Skip to content

Instantly share code, notes, and snippets.

@epcim

epcim/chef-knife.howto.md

Created October 20, 2015 09:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save epcim/6d7ae64ab83ad09e893e to your computer and use it in GitHub Desktop.
Save epcim/6d7ae64ab83ad09e893e to your computer and use it in GitHub Desktop.
Download ZIP
Raw
chef-knife.howto.md

CHEF KNIFE CONFIGURATION

white list attributes

knife[:automatic_attribute_whitelist] = [
  "fqdn/",
  "ipaddress/",
  "roles/",
  "recipes/",
  "ipaddress/",
  "platform/",
  "platform_version/",
  "cloud/",
]

EXAMPLES

search, list nodes

knife search '*:*' -l               > .chef/nodes-manual/all_details.txt
knife search '*:*'                  > .chef/nodes-manual/all_runlist-expanded.txt 
knife search '*:*' -a 'run_list'    > .chef/nodes-manual/all_runlist.txt

Show the list of databags

    chef exec knife  data bag list -z

Show the list of databag items

    chef exec knife data bag show db_passwords -z

Show contents of databag item

    chef exec knife data bag show db_passwords ceilometer -z

Update contents of databag item

set EDITOR env var to your editor, for powershell, I used nano

    chef exec knife data bag edit secrets dispersion_auth_user -z

ack "knife exec" ~/.history*

 berks install && berks vendor cooxy.oks && knife upload cooxy.oks
 berks update lab_gitlab; knife upload cooxy.oks
 berks update lab_gitlab; knife upload cooxy.oks;
 berks update lab_gitlab && knife upload cooxy.oks && SSL_CERT_FILE=.chef/trusted_certs/chef_projectxy.xxx.crt berks apply projectxy.
 berks upload || knife upload cooxy.oks
 cat .chef/knife.rb
 cd knife-cooxy.ok-readme
 chef gem install knife-analytics
 cp ../../bo/.chef/knife.rb .chef
 cp ../../chef-repo-myorg/.chef/knife.rb .
 cp ../../chef-repo-vums/.chef/knife.rb .
 cp ../../xy..chef/knife.rb .chef
 egrep epel ./* -R |g -v log |g -v lock |g -v json |g "ldapknife"
 egrep ~/.*history* -e knife
 egrep ~/.*history* -nHe knife
 for d in `egrep nagios_ workspace/scripts/upload_all.sh | awk '{print $6}'`;do echo knife data bag create $d;done
 for d in `egrep nagios_ workspace/scripts/upload_all.sh | awk '{print $6}'`;do knife data bag create $d;done
 for d in $(ls data_bags);do echo knife data bag create $d;done
 gem install knife
 gem install knife-cooxy.ok-readme
 gem install knife-docker
 gem install knife-softlayer
 gem install knife-solo
 gem install knife-solo_data_bag
 gem install knife-solo-data-bag
 gem search knife
 gha knife
 ghz knife
 ghz -nf knife
 ghz -nH knife
 ghz -ni knife
 ghz -n knife
 git clone git://github.com/mlafeldt/knife-cooxy.ok-readme.git
 git commit -m "disabled ldapknife tool" .chef/roles/ldap.rb
 gvimdiff .chef/knife.rb ../lab-environment-template/workspace/templates/.chef/knife.rb
 howto chef-knife
 howto knife
 knife
 knife action list
 knife bootstrap 10.10.10.
 knife bootstrap 10.10.10.129 -E myorg -N ops.myorg.xxx
 knife bootstrap 10.10.10.130 -E myorg -N nagios.myorg.xxx
 knife bootstrap 10.10.10.14 -E myorg -N mon.myorg.xxx
 knife bootstrap 10.10.11.2 -E myorg -N git.myorg.xxx
 knife bootstrap 10.10.50.135 -E projectxy.-N git.projectxy.xxx
 knife bootstrap --environment dev --node-name catalog.xy.dev 10.10.50.15 --ssh-password passw0rd --run-list "role[base]" --server-url "https://10.10.50.2" --json-attributes '{ "hostname": "catalog","name": "catalog.xy.dev", "system":{ "short_hostname":"catalog", "domain_name":"xy.dev" } }' --secret-file .chef/encrypted_data_bag_secret -VV
