Opscode
Home     Introduction to Chef     Cookbooks     Blog     GitHub     Tickets 

Knife

Knife is available in Chef versions 0.8 and higher.

Knife has a Man Page

The man page for knife is the authoritative reference for knife, and can be found on The Opscode Support Site. It is also shipped with the chef gem, rpm and deb.
Table of Contents

Client Subcommands

% knife client list
~/exampleorg/.chef/../cookbooks
[
  "exampleorg-validator",
  "i-12345678",
  "rs-123456"
]

This lists the clients in the organization exampleorg, which in this case are the validator client and clients for aws
and rackspace nodes. To inspect a particular client run:

% knife client show i-12345678
~/exampleorg/.chef/../cookbooks
{	
    "public_key": null,
    "name": "i-12345678",
    "json_class": "Chef::ApiClient",
    "admin": false,
    "chef_type": "client"
  }

and to see just one attribute the -a flag can be provided:

% knife client show i-12345678 -a admin
~/exampleorg/.chef/../cookbooks
{
  "admin": false
}

To fire up and editor (specified by the EDITOR environment variable):

% knife client edit i-12345678

Node Subcommands

% knife node list
~/exampleorg/.chef/../cookbooks
[
  "i-12345678",
  "rs-123456"
]

This lists the nodes in the organization exampleorg. Note that the nodes and the clients have the same names.

Show

% knife node show i-12345678
~/exampleorg/.chef/../cookbooks
{
    "normal": {
      "couchdb": {
        "dir": "/mnt/couchdb/etc/couchdb",
        "listen_port": "5984",
        "listen_ip": "0.0.0.0"
      },
      "tags": [

      ],
      "chef": {
        "client_splay": "20",
        "client_interval": "1800",
        "client_log": "/var/log/chef/client.log",
        "log_dir": "/var/log/chef"
      },
    },
    "name": "i-12345678",
    "override": {
    },
    "default": {
      "couchdb": {
        "listen_ip": "0.0.0.0"
      },
      "monitor_group": "couchdb",
      "app_environment": "test-couch"
    },
    "json_class": "Chef::Node",
    "automatic": {
      "fqdn": "ip-10-251-75-20.ec2.internal",
      "ipaddress": "10.251.75.20",
      "ohai_time": 1279227090.99534,
      "uptime": "15 days 23 hours 36 minutes 27 seconds",
      "hostname": "ip-10-251-75-20",
      "uptime_seconds": 1380987,
    },
    "run_list": [
      "role[couchdb-test]",
    ],
    "chef_type": "node"
  }

This is a vastly simplified version of the real data; a lot of sections were deleted to make this more comprehensible. Notice that there are keys "automatic", "default", "normal, and "override". These contain the node attributes at each of those precedences. This can be helpful for debugging.

The output of node show can be literally screen-fulls of data, since ohai emits a vast amount of machine detail. If you want just one attribute, you can use the -a option to restrict it. The output is the attribute, processed through the normal attribute precedence scheme. For example:

% knife node show i-12345678 -a fqdn
~/exampleorg/.chef/../cookbooks
{
  "fqdn": "ip-10-251-75-20.ec2.internal"
}
% knife node show i-12345678 -a couchdb
~/exampleorg/.chef/../cookbooks
{
  "couchdb": {
    "dir": "/mnt/couchdb/etc/couchdb",
    "listen_port": "5984",
    "listen_ip": "0.0.0.0"
  }
}

Ruby fans might wish to get node data, and then process it further in irb.

% irb
>> data = JSON.parse(`knife node show i-12345678`.sub(/^[^\n]*\n/,""),:create_additions=>false)
[large blob of hash data suppressed]
>> data.keys.sort
=> ["automatic", "chef_type", "default", "json_class", "name", "normal", "override", "run_list"]

The sub gets rid of the "~/exampleorg" line, and :create_additions=>false is needed to prevent the JSON parser from
creating a Chef::Node object.

