Bootstrap a node<\/strong><\/p>\n\n\n\n Bootstrap a node: Use an SSH password and sudo whereas –sudo for execute a bootstrap operation with sudo.<\/strong><\/p>\n\n\n\n Bootstrap a node: Use an SSH password and sudo whereas –sudo for execute a bootstrap operation with sudo and –use-sudo-password for Perform a bootstrap operation with sudo<\/strong> Bootstrap a node: using ssh user and password<\/strong><\/p>\n\n\n\n Bootstrap a node: using SSH identify file, for example ~\/.ssh\/my.pem<\/strong><\/p>\n\n\n\n Bootstrap a node: Use a file that contains a private key<\/strong><\/p>\n\n\n\n Bootstrap a node: Fetch and execute an installation script from a URL<\/strong><\/p>\n\n\n\n Bootstrap a node: Specify options when using cURL<\/strong><\/p>\n\n\n\n Bootstrap a node: Specify options when using GNU Wget<\/strong><\/p>\n\n\n\n Bootstrap a node: Specify a custom installation command sequence<\/strong><\/p>\n\n\n\n Bootstrap a node: Bootstrap a local virtual machine using a forwarded port<\/strong> Delete a cookbook<\/strong><\/p>\n\n\n\n Download a cookbook<\/strong><\/p>\n\n\n\n View a list of cookbooks<\/strong><\/p>\n\n\n\n Generate metadata<\/strong><\/p>\n\n\n\n Show cookbook data<\/strong><\/p>\n\n\n\n Test a cookbook<\/strong><\/p>\n\n\n\n Upload a cookbook<\/strong><\/p>\n\n\n\n Use the knife download subcommand to download roles, cookbooks, environments, nodes, and data bags from the Chef server to the current working directory. It can be used to back up data on the Chef server, inspect the state of one or more files, or to extract out-of-process changes users may have made to files on the Chef server, such as if a user made a change that bypassed version source control.<\/strong> Download the \/cookbooks directory<\/strong><\/p>\n\n\n\n Download the \/environments directory<\/strong><\/p>\n\n\n\n Download the \/roles directory<\/strong><\/p>\n\n\n\n Download cookbooks and roles<\/strong><\/p>\n\n\n\n The knife node subcommand is used to manage the nodes that exist on a Chef server.<\/strong> Delete a node<\/strong><\/p>\n\n\n\n Edit a node<\/strong><\/p>\n\n\n\n Delete all the chef nodes<\/strong><\/p>\n\n\n\n Create a node using a JSON file<\/strong><\/p>\n\n\n\n View a list of nodes<\/strong><\/p>\n\n\n\n Add a role<\/strong><\/p>\n\n\n\n Add roles and recipes<\/strong><\/p>\n\n\n\n Add a recipe with a FQDN<\/strong><\/p>\n\n\n\n Add a recipe with a cookbook<\/strong><\/p>\n\n\n\n Add the default recipe<\/strong><\/p>\n\n\n\n A role is a way to define certain patterns and processes that exist across nodes in an organization as belonging to a single job function. Each role consists of zero (or more) attributes and a run-list. Each node can have zero (or more) roles assigned to it. When a role is run against a node, the configuration details of that node are compared against the attributes of the role, and then the contents of that role\u2019s run-list are applied to the node\u2019s configuration details. When a chef-client runs, it merges its own attributes and run-lists with those contained within each assigned role.<\/strong> Create a role using JSON data<\/strong><\/p>\n\n\n\n Delete a role<\/strong><\/p>\n\n\n\n Edit a role<\/strong><\/p>\n\n\n\n View a list of roles<\/strong><\/p>\n\n\n\n Use the show argument to view the details of a role.<\/strong><\/p>\n\n\n\n The knife client subcommand is used to manage an API client list and their associated RSA public key-pairs. This allows authentication requests to be made to the Chef server by any entity that uses the Chef server API, such as the chef-client and knife.<\/strong> To delete a client with the name \u201cclient_foo\u201d, enter:<\/strong><\/p>\n\n\n\n To edit a client with the name \u201cexampleorg\u201d, enter:<\/strong><\/p>\n\n\n\n Use the knife configure subcommand to create the knife.rb and client.rb files so that they can be distributed to workstations and nodes.<\/strong> The following examples show how to use this knife subcommand: Configure client.rb<\/strong><\/p>\n\n\n\n Use the knife delete subcommand to delete an object from a Chef server. This subcommand works similar to knife cookbook delete, knife data bag delete, knife environment delete, knife node delete, and knife role delete, but with a single verb (and a single action).