options">
<h3>Options<a class="headerlink" href="#options" title="Permalink to this headline">¶</a></h3>
<p>This command does not have any specific options.</p>
</div>
<div class="section" id="examples">
<h3>Examples<a class="headerlink" href="#examples" title="Permalink to this headline">¶</a></h3>
<p>None.</p>
</div>
</div>
<div class="section" id="create">
<h2>create<a class="headerlink" href="#create" title="Permalink to this headline">¶</a></h2>
<p>The <tt class="docutils literal"><span class="pre">create</span></tt> argument is used to create a new API client. This process will generate an RSA key pair for the named API client. The public key will be stored on the Chef server and the private key will be displayed on <tt class="docutils literal"><span class="pre">STDOUT</span></tt> or written to a named file.</p>
<ul class="simple">
<li>For the chef-client, the private key should be copied to the system as <tt class="docutils literal"><span class="pre">/etc/chef/client.pem</span></tt>.</li>
<li>For knife, the private key is typically copied to <tt class="docutils literal"><span class="pre">~/.chef/client_name.pem</span></tt> and referenced in the knife.rb configuration file.</li>
</ul>
<div class="section" id="id1">
<h3>Syntax<a class="headerlink" href="#id1" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following syntax:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client create CLIENT_NAME <span class="o">(</span>options<span class="o">)</span>
</pre></div>
</div>
</div>
<div class="section" id="id2">
<h3>Options<a class="headerlink" href="#id2" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following options:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">-a</span></tt>, <tt class="docutils literal"><span class="pre">--admin</span></tt></dt>
<dd>Use to create a client as an admin client. This is required for any user to access Open Source Chef as an administrator. This option only works when used with the open source Chef server and will have no effect when used with Enterprise Chef.</dd>
<dt><tt class="docutils literal"><span class="pre">-f</span> <span class="pre">FILE</span></tt>, <tt class="docutils literal"><span class="pre">--file</span> <span class="pre">FILE</span></tt></dt>
<dd>Use to save a private key to the specified file name.</dd>
<dt><tt class="docutils literal"><span class="pre">--validator</span></tt></dt>
<dd>Use to create the client as the chef-validator. Default value: <tt class="docutils literal"><span class="pre">true</span></tt>.</dd>
</dl>
</div>
<div class="section" id="id3">
<h3>Examples<a class="headerlink" href="#id3" title="Permalink to this headline">¶</a></h3>
<p>The following examples show how to use this knife subcommand:</p>
<p><strong>Create an admin client</strong></p>
<p>To create a chef-client that can access the Chef server API as an administrator—sometimes referred to as an “API chef-client”—with the name “exampleorg” and save its private key to a file, enter:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client create exampleorg -a -f <span class="s2">"/etc/chef/client.pem"</span>
</pre></div>
</div>
<p><strong>Create an admin client for Enterprise Chef</strong></p>
<p>When running the <tt class="docutils literal"><span class="pre">create</span></tt> argument on Enterprise Chef, be sure to omit the <tt class="docutils literal"><span class="pre">-a</span></tt> option:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client create exampleorg -f <span class="s2">"/etc/chef/client.pem"</span>
</pre></div>
</div>
</div>
</div>
<div class="section" id="delete">
<h2>delete<a class="headerlink" href="#delete" title="Permalink to this headline">¶</a></h2>
<p>The <tt class="docutils literal"><span class="pre">delete</span></tt> argument is used to delete a registered API client.</p>
<div class="section" id="id4">
<h3>Syntax<a class="headerlink" href="#id4" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following syntax:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client delete CLIENT_NAME
</pre></div>
</div>
</div>
<div class="section" id="id5">
<h3>Options<a class="headerlink" href="#id5" title="Permalink to this headline">¶</a></h3>
<p>This command does not have any specific options.</p>
</div>
<div class="section" id="id6">
<h3>Examples<a class="headerlink" href="#id6" title="Permalink to this headline">¶</a></h3>
<p>The following examples show how to use this knife subcommand:</p>
<p><strong>Delete a client</strong></p>
<p>To delete a client with the name “client_foo”, enter:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client delete client_foo
</pre></div>
</div>
<p>Type <tt class="docutils literal"><span class="pre">Y</span></tt> to confirm a deletion.</p>
</div>
</div>
<div class="section" id="edit">
<h2>edit<a class="headerlink" href="#edit" title="Permalink to this headline">¶</a></h2>
<p>The <tt class="docutils literal"><span class="pre">edit</span></tt> argument is used to edit the details of a registered API client. When this argument is run, knife will open $EDITOR to enable editing of the <tt class="docutils literal"><span class="pre">admin</span></tt> attribute. (None of the other attributes should be changed using this argument.) When finished, knife will update the Chef server with those changes.</p>
<div class="section" id="id7">
<h3>Syntax<a class="headerlink" href="#id7" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following syntax:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client edit CLIENT_NAME
</pre></div>
</div>
</div>
<div class="section" id="id8">
<h3>Options<a class="headerlink" href="#id8" title="Permalink to this headline">¶</a></h3>
<p>This command does not have any specific options.</p>
</div>
<div class="section" id="id9">
<h3>Examples<a class="headerlink" href="#id9" title="Permalink to this headline">¶</a></h3>
<p>The following examples show how to use this knife subcommand:</p>
<p><strong>Edit a client</strong></p>
<p>To edit a client with the name “exampleorg”, enter:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client edit exampleorg