Node Roles

% knife node show i-12345678 -r 
~/exampleorg/.chef/../cookbooks
{
  "run_list": [
    "role[couchdb]"
  ]
}

This node only has the role couchdb; if we wanted to add monitoring to that role we could add it:

% knife node run_list add i-12345678 "role[monitoring]"
~/exampleorg/.chef/../cookbooks
{
  "run_list": [
    "role[couchdb]",
    "role[monitoring]"
  ]
}

Role Subcommands

The role manipulation commands are structured similarly to the node manipulation
commands. Listing the roles in an organization is pretty straightforward:

% knife role list
~/exampleorg/.chef/../cookbooks
[
  "base",
  "couchdb",
  "monitoring"
]

Showing the role reveals the attributes:

% knife role show couchdb
~/exampleorg/.chef/../cookbooks
{
    "name": "couchdb",
    "default_attributes": {
      "couchdb": {
        "listen_ip": "0.0.0.0"
      },
      "monitor_group": "couchdb"
    },
    "json_class": "Chef::Role",
    "run_list": [
      "role[base]",
      "recipe[couchdb]"
    ],
    "description": "The CouchDB role for Opscode Platform",
    "chef_type": "role",
    "override_attributes": {
    }
  }

Roles are added or updated through the from file sub-commands

% knife role from file roles/couchdb.json 
~/exampleorg/.chef/../cookbooks
WARN: Updated Role couchdb!

Cookbooks

The cookbook show command by itself shows the cookbook versions available:

% knife cookbook show couchdb                                                      
~/exampleorg/.chef/../cookbooks
{
  "couchdb": [
    "0.11.0"
  ]
}

Add the a specific version or latest to get the cookbook data structure:

% knife cookbook show couchdb latest
~/exampleorg/.chef/../cookbooks
[json text deleted]

To refine this and show only one portion of this text you can provide a field corresponding to the subfolder you wish to list; e.g. to list information about the attributes folder of the cookbook:

% knife cookbook show couchdb latest attributes
~/exampleorg/.chef/../cookbooks
[
  {
    "name": "couchdb.rb",
    "url": "https://s3.amazonaws.com/...
    "checksum": "deadbeef",
    "path": "attributes/couchdb.rb",
    "specificity": "default"
  }
]

Recipes

Recipes can be listed using the recipe list sub-command:

% knife recipe list 'couchdb::*'
~/exampleorg/.chef/../cookbooks
[
  "couchdb::main_monitors",
  "couchdb::master",
  "couchdb::default",
  "couchdb::org_cleanup"
]

Search

Search is one of the most useful features of Chef Server. Search is also covered in Search.

One common task is to find all the nodes running a particular role:

% knife search node 'role:couchdb' -r
~/exampleorg/.chef/../cookbooks
{
  "rows": [
    {
      "id": "i-12345678",
      "run_list": [
        "role[couchdb]"
      ]
    },
    {
      "id": "i-90abcdef",
      "run_list": [
        "role[couchdb]"
      ]
    }
  ],
  "start": 0,
  "total": 2
}

Note the -r option lists the roles. If you wanted to list the fqdn, you could specify -a fqdn. The ssh subcommand uses
the same search syntax; you could log in directly to each node using

% knife ssh node 'role:couchdb'

Cloud Computing

Amazon EC2

Starting a new node on ec2 can be done with a single command:

$ knife ec2 server create -G production,default --flavor m1.small -i ami-17f51c7e -x ubuntu 'role[couchdb]' 'role[monitoring]'
~/exampleorg/.chef/../cookbooks
Instance ID: i-115cc47b
Flavor: m1.small
Image: ami-17f51c7e
Availability Zone: us-east-1b
Security Groups: production, default
SSH Key: exampleorg

Waiting for server......................
Waiting 10 seconds for SSH Host Key generation on: ec2-67-202-29-62.compute-1.amazonaws.com

Public DNS Name: ec2-67-202-29-62.compute-1.amazonaws.com
Public IP Address: 67.202.29.62
Private DNS Name: domU-12-31-39-00-EC-22.compute-1.internal
Private IP Address: 10.254.243.208
[Installation log of chef gems and first chef-client run deleted]

This spins up a new instance on ec2, copies over and runs a bootstrap file that installs the chef gem and kicks off first chef-client
run. The AMI ami-17f51c7e is the opscode published Ubuntu 10.4 32bit image. (Check to find the latest version)

Bootstrap

Using the bootstrap subcommand is explained on the Knife Bootstrap page.

Examples wanted

  • Cookbook server
  • Data Bags
  • Cloud computing, esp ec2
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Copyright © 2009 Opscode, Inc. All Rights Reserved.