knife-client(1) [debian man page]
KNIFE-CLIENT(1) Chef Manual KNIFE-CLIENT(1) NAME
knife-client - Manage Chef API Clients SYNOPSIS
knife client sub-command (options) SUB-COMMANDS Client subcommands follow a basic create, read, update, delete (CRUD) pattern. The Following subcommands are available: BULK DELETE
knife client bulk delete regex (options) Delete clients where the client name matches the regular expression regex on the Chef Server. The regular expression should be given as a quoted string, and not surrounded by forward slashes. CREATE
knife client create client name (options) -a, --admin Create the client as an admin -f, --file FILE Write the key to a file Create a new client. This generates an RSA keypair. The private key will be displayed on STDOUT or written to the named file. The public half will be stored on the Server. For chef-client systems, the private key should be copied to the system as /etc/chef/client.pem. Admin clients should be created for users that will use knife to access the API as an administrator. The private key will generally be copied to ~/.chef/client\_name.pem and referenced in the knife.rb configuration file. DELETE
knife client delete client name (options) Deletes a registered client. EDIT
client edit client name (options) Edit a registered client. LIST
client list (options) -w, --with-uri Show corresponding URIs List all registered clients. REREGISTER
client reregister client name (options) -f, --file FILE Write the key to a file Regenerate the RSA keypair for a client. The public half will be stored on the server and the private key displayed on STDOUT or written to the named file. This operation will invalidate the previous keypair used by the client, preventing it from authenticating with the Chef Server. Use care when reregistering the validator client. SHOW
client show client name (options) -a, --attribute ATTR Show only one attribute Show a client. Output format is determined by the --format option. DESCRIPTION
Clients are identities used for communication with the Chef Server API, roughly equivalent to user accounts on the Chef Server, except that clients only communicate with the Chef Server API and are authenticated via request signatures. In the typical case, there will be one client object on the server for each node, and the corresponding client and node will have identical names. In the Chef authorization model, there is one special client, the "validator", which is authorized to create new non-administrative clients but has minimal privileges otherwise. This identity is used as a sort of "guest account" to create a client identity when initially setting up a host for management with Chef. SEE ALSO
knife-node(1) AUTHOR
Chef was written by Adam Jacob adam@opscode.com with many contributions from the community. DOCUMENTATION
This manual page was written by Joshua Timberman joshua@opscode.com. Permission is granted to copy, distribute and / or modify this docu- ment under the terms of the Apache 2.0 License. CHEF
Knife is distributed with Chef. http://wiki.opscode.com/display/chef/Home Chef 10.12.0 June 2012 KNIFE-CLIENT(1)
Check Out this Related Man Page
KNIFE-NODE(1) Chef Manual KNIFE-NODE(1) NAME
knife-node - Manage the hosts in your infrastructure SYNOPSIS
knife node sub-command (options) DESCRIPTION
Nodes are data structures that represent hosts configured with Chef. Nodes have a name, a String that uniquely identifies the node, attributes, a nested Hash of properties that describe how the host should be configured, a chef_environment, a String representing the environment to which the node belongs, and a run_list, an ordered list of recipes or roles that chef-client should apply when configuring a host. When a host communicates with a Chef Server, it authenticates using its node_name for identification and signs its reqests with a private key. The Server validates the request by looking up a client object with a name identical to the node_name submitted with the request and verifes the signature using the public key for that client object. NOTE that the client is a different object in the system. It is associ- ated with a node by virtue of having a matching name. By default chef-client(8) will create a node using the FQDN of the host for the node name, though this may be overridden by configuration settings. NODE SUB-COMMANDS The following node subcommands are available: BULK DELETE
knife node bulk delete regex (options) Deletes nodes for which the name matches the regular expression regex on the Chef Server. The regular expression should be given in quotes, and should not be surrounded with forward slashes (as is typical of regular expression literals in scripting languages). CREATE
knife node create name (options) Create a new node. Unless the --disable-editing option is given, an empty node object will be created and displayed in your text editor. If the editor exits with a successful exit status, the node data will be posted to the Chef Server to create the node. DELETE
knife node delete name (options) Deletes the node identified by name on the Chef Server. EDIT
knife node edit name (options) -a, --all Display all node data in the editor. By default, default, override, and automatic attributes are not shown. Edit the node identified by name. Like knife node create, the node will be displayed in your text editor unless the -n option is present. FROM FILE
knife node from file file (options) Create a node from a JSON format file. LIST
knife node list (options) -w, --with-uri Show corresponding URIs List all nodes. RUN_LIST ADD knife node run_list add name run list item (options) -a, --after ITEM Place the ENTRY in the run list after ITEM Add the run list item to the node's run_list. See Run list RUN_LIST REMOVE knife node run_list remove node name run list item (options) Remove the run list item from the node's run_list. SHOW
knife node show node name (options) -a, --attribute [ATTR] Show only one attribute -r, --run-list Show only the run list -F, --format FORMAT Display the node in a different format. -m, --medium Display more, but not all, of the node's data when using the default summary format Displays the node identified by node name on stdout. RUN LIST ITEM FORMAT
Run list items may be either roles or recipes. When adding a role to a run list, the correct syntax is "role[ROLE_NAME]" When adding a recipe to a run list, there are several valid formats: Fully Qualified Format "recipe[COOKBOOK::RECIPE_NAME]", for example, "recipe[chef::client]" Cookbook Recipe Format For brevity, the recipe part of the fully qualified format may be omitted, and recipes specified as "COOKBOOK::RECIPE_NAME", e.g., "chef::client" Default Recipe Format When adding the default recipe of a cookbook to a run list, the recipe name may be omitted as well, e.g., "chef::default" may be written as just "chef" SEE ALSO
knife-client(1) knife-search(1) knife-role(1) AUTHOR
Chef was written by Adam Jacob adam@opscode.com with many contributions from the community. DOCUMENTATION
This manual page was written by Joshua Timberman joshua@opscode.com. Permission is granted to copy, distribute and / or modify this docu- ment under the terms of the Apache 2.0 License. CHEF
Knife is distributed with Chef. http://wiki.opscode.com/display/chef/Home Chef 10.12.0 June 2012 KNIFE-NODE(1)