 knife check
 knife cooxy.ok
 knife cooxy.ok metadata
 knife cooxy.ok metadata .
 knife cooxy.ok metadata --all
 knife cooxy.ok metadata backoffice-infrastructure
 knife cooxy.ok readme
 knife cooxy.ok upload
 knife cooxy.ok upload lab_base-srv
 knife cooxy.ok upload lab_base-srv -l debug
 knife data bag create bind
 knife data bag create certificates
 knife data bag create nagios_contactgroups
 knife data bag create nagios_contacts
 knife data bag create nagios_eventhandlers
 knife data bag create nagios_hostgroups
 knife data bag create nagios_servicegroups
 knife data bag create nagios_services
 knife data bag create nagios_templates
 knife data bag create oracle
 knife data bag create secrets
 knife data bag create ssh
 knife data bag create users
 knife data bag edit certificates wildcard1 --secret-file .chef/encrypted_data_bag_secret -z
 knife data bag edit certificates wildcard --secret-file .chef/encrypted_data_bag_secret -z
 knife data bag edit file certificates wildcard.json
 knife data bag edit file certificates wildcard.json --secret-file .chef/encrypted_data_bag_secret
 knife data bag edit file certificates wildcard.json --secret-file .chef/encrypted_data_bag_secret -z
 knife data bag edit file certificates wildcard --secret-file .chef/encrypted_data_bag_secret -z
 knife data bag from file bind --all
 knife data bag from file bind --all --config knife.rb
 knife data bag from file certificates --all
 knife data bag from file certificates --all --config knife.rb
 knife data bag from file certificates wildcard
 knife data bag from file certificates wildcard.json
 knife data bag from file nagios_contactgroups --all
 knife data bag from file nagios_contacts --all
 knife data bag from file nagios_eventhandlers --all
 knife data bag from file nagios_hostgroups --all
 knife data bag from file nagios_servicedependencies --all
 knife data bag from file nagios_servicegroups --all
 knife data bag from file nagios_services --all
 knife data bag from file nagios_services --all --config knife.rb
 knife data bag from file ssh --all
 knife data bag from file users --all
 knife data bag from file users --all --config knife.rb
 knife data bag from file users xxxadmin.json
 knife data bag from file users user1.json
 knife data bag from file users user2.json
 knife download done git.myorg.xxx
 knife download node git.myorg.xxx
 knife download nodes
 knife environment from file environments/*.rb
 knife environment from file environments/*.rb --config knife.rb
 knife environment from file myorg
 knife environment from file myorg.json
 knife exec
 knife exec '*:* AND NOT name:provisioner' "echo 10.10.53.9 chef.ci.lab" -z
 knife exec 'bash -c "echo 10.10.53.9 chef.ci.lab"' -z
 knife exec 'echo "10.10.53.9 chef.ci.lab"' -z
 knife exec "echo 10.10.53.9 chef.ci.lab" -z
 knife exec -E 'nodes.show("chef.ci.lab″)["etc"]["passwd"].each {|k,v| puts k}'
 knife exec -E 'nodes.show("chef.ci.lab″)["etc"]["passwd"].each {|k,v| puts k if v["shell"] =~ /bash/}'
 knife exec -E 'nodes.show("chef.ci.lab″)["etc"]["passwd"].each {|k,v| puts k if v["shell"] =~ /bash/}’
 knife exec -E 'nodes.show("chef.ci.lab″)["etc"]["passwd"].each {|k,v| puts k if v[\'shell\'] =~ /bash/}'
 knife exec -z
 knife fetch ssl
 knife |grep readme
 knife --help
 knife help softlayer server craate
 knife login git.projectxy.xxx
 knife login "name:ora.xy.dev"
 knife node
 knife node download
 knife node from file git.myorg.xxx