<\/strong><\/p>\n\n\n\n Use the knife list subcommand to view a list of objects on the Chef server. This subcommand works similar to knife cookbook list, knife data bag list, knife environment list, knife node list, and knife role list, but with a single verb (and a single action).<\/strong><\/p>\n\n\n\n Use the knife ssh subcommand to invoke SSH commands (in parallel) on a subset of nodes within an organization, based on the results of a search query made to the Chef server.<\/strong> Run the chef-client on all nodes<\/strong><\/p>\n\n\n\n To force a chef-client run on all of the web servers running Ubuntu on the Amazon EC2 platform, enter:<\/strong><\/p>\n\n\n\n To query for all nodes that have the webserver role and then use SSH to run the command sudo chef-client, enter:<\/strong><\/p>\n\n\n\n Upgrade all nodes<\/strong><\/p>\n\n\n\n Use the knife ssl check subcommand to verify the SSL configuration for the Chef server or a location specified by a URL or URI. Invalid certificates will not be used by OpenSSL.<\/strong> The SSL certificates that are used by the chef-client may be verified by specifying the path to the client.rb file. Use the –config option (that is available to any knife command) to specify this path:<\/strong><\/p>\n\n\n\n Verify an external server\u2019s SSL certificate<\/strong><\/p>\n\n\n\n Use the knife ssl fetch subcommand to copy SSL certificates from an HTTPS server to the trusted_certs_dir directory that is used by knife and the chef-client to store trusted SSL certificates. When these certificates match the hostname of the remote server, running knife ssl fetch is the only step required to verify a remote server that is accessed by either knife or the chef-client.<\/strong><\/p>\n\n\n\n Fetch the SSL certificates used by Knife from the Chef server<\/strong><\/p>\n\n\n\n Use the knife status subcommand to display a brief summary of the nodes on a Chef server, including the time of the most recent successful chef-client run.<\/strong> To show the status for nodes on which the chef-client did not run successfully within the past hour, enter:<\/strong><\/p>\n\n\n\n To show the status of a subset of nodes that are returned by a specific query, enter:<\/strong><\/p>\n\n\n\n View status for all nodes<\/strong><\/p>\n\n\n\n1
$ knife bootstrap 12.34.56.789 -P vanilla -x root -r 'recipe[apt],recipe[xfs],recipe[vim]'<\/code><\/pre>\n\n\n\n1
$ knife bootstrap 192.168.1.1 -x username -P PASSWORD --sudo<\/code><\/pre>\n\n\n\n
Also, specify the name and run list<\/strong><\/p>\n\n\n\n1
$ knife bootstrap 192.168.1.1 -x username -P PASSWORD --sudo --use-sudo-password --node-name node1 --run-list 'recipe[learn_chef_httpd]'<\/code><\/pre>\n\n\n\n1
$knife bootstrap ADDRESS --ssh-user USER --ssh-password 'PASSWORD' --sudo --use-sudo-password --node-name node1<\/code><\/pre>\n\n\n\n1
$knife bootstrap ADDRESS --ssh-user USER --sudo --identity-file IDENTITY_FILE --node-name node1<\/code><\/pre>\n\n\n\n1
$ knife bootstrap 192.168.1.1 -x username -i ~\/.ssh\/id_rsa --sudo<\/code><\/pre>\n\n\n\n1
$ knife bootstrap --bootstrap-install-sh http:\/\/mycustomserver.com\/custom_install_chef_script.sh<\/code><\/pre>\n\n\n\n1
$ knife bootstrap --bootstrap-curl-options \"--proxy http:\/\/myproxy.com:8080\"<\/code><\/pre>\n\n\n\n1
$ knife bootstrap --bootstrap-wget-options \"-e use_proxy=yes -e http:\/\/myproxy.com:8080\"<\/code><\/pre>\n\n\n\n1
$ knife bootstrap --bootstrap-install-command \"curl -l http:\/\/mycustomserver.com\/custom_install_chef_script.sh | sudo bash -s --\"<\/code><\/pre>\n\n\n\n
Replace PORT with your SSH forwarded port, for example, 2222, and IDENTITY_FILE with your SSH identify file, for example \/home\/user\/.vagrant\/machines\/default\/virtualbox\/private_key.<\/strong><\/p>\n\n\n\n1
$knife bootstrap localhost --ssh-port PORT --ssh-user vagrant --sudo --identity-file IDENTITY_FILE --node-name node1<\/code><\/pre>\n\n\n\nknife cookbook<\/h3>\n\n\n\n
1
$ knife cookbook delete cookbook-name<\/code><\/pre>\n\n\n\n1