</pre></div>
</div>
</div>
</div>
<div class="section" id="list">
<h2>list<a class="headerlink" href="#list" title="Permalink to this headline">¶</a></h2>
<p>The <tt class="docutils literal"><span class="pre">list</span></tt> argument is used to view a list of registered API client.</p>
<div class="section" id="id10">
<h3>Syntax<a class="headerlink" href="#id10" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following syntax:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client list <span class="o">(</span>options<span class="o">)</span>
</pre></div>
</div>
</div>
<div class="section" id="id11">
<h3>Options<a class="headerlink" href="#id11" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following options:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">-w</span></tt>, <tt class="docutils literal"><span class="pre">--with-uri</span></tt></dt>
<dd>Use to show the corresponding URIs.</dd>
</dl>
</div>
<div class="section" id="id12">
<h3>Examples<a class="headerlink" href="#id12" title="Permalink to this headline">¶</a></h3>
<p>The following examples show how to use this knife subcommand:</p>
<p><strong>View a list of clients</strong></p>
<p>To verify the API client list for the Chef server, enter:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client list
</pre></div>
</div>
<p>to return something similar to:</p>
<div class="highlight-bash"><div class="highlight"><pre>exampleorg
i-12345678
rs-123456
</pre></div>
</div>
<p>To verify that an API client can authenticate to the
Chef server correctly, try getting a list of clients using <tt class="docutils literal"><span class="pre">-u</span></tt> and <tt class="docutils literal"><span class="pre">-k</span></tt> options to specify its name and private key:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client list -u ORGNAME -k .chef/ORGNAME.pem
</pre></div>
</div>
</div>
</div>
<div class="section" id="reregister">
<h2>reregister<a class="headerlink" href="#reregister" title="Permalink to this headline">¶</a></h2>
<p>The <tt class="docutils literal"><span class="pre">reregister</span></tt> argument is used to regenerate an RSA key pair for an API client. The public key will be stored on the Chef server and the private key will be displayed on <tt class="docutils literal"><span class="pre">STDOUT</span></tt> or written to a named file.</p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">Running this argument will invalidate the previous RSA key pair, making it unusable during authentication to the Chef server.</p>
</div>
<div class="section" id="id13">
<h3>Syntax<a class="headerlink" href="#id13" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following syntax:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client reregister CLIENT_NAME <span class="o">(</span>options<span class="o">)</span>
</pre></div>
</div>
</div>
<div class="section" id="id14">
<h3>Options<a class="headerlink" href="#id14" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following options:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">-f</span> <span class="pre">FILE_NAME</span></tt>, <tt class="docutils literal"><span class="pre">--file</span> <span class="pre">FILE_NAME</span></tt></dt>
<dd>Use to save a private key to the specified file name.</dd>
</dl>
</div>
<div class="section" id="id15">
<h3>Examples<a class="headerlink" href="#id15" title="Permalink to this headline">¶</a></h3>
<p>The following examples show how to use this knife subcommand:</p>
<p><strong>Reregister clients</strong></p>
<p>To regenerate the RSA key pair for a client named “testclient” and save it to a file named “rsa_key”, enter:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client regenerate testclient -f rsa_key
</pre></div>
</div>
</div>
</div>
<div class="section" id="show">
<h2>show<a class="headerlink" href="#show" title="Permalink to this headline">¶</a></h2>
<p>The <tt class="docutils literal"><span class="pre">show</span></tt> argument is used to show the details of an API client.</p>
<div class="section" id="id16">
<h3>Syntax<a class="headerlink" href="#id16" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following syntax:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client show CLIENT_NAME <span class="o">(</span>options<span class="o">)</span>
</pre></div>
</div>
</div>
<div class="section" id="id17">
<h3>Options<a class="headerlink" href="#id17" title="Permalink to this headline">¶</a></h3>
<p>This argument has the following options:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">-a</span> <span class="pre">ATTR</span></tt>, <tt class="docutils literal"><span class="pre">--attribute</span> <span class="pre">ATTR</span></tt></dt>
<dd>The attribute (or attributes) to show.</dd>
</dl>
</div>
<div class="section" id="id18">
<h3>Examples<a class="headerlink" href="#id18" title="Permalink to this headline">¶</a></h3>
<p>The following examples show how to use this knife subcommand:</p>
<p><strong>Show clients</strong></p>
<p>To view a client named “testclient”, enter:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife client show testclient
</pre></div>
</div>
<p>to return something like:</p>
<div class="highlight-bash"><div class="highlight"><pre>admin: <span class="nb">false</span>
chef_type: client
json_class: Chef::ApiClient
name: testclient
public_key:
</pre></div>
</div>
<p>To view information in JSON format, use the <tt class="docutils literal"><span class="pre">-F</span></tt> common option as part of the command like this:</p>
<div class="highlight-bash"><div class="highlight"><pre><span class="nv">$ </span>knife role show devops -F json
</pre></div>
</div>
<p>Other formats available include <tt class="docutils literal"><span class="pre">text</span></tt>, <tt class="docutils literal"><span class="pre">yaml</span></tt>, and <tt class="docutils literal"><span class="pre">pp</span></tt>.</p>
</div>
</div>
</div>
</div>
</div>
<div class="clearer"></div>
</div>
</body>
</html>
|