 knife node from file git.myorg.xxx.json
 knife node from file mon.myorg.xxx.json
 knife node list
 knife node list -
 knife node list -a
 knife node list --help
 knife node list -l
 knife node list -V
 knife node list -z
 knife node list -zV
 knife node run_list add git.projectxy.xxx 'role[base],role[git],recipe[lab_postfix::client]'
 knife node run_list add mon.myorg.xxx 'role[base],role[monitoring],recipe[lab_postfix::client],role[backup]'
 knife node run_list add nagios.myorg.xxx 'role[base],role[monitoring],recipe[lab_postfix::client]'
 knife node run_list add ops.myorg.xxx 'role[base]'
 knife node run_list add ops.myorg.xxx 'role[base],role[ldap]'
 knife node run_list add ops.myorg.xxx 'role[dns]'
 knife node run_list add ops.myorg.xxx 'role[ldap]'
 knife node run_list add ops.myorg.xxx 'role[mail]'
 knife node run_list add ops.projectxy.xxx 'role[base],role[ldap],role[dns],role[mail]'
 knife node run_list add ora-chef-test.xy.test "recipe[lab_oracle::default]"
 knife node run_list add ora.xy.dev "recipe[lab_oracle]"
 knife node search '*:*'
 knife node show git.myorg.xxx
 knife node -z
 knife readme
 knife-reset
 knife-reset-bo
 knife-reset-myorg
 knife-reset-myorg; unset SSL_CERT_FILE; berks install; berks update lab_gitlab lab_bind lab_openvpn lab_base myorg-base-linux lab_backup lab_chef-server && berks vendor cooxy.oks && knife upload cooxy.oks && SSL_CERT_FILE=.chef/trusted_certs/chef_myorg.crt berks apply myorg;
 knife-reset-myorg; unset SSL_CERT_FILE; berks update lab_gitlab lab_bind lab_openvpn lab_base myorg-base-linux lab_backup lab_chef-server && berks vendor cooxy.oks && knife upload cooxy.oks && SSL_CERT_FILE=.chef/trusted_certs/chef_myorg.crt berks apply myorg;
 knife-reset-kb
 knife-reset-xy. unset SSL_CERT_FILE; berks update lab_gitlab && berks install && knife upload cooxy.oks && SSL_CERT_FILE=.chef/trusted_certs/chef_projectxy.xxx.crt berks apply projectxy.
 knife-reset-xy. unset SSL_CERT_FILE; berks update lab_gitlab && && berks vendor cooxy.oks && knife upload cooxy.oks && SSL_CERT_FILE=.chef/trusted_certs/chef_projectxy.xxx.crt berks apply projectxy.
 knife-reset-xy. unset SSL_CERT_FILE; berks update lab_gitlab && berks vendor cooxy.oks && knife upload cooxy.oks && SSL_CERT_FILE=.chef/trusted_certs/chef_projectxy.xxx.crt berks apply projectxy.
 knife-reset-projectkb
 knife role from file base.rb
 knife role from file ora.rb
 knife role from file roles/*.rb
 knife role from file roles/*.rb -VV
 knife role from file roles/*.rb --VV
 knife search '*:*'
 knife search '*'
 knife search '*:*' -a
 knife search '*:*' -a '*'
 knife search '*:*' -A
 knife search '*:*' -a .automatic.ipaddress -zi
 knife search '*:*' -a automatic.ipaddress -zi
 knife search '*:*' -a automatic.openstack.public_ipv4
 knife search '*:*' -a automatic.openstack.public_ipv4 -zi
 knife search '*:*' -a ipaddress
 knife search '*:*' -a ipaddress -z
 knife search '*:* AND NOT name:provisioner' -a ipaddress -z
 knife search '*:*' -a 'node:'
 knife search '*:*' -a 'run_list'
 knife search '*:*' -a 'run_list' > .chef/nodes-manual/all_runlist.txt
 knife search '*:*' -az
 knife search '*:*' > .chef/nodes-manual/all-recipes.txt
 knife search '*:*' > .chef/nodes-manual/all_runlist-expanded.txt
 knife search '*:*' -l
 knife search '*:*' -l > .chef/nodes-manual/all_details.txt
 knife search '*:*' -l > .chef/nodes-manual/all-details.txt
 knife search '*:*' -lz
 knife search 'node *:*'
 knife search 'node'