$ knife cookbook delete cookbook-name 0.8<\/code><\/pre>\n\n\n\n1
$ knife cookbook download cookbook-name<\/code><\/pre>\n\n\n\n1
$ knife cookbook list<\/code><\/pre>\n\n\n\n1
$ knife cookbook metadata -a<\/code><\/pre>\n\n\n\n1
$ knife cookbook show cookbook-name<\/code><\/pre>\n\n\n\n1
$ knife cookbook test cookbook_name<\/code><\/pre>\n\n\n\n1
$ knife cookbook upload cookbook_name<\/code><\/pre>\n\n\n\nknife download<\/h3>\n\n\n\n
Download the entire chef-repo<\/strong><\/p>\n\n\n\n1
$ knife download \/<\/code><\/pre>\n\n\n\n1
$ knife download cookbooks<\/code><\/pre>\n\n\n\n1
$ knife download environments<\/code><\/pre>\n\n\n\n1
$ knife download roles<\/code><\/pre>\n\n\n\n1
$ knife download cookbooks\/apache\\* roles\/webserver.json<\/code><\/pre>\n\n\n\nknife node<\/h3>\n\n\n\n
Create a node<\/strong><\/p>\n\n\n\n1
$ knife node create node1<\/code><\/pre>\n\n\n\n1
$ knife node delete node1<\/code><\/pre>\n\n\n\n1
$ knife node edit node1 -a<\/code><\/pre>\n\n\n\n123456
\n$ knife node bulk delete ip*\n$ knife node bulk delete \"^[0-9]{3}$\"\n$ knife node bulk delete .\n \n <\/code><\/pre>\n\n\n\n1
$ knife node from file \"PATH_TO_JSON_FILE\"<\/code><\/pre>\n\n\n\n1
$ knife node list<\/code><\/pre>\n\n\n\n1
$ knife node run_list add NODE_NAME 'role[ROLE_NAME]'<\/code><\/pre>\n\n\n\n1
$ knife node run_list add NODE_NAME 'recipe[COOKBOOK::RECIPE_NAME],recipe[COOKBOOK::RECIPE_NAME],role[ROLE_NAME]'<\/code><\/pre>\n\n\n\n1
$ knife node run_list add NODE_NAME 'recipe[COOKBOOK::RECIPE_NAME]'<\/code><\/pre>\n\n\n\n1
$ knife node run_list add NODE_NAME 'COOKBOOK::RECIPE_NAME'<\/code><\/pre>\n\n\n\n1
$ knife node run_list add NODE_NAME 'COOKBOOK'<\/code><\/pre>\n\n\n\nknife role<\/h3>\n\n\n\n
Create a role<\/strong><\/p>\n\n\n\n1
$ knife role create role1<\/code><\/pre>\n\n\n\n1
$ knife role from file \"path to JSON file\"<\/code><\/pre>\n\n\n\n1
$ knife role delete devops<\/code><\/pre>\n\n\n\n1
$ knife role edit role1<\/code><\/pre>\n\n\n\n1
$ knife role list -w<\/code><\/pre>\n\n\n\n1
$ knife role show ROLE_NAME<\/code><\/pre>\n\n\n\nknife client<\/h3>\n\n\n\n
Create an admin client<\/strong>
To create a chef-client that can access the Chef server API as an administrator\u2014sometimes referred to as an \u201cAPI chef-client\u201d\u2014with the name \u201cexampleorg\u201d and save its private key to a file, enter:<\/p>\n\n\n\n1
Create an admin client for Enterprise Chef<\/code><\/pre>\n\n\n\n1
$ knife client create exampleorg -f \"\/etc\/chef\/client.pem\"<\/code><\/pre>\n\n\n\n1
$ knife client delete client_foo<\/code><\/pre>\n\n\n\n1
$ knife client edit exampleorg<\/code><\/pre>\n\n\n\nknife configure<\/h3>\n\n\n\n
The following examples show how to use this knife subcommand: Configure knife.rb<\/strong><\/p>\n\n\n\n1
$ knife configure<\/code><\/pre>\n\n\n\n1
$ knife configure client '\/directory'<\/code><\/pre>\n\n\n\nknife delete<\/h3>\n\n\n\n
knife list<\/h3>\n\n\n\n
knife ssh<\/h3>\n\n\n\n
To find the uptime of all of web servers running Ubuntu on the Amazon EC2 platform, enter:<\/strong><\/p>\n\n\n\n1
$ knife ssh \"role:web\" \"uptime\" -x ubuntu -a ec2.public_hostname<\/code><\/pre>\n\n\n\n1
$ knife ssh 'name:*' 'sudo chef-client'<\/code><\/pre>\n\n\n\n1
$ knife ssh \"role:web\" \"sudo chef-client\" -x ubuntu -a ec2.public_hostname<\/code><\/pre>\n\n\n\n1
$ knife ssh \"role:webserver\" \"sudo chef-client\"<\/code><\/pre>\n\n\n\n1
$ knife ssh name:* \"sudo aptitude upgrade -y\"<\/code><\/pre>\n\n\n\nknife ssl check<\/h3>\n\n\n\n
If the SSL certificate can be verified, the response to<\/strong><\/p>\n\n\n\n1
$ knife ssl check<\/code><\/pre>\n\n\n\n1
$ knife ssl check --config \/etc\/chef\/client.rb<\/code><\/pre>\n\n\n\n1
$ knife ssl check https:\/\/www.chef.io<\/code><\/pre>\n\n\n\nknife ssl_fetch<\/h3>\n\n\n\n
1
$ knife ssl check https:\/\/www.chef.io<\/code><\/pre>\n\n\n\n1
$ knife ssl fetch<\/code><\/pre>\n\n\n\nknife status<\/h3>\n\n\n\n
To include run-lists in the status, enter:<\/strong><\/p>\n\n\n\n1
$ knife status --run-list<\/code><\/pre>\n\n\n\n1
$ knife status --hide-healthy<\/code><\/pre>\n\n\n\n1
$ knife status \"role:web\" --run-list<\/code><\/pre>\n\n\n\n1
$ knife status<\/code><\/pre>\n\n\n\n