 knife search 'node *:*' -a
 knife search 'node' -a
 knife search 'node' '*:*' -a
 knife search 'nodes *:*' -a
 knife search 'nodes' '*:*' -a
 knife search 'node:*' -za '*'
 knife search '*:*' -z
 knife search '*:*' -za
 knife search '*:*' -z -a
 knife search '*:*' -z -a '*'
 knife search '*:*' -za '*'
 knife search '*:*' -za 'run_list'
 knife search '*:*' -zi
 knife softlayer
 knife softlayer server help create
 knife solo data bag create secrets backup --secret-file .chef/encrypted_data_bag_secret
 knife solo data bag create secrets postfix --secret-file ~/.chef/encrypted_data_bag_secret
 knife solo data bag create secrets postfix --secret-file .chef/encrypted_data_bag_secret
 knife solo data bag create secrets postfix --secret-file encrypted_data_bag_secret
 knife solo data bag create secrets smtprelay --secret-file .chef/encrypted_data_bag_secret
 knife solo data bag edit secrets backup --secret-file .chef/encrypted_data_bag_secret
 knife solo data bag edit secrets postfix --secret-file .chef/encrypted_data_bag_secret
 knife solo data bag edit secrets smtprelay --secret-file .chef/encrypted_data_bag_secret
 knife solo data bag show secrets backup --secret-file .chef/encrypted_data_bag_secret
 knife ssh git.projectxy.xxx
 knife ssh 'name:* AND NOT name:provisioner*' "echo 10.10.53.9 chef.ci.lab" -z
 knife ssh 'name:* AND NOT name:provisioner*' "echo 10.10.53.9 chef.ci.lab" -z -u ubuntu
 knife ssh 'name:* AND NOT name:provisioner*' "echo 10.10.53.9 chef.ci.lab" -z -x ubuntu
 knife ssh 'name:* AND NOT name:provisioner*' echo 10.10.53.9 chef.ci.lab -z -x ubuntu
 knife ssh 'name:* AND NOT name:provisioner*' echo 10.10.53.9 chef.ci.lab -z -x ubuntu -P
 knife ssh 'name:* AND NOT name:provisioner*' echo 10.10.53.9 chef.ci.lab -z -x ubuntu@ -P
 knife ssh 'name:* AND NOT name:provisioner*' echo 10.10.53.9 chef.ci.lab -z -X ubuntu -P
 knife ssh 'name:[git *]' 'service chef-client run'
 knife ssh 'name:[git*]' 'service chef-client run'
 knife ssh 'name:git[*]' 'service chef-client run'
 knife ssh 'name:[git* TO *]' 'service chef-client run'
 knife ssh 'name:[git* TO *]' 'service chef-client run' -u root
 knife ssh "name:ora.xy.dev"
 knife ssh "name:ora.xy.dev" "sudo chef-client"
 knife ssh 'name:[* TO *]' 'curl -L https://www.opscode.com/chef/install.sh | sudo bash'
 knife ssh 'name:[* TO *]' 'date'
 knife ssh 'name:[* TO *]' 'service chef-client run'
 knife ssh 'name:[* TO *]' 'sudo service chef-client run'
 knife ssh 'node:*' chef-client
 knife ssh node:git.myorg.xxx chef-client
 knife ssh node:git.projectxy.xxx
 knife ssh node:git.projectxy.xxx chef-client
 knife ssh 'node:[ops*]' chef-client
 knife ssh 'node:ops*' chef-client
 knife ssh 'node:ops**' chef-client
 knife ssh node:ops chef-client
 knife ssh node:ops.myorg.xxx chef-client
 knife ssh "node::ora.xy.dev" "sudo chef-client"
 knife ssh "node:ora.xy.dev" "sudo chef-client"
 knife ssh "node:*" service chef-client run
 knife ssh node:* service chef-client run
 knife ssh "nodes:ora.xy.dev" "sudo chef-client"
 knife ssh 'node:[ * TO ops*]' chef-client
 knife ssh 'node:[ TO ops*]' chef-client
 knife ssl check
 knife ssl check -c /tmp/kitchen/client.rb
 knife ssl fetch
 knife ssl fetch 'chef-analytics.myorg.xxx'
 knife ssl fetch chef-analytics.myorg.xxx
 knife ssl fetch 'https://chef-analytics.myorg.xxx'
 knife ssl fetch https://chef-analytics.myorg.xxx
 knife ssl fetch; knife ssl check
 knife upload
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment