The chef executable is a command-line tool that does the following:
Use the chef capture subcommand to capture a node’s state as a local chef-repo. Use the generated repository if you need to converge a node locally.
This subcommand has the following syntax:
chef capture NODE-NAME [options]
-c, --credentials
Credentials file (default $HOME/.chef/credentials).
-d, --with-data-bags
Download all data bags as part of node capture.
-h, --help
Show help for the command.
-k, --client-key
Chef Infra Server API client key.
-n, --client-name
Chef Infra Server API client name.
-o, --ssl-no-verify
Do not verify SSL when connecting to Chef Infra Server (default: verify).
-p, --profile
Profile to use from credentials file (default “default”).
-s, --chef-server-url
Chef Infra Server URL.
Capture a node
To capture a node in a local repository, run a command similar to:
chef capture test-server
This will return something similar to:
- Setting up local repository
- Capturing node object 'test-server'
- Capturing policy data...
- Capturing cookbook artifacts...
- Writing kitchen configuration...
Repository has been created in './node-test-server-repo'.
Next, locate version-controlled copies of the cookbooks. This is
important so that you can track changes to the cookbooks as you
edit them. You may have one or more existing paths where you have
checked out cookbooks. If not, now is a good time to open a
separate terminal and clone or check out the cookbooks.
If all cookbooks are not available in the same base location,
you will have a chance to provide additional locations.
Press Enter to Continue:
You're ready to begin!
Start with 'cd ./node-test-server-repo; kitchen converge'.
As you identify issues, you can modify cookbooks in their
original checkout locations or in the repository's cookbooks
directory and they will be picked up on subsequent runs
of 'kitchen converge'.
See the Upgrade Lab documentation for additional information on upgrading Chef Infra Client.
Use the chef env subcommand to configure the environment for Chef Workstation.
This subcommand has the following syntax:
chef env
This command does not have any specific options.
None.
Use the chef exec subcommand to run arbitrary shell commands with the PATH environment variable and the GEM_HOME and GEM_PATH Ruby environment variables pointed at Chef Workstation.
This subcommand has the following syntax:
chef exec SYSTEM_COMMAND (options)
This subcommand has the following options:
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
The chef gem subcommand is a wrapper around the gem command in RubyGems and is used by Chef to install RubyGems into Chef Workstation development environment. All knife plugins, drivers for Kitchen, and other Ruby applications that are not packaged within Chef Workstation will be installed to the .Chef Workstation path in the home directory: ~/.Chef Workstation/gem/ruby/ver.si.on/bin (where ver.si.on is the version of Ruby that is packaged within Chef Workstation).
This subcommand has the following syntax:
chef gem GEM_COMMAND GEM_OPTIONS (options)
This subcommand has the following options:
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
Show an existing gem in Chef Workstation
To show a gem, run a command similar to:
chef gem list cookstyle
to return something similar to:
*** LOCAL GEMS ***
cookstyle (5.20.0)
List all local gems
To list all of the installed gems on your development environment, use the list command without any arguments:
chef gem list
Search for local gems
The list command can also be used to search for locally installed gems. For example, to list all of the gems with knife in their title:
chef gem list knife
which returns the following output:
*** LOCAL GEMS ***
knife-opc (0.3.2)
knife-windows (1.9.0)
Search remote gems
Use the search command to search for remote gems available for installation:
chef gem search kitchen
to return something similar to:
*** REMOTE GEMS ***
chefkitchen_cli (0.0.1)
gst-kitchen (0.9.0)
guard-kitchen (0.0.2)
jackal-kitchen (0.1.2)
jackal-kitchen-slack (0.1.2)
kitchen (0.0.3)
Install a gem
To install a gem, run a command similar to:
chef gem install knife-config
to return something similar to:
Successfully installed knife-config-1.1.0
1 gem installed
Uninstall a gem
To uninstall a gem from Chef Workstation environment:
chef gem uninstall knife-config
to return something similar to:
Successfully uninstalled knife-config-1.1.0
View the contents of a gem
To view the contents of a gem, run a command similar to:
chef gem content knife-config
to return something similar to:
/Users/user/.chefdk/gem/ruby/2.1.0/gems/knife-config-1.1.0/LICENSE
/Users/user/.chefdk/gem/ruby/2.1.0/gems/knife-config-1.1.0/README.md
/Users/user/.chefdk/gem/ruby/2.1.0/gems/knife-config-1.1.0/lib/chef/knife/config.rb
/Users/user/.chefdk/gem/ruby/2.1.0/gems/knife-config-1.1.0/lib/knife-config.rb
Use the chef generate attribute subcommand to generate an attribute file in the /attributes directory.
This subcommand has the following syntax:
chef generate attribute COOKBOOK_PATH NAME (options)
This subcommand has the following options:
-g GENERATOR_COOKBOOK_PATH, --generator-cookbook GENERATOR_COOKBOOK_PATH
The path at which a cookbook named code_generator is located. This cookbook is used by the chef generate subcommands to generate cookbooks, cookbook files, templates, attribute files, and so on. Default value: lib/chef-dk/skeletons, under which is the default code_generator cookbook that is included as part of Chef Workstation.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
Create an attribute
To generate an attribute, run a command similar to:
chef generate attribute /path/to/cookbook FOO
will return something similar to:
Recipe: code_generator::attribute
* directory[/Users/grantmc/chef-repo/cookbooks/chef-repo/attributes] action create
- create new directory /Users/grantmc/chef-repo/cookbooks/chef-repo/attributes
* template[/Users/grantmc/chef-repo/cookbooks/chef-repo/attributes/FOO.rb] action create
- create new file /Users/grantmc/chef-repo/cookbooks/chef-repo/attributes/FOO.rb
Use the chef generate cookbook subcommand to generate a cookbook.
Note
-) is a valid character and may be used in cookbook and custom resource names, but it is discouraged. Chef Infra Client will return an error if a hyphen is not converted to an underscore (_) when referencing from a recipe the name of a custom resource in which a hyphen is located. This subcommand has the following syntax:
chef generate cookbook COOKBOOK_PATH/COOKBOOK_NAME (options)
This subcommand has the following options:
-g GENERATOR_COOKBOOK_PATH, --generator-cookbook GENERATOR_COOKBOOK_PATH
The path at which a cookbook named code_generator is located. This cookbook is used by the chef generate subcommands to generate cookbooks, cookbook files, templates, attribute files, and so on. Default value: lib/chef-dk/skeletons, under which is the default code_generator cookbook that is included as part of Chef Workstation.
-b, --berks
Create a Berksfile in the cookbook. Default: disabled. Optional. Use to create a berksfile by overriding default creation of a Policyfile.
-C COPYRIGHT, --copyright COPYRIGHT
Specify the copyright holder for copyright notices in generated files. Default value: The Authors
-d, --delivery
Generate a delivery config file and build cookbook inside the new cookbook. Default value: disabled. This option is disabled. It has no effect and exists only for compatibility with past releases
-m EMAIL, --email EMAIL
Specify the email address of the author. Default value: [email protected].
-a KEY=VALUE, --generator-arg KEY=VALUE
Sets a property named KEY to the given VALUE on the generator context object in the generator cookbook. This allows custom generator cookbooks to accept optional user input on the command line.
-I LICENSE, --license LICENSE
Sets the license. Valid values are all_rights, apache2, mit, gplv2, or gplv3. Default value: all_rights.
-P, --policy
Create a Policyfile in the cookbook instead of a Berksfile. Default: enabled.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
Create a cookbook
To generate a cookbook, run a command similar to:
chef generate cookbook chefdocs
will return something similar to:
Recipe: code_generator::cookbook
* directory[/Users/grantmc/chefdocs] action create
- create new directory /Users/grantmc/chefdocs
* template[/Users/grantmc/chefdocs/metadata.rb] action create
- create new file /Users/grantmc/chefdocs/metadata.rb
* template[/Users/grantmc/chefdocs/README.md] action create
- create new file /Users/grantmc/chefdocs/README.md
* cookbook_file[/Users/grantmc/chefdocs/chefignore] action create
- create new file /Users/grantmc/chefdocs/chefignore
* cookbook_file[/Users/grantmc/chefdocs/Berksfile] action create
- create new file /Users/grantmc/chefdocs/Berksfile
* template[/Users/grantmc/chefdocs/kitchen.yml] action create
- create new file /Users/grantmc/chefdocs/kitchen.yml
* directory[/Users/grantmc/chefdocs/recipes] action create
- create new directory /Users/grantmc/chefdocs/recipes
* template[/Users/grantmc/chefdocs/recipes/default.rb] action create
- create new file /Users/grantmc/chefdocs/recipes/default.rb
* execute[initialize-git] action run
- execute git init .
* cookbook_file[/Users/grantmc/chefdocs/.gitignore] action create
- create new file /Users/grantmc/chefdocs/.gitignore
and which creates a directory structure similar to:
/chefdocs
/.git
.gitignore
kitchen.yml
Berksfile
chefignore
metadata.rb
README.md
/recipes
default.rb
Create a cookbook using a custom skeleton cookbook
If a custom skeleton cookbook is located on a macOS desktop (and in this example, the chef_generator cookbook is simply a copy of the same cookbook that ships in Chef Workstation), the following command will use the skeleton cookbook at the custom location to generate a cookbook into the repository from which the chef command is run:
chef generate cookbook --generator-cookbook ~/Desktop testcookbook
Note
code_generator cookbook itself is not specified as part of the path. will return something similar to:
Compiling Cookbooks...
Recipe: code_generator::cookbook
* directory[/Users/grantmc/Desktop/chef-repo/test-cookbook] action create
- create new directory /Users/grantmc/Desktop/chef-repo/test-cookbook
* template[/Users/grantmc/Desktop/chef-repo/test-cookbook/metadata.rb] action create
- create new file /Users/grantmc/Desktop/chef-repo/test-cookbook/metadata.rb
* template[/Users/grantmc/Desktop/chef-repo/test-cookbook/README.md] action create
- create new file /Users/grantmc/Desktop/chef-repo/test-cookbook/README.md
* cookbook_file[/Users/grantmc/Desktop/chef-repo/test-cookbook/chefignore] action create
- create new file /Users/grantmc/Desktop/chef-repo/test-cookbook/chefignore
* cookbook_file[/Users/grantmc/Desktop/chef-repo/test-cookbook/Berksfile] action create
- create new file /Users/grantmc/Desktop/chef-repo/test-cookbook/Berksfile
* template[/Users/grantmc/Desktop/chef-repo/test-cookbook/kitchen.yml] action create
- create new file /Users/grantmc/Desktop/chef-repo/test-cookbook/kitchen.yml
* directory[/Users/grantmc/Desktop/chef-repo/test-cookbook/recipes] action create
- create new directory /Users/grantmc/Desktop/chef-repo/test-cookbook/recipes
* template[/Users/grantmc/Desktop/chef-repo/test-cookbook/recipes/default.rb] action create
- create new file /Users/grantmc/Desktop/chef-repo/test-cookbook/recipes/default.rb
Use the chef generate build-cookbook subcommand to generate a delivery configuration file and build cookbook.
This subcommand has the following syntax:
chef generate build-cookbook COOKBOOK_PATH/COOKBOOK_NAME (options)
This subcommand has the following options:
-g GENERATOR_COOKBOOK_PATH, --generator-cookbook GENERATOR_COOKBOOK_PATH
The path at which a cookbook named code_generator is located. This cookbook is used by the chef generate subcommands to generate cookbooks, cookbook files, templates, attribute files, and so on. Default value: lib/chef-dk/skeletons, under which is the default code_generator cookbook that is included as part of Chef Workstation.
-C COPYRIGHT, --copyright COPYRIGHT
Specify the copyright holder for copyright notices in generated files. Default value: The Authors
-m EMAIL, --email EMAIL
Specify the email address of the author. Default value: [email protected].
-a KEY=VALUE, --generator-arg KEY=VALUE
Sets a property named KEY to the given VALUE on the generator context object in the generator cookbook. This allows custom generator cookbooks to accept optional user input on the command line.
-I LICENSE, --license LICENSE
Sets the license. Valid values are all_rights, apache2, mit, gplv2, or gplv3. Default value: all_rights.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef generate file subcommand to generate a file in the /files directory.
This subcommand has the following syntax:
chef generate file COOKBOOK_PATH NAME (options)
This subcommand has the following options:
-g GENERATOR_COOKBOOK_PATH, --generator-cookbook GENERATOR_COOKBOOK_PATH
The path at which a cookbook named code_generator is located. This cookbook is used by the chef generate subcommands to generate cookbooks, cookbook files, templates, attribute files, and so on. Default value: lib/chef-dk/skeletons, under which is the default code_generator cookbook that is included as part of Chef Workstation.
-h, --help
Show help for the command.
-s SOURCE_FILE, --source SOURCE_FILE
Copy the contents from a source file.
-v, --version
The Chef Infra Client version.
None.
Use the chef generate resource subcommand to generate a custom resource in the /resources directory.
Note
-) is a valid character and may be used in cookbook and custom resource names, but it is discouraged. Chef Infra Client will return an error if a hyphen is not converted to an underscore (_) when referencing from a recipe the name of a custom resource in which a hyphen is located. This subcommand has the following syntax:
chef generate resource COOKBOOK_PATH NAME (options)
This subcommand has the following options:
-g GENERATOR_COOKBOOK_PATH, --generator-cookbook GENERATOR_COOKBOOK_PATH
The path at which a cookbook named code_generator is located. This cookbook is used by the chef generate subcommands to generate cookbooks, cookbook files, templates, attribute files, and so on. Default value: lib/chef-dk/skeletons, under which is the default code_generator cookbook that is included as part of Chef Workstation.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef generate recipe subcommand to generate a recipe in the /recipes directory.
This subcommand has the following syntax:
chef generate recipe COOKBOOK_PATH NAME (options)
This subcommand has the following options:
-g GENERATOR_COOKBOOK_PATH, --generator-cookbook GENERATOR_COOKBOOK_PATH
The path at which a cookbook named code_generator is located. This cookbook is used by the chef generate subcommands to generate cookbooks, cookbook files, templates, attribute files, and so on. Default value: lib/chef-dk/skeletons, under which is the default code_generator cookbook that is included as part of Chef Workstation.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef generate repo subcommand to create a chef-repo. By default, the repo is a cookbook repo with options available to support generating a cookbook that supports Policyfile.
This subcommand has the following syntax:
chef generate repo REPO_NAME (options)
This subcommand has the following options:
-h, --help
Show help for the command.
-p, --policy-only
Create a repository that does not store cookbook files, only Policyfile files.
-P, --policy
Use Policyfile instead of Berkshelf.
-r, --roles
Create directories for /roles and /environments instead of creating directories for Policyfile.
-v, --version
The Chef Infra Client version.
None.
Use the chef generate template subcommand to generate a template in the /templates directory.
This subcommand has the following syntax:
chef generate template COOKBOOK_PATH NAME (options)
This subcommand has the following options:
-g GENERATOR_COOKBOOK_PATH, --generator-cookbook GENERATOR_COOKBOOK_PATH
The path at which a cookbook named code_generator is located. This cookbook is used by the chef generate subcommands to generate cookbooks, cookbook files, templates, attribute files, and so on. Default value: lib/chef-dk/skeletons, under which is the default code_generator cookbook that is included as part of Chef Workstation.
-h, --help
Show help for the command.
-s SOURCE_FILE, --source SOURCE_FILE
Copy the contents from a source file.
-v, --version
The Chef Infra Client version.
None.
Use the chef report cookbooks subcommand to generate a cookbook-oriented report for your Chef Infra environment. This report provides details about upgrade compatibility errors and node cookbook usage.
This subcommand has the following syntax:
chef report cookbooks [options]
This subcommand has the following options:
-a, --anonymize
Replace cookbook and node names with hash values to protect the sensitive information.
-c, --credentials string
Credentials file (default $HOME/.chef/credentials).
-f, --format
Output format: txt is human readable, csv is machine readable (default “txt”).
-F, --node-filter
Search filter to apply to nodes.
-h, --help
Show help for the command.
-k, --client-key
Chef Infra Server API client key.
-n, --client-name
Chef Infra Server API client name.
-o, --ssl-no-verify
Do not verify SSL when connecting to Chef Infra Server (default: verify).
-p, --profile
Profile to use from credentials file (default “default”).
-s, --chef-server-url
Chef Infra Server URL.
-u, --only-unused
Generate a report that only includes cookbooks that are not included in any node’s runlist.
-V, --verify-upgrade
Verify the upgrade compatibility of every cookbook.
-w, --workers
Maximum number of parallel workers at once (default 50).
Generate a report
To generate a cookbook oriented report, run a command similar to:
chef report cookbooks
will return something similar to:
Finding available cookbooks... (5 found)
Analyzing cookbooks...
5 / 5 [----------------------------------------------------------------------------------------------------------------] 100.00% 13 p/s
-- REPORT SUMMARY --
Cookbook Version Policy Group Policy Nodes Affected
-----------+---------+--------------+--------+-----------------
apt 2.7.0 2
Go 0.1.0 3
java 0.3.0 4
java Production K8s 1
K8s Production K8s 1
Cookbooks report saved to .chef-workstation/reports/cookbooks-20200722120938.txt
More details of this summary report can be viewed in the text file, the location for which is given at the end of the summary.
See the Upgrade Lab documentation for additional information on upgrading Chef Infra Client.
Use the chef report nodes subcommand to generate a nodes-oriented report for your chef environment. This report provides details about nodes, applied policies and the cookbooks used during the most recent chef-client run.
This subcommand has the following syntax:
chef report nodes [options]
This subcommand has the following options:
-a, --anonymize
Replace cookbook and node names with hash values to protect sensitive information.
-c, --credentials string
Credentials file (default $HOME/.chef/credentials).
-f, --format
Output format: txt is human readable, csv is machine readable (default “txt”).
-F, --node-filter
Search filter to apply to nodes.
-h, --help
Show help for the command.
-k, --client-key
Chef Infra Server API client key.
-n, --client-name
Chef Infra Server API client name.
-o, --ssl-no-verify
Do not verify SSL when connecting to Chef Infra Server (default: verify).
-p, --profile
Profile to use from credentials file (default “default”).
-s, --chef-server-url
Chef Infra Server URL.
Generate a report
To generate a nodes oriented report, run a command similar to:
chef report nodes
will return something similar to:
Analyzing nodes...
-- REPORT SUMMARY --
Node Name Chef Version Operating System Number Cookbooks
---------------------+--------------+------------------+-------------------
dev-server-backend 16.1.16 redhat v8.2 3
dev-server-web 16.1.16 redhat v8.2 1
production-server 16.1.16 redhat v8.2 2
staging-server 16.1.16 redhat v8.2 4
test-server 16.1.16 redhat v8.2 3
Nodes report saved to .chef-workstation/reports/nodes-20200722130502.txt
More details of this summary report can be viewed in the text file, the location for which is given at the end of the summary.
Upgrade Lab provides further details on how this command can be used in Chef Infra Client upgrade process.
Use the chef shell-init subcommand to set the Ruby included in Chef Workstation as the system Ruby. Chef Workstation is designed to allow the isolation of applications used by Chef Workstation from other Ruby development tools that may be present on the workstation. This supports Bash, fish, Windows PowerShell (posh), and zsh.
bash zsh fish PowerShell (posh)
This subcommand has the following syntax:
chef shell-init SHELL_NAME (options)
This subcommand has the following options:
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
Set PowerShell
You can use the chef shell-init command with Windows PowerShell to add the appropriate variables to your environment.
To try it in your current session:
chef shell-init powershell | Invoke-Expression
To enable it permanently:
"chef shell-init powershell | Invoke-Expression" >> $PROFILE
Set the execution policy on new machines
On new Windows machines, PowerShell scripts will not work until an administrator runs the following command:
Set-ExecutionPolicy RemoteSigned
Create a $PROFILE on new machines
On new Windows machines, commands cannot be appended to $PROFILE if the folder does not exist, or if there is a new user profile. This will result in an error similar to the following:
PS C:\Users\Stuart> "chef shell-init powershell | Invoke-Expression" >> $PROFILE
out-file : Could not find a part of the path
'C:\Users\Stuart\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1'.
At line:1 char:1
+ "chef shell-init powershell | Invoke-Expression" >> $PROFILE
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (:) [Out-File], DirectoryNotFoundException
+ FullyQualifiedErrorId : FileOpenFailure,Microsoft.PowerShell.Commands.OutFileCommand
In this situation, run the following chef shell-init command instead:
if(Test-Path $PROFILE){ chef shell-init powershell | Add-Content $PROFILE } else { New-Item -Force -ItemType File $PROFILE; chef shell-init powershell | Add-Content $PROFILE }
The following commands are built into the chef executable and support the use of Policyfile files.
Use the chef clean-policy-cookbooks subcommand to delete cookbooks that are not used by Policyfile files. Cookbooks are considered unused when they are not referenced by any policy revisions on the Chef Infra Server.
Note
Cookbooks that are referenced by orphaned policy revisions are not removed. Use chef clean-policy-revisions to remove orphaned policies.
This subcommand has the following syntax:
chef clean-policy-cookbooks (options)
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef clean-policy-revisions subcommand to delete orphaned policy revisions to Policyfile files from the Chef Infra Server. An orphaned policy revision is not associated to any policy group and therefore is not in active use by any node. Use chef show-policy --orphans to view a list of orphaned policy revisions.
This subcommand has the following syntax:
chef clean-policy-revisions (options)
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef delete-policy subcommand to delete all revisions of the named policy that exist on the Chef Infra Server. (The state of the policy revision is backed up locally and may be restored using the chef undelete subcommand.)
This subcommand has the following syntax:
chef delete-policy POLICY_NAME (options)
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef delete-policy-group subcommand to delete the named policy group from the Chef Infra Server. Any policy revision associated with that policy group is not deleted. (The state of the policy group is backed up locally and may be restored using the chef undelete subcommand.)
This subcommand has the following syntax:
chef delete-policy-group POLICY_GROUP (options)
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef diff subcommand to display an itemized comparison of two revisions of a Policyfile.lock.json file.
This subcommand has the following syntax:
chef diff POLICY_FILE --head | --git POLICY_GROUP | POLICY_GROUP...POLICY_GROUP (options)
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-g GIT_REF, --git GIT_REF
Compare the specified git reference against the current revision of a Policyfile.lock.json file or against another git reference.
-h, --help
Show help for the command.
--headA shortcut for chef diff --git HEAD. When a git-specific flag is not provided, the on-disk Policyfile.lock.json file is compared to one on the Chef Infra Server or (if a Policyfile.lock.json file is not present on-disk) two Policyfile.lock.json files in the specified policy group on the Chef Infra Server are compared.
--[no-]pagerUse --pager to enable paged output for a Policyfile.lock.json file. Default value: --pager.
-v, --version
The Chef Infra Client version.
Compare current lock to latest commit on latest branch
chef diff --git HEAD
Compare current lock with latest commit on master branch
chef diff --git master
Compare current lock to specified revision
chef diff --git v1.0.0
Compare lock on master branch to lock on revision
chef diff --git master...dev
Compare lock for version with latest commit on master branch
chef diff --git v1.0.0...master
Compare current lock with latest lock for policy group
chef diff staging
Compare locks for two policy groups
chef diff production...staging
Use the chef export subcommand to create a chef-zero-compatible chef-repo that contains the cookbooks described by a Policyfile.lock.json file. After a chef-zero-compatible chef-repo is copied to a node, the policy can be applied locally on that machine by running chef-client -z (local mode).
This subcommand has the following syntax:
chef export POLICY_FILE DIRECTORY (options)
This subcommand has the following options:
-a, --archive
Export an archive as a tarball, instead as a directory. Default value: false.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-f, --force
Remove the contents of the destination directory if that directory is not empty. Default value: false.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef generate policyfile subcommand to generate a file to be used with Policyfile.
This subcommand has the following syntax:
chef generate policyfile POLICY_NAME (options)
This subcommand has the following options:
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef install subcommand to evaluate a policy file and find a compatible set of cookbooks, build a run-list, cache it locally, and then emit a Policyfile.lock.json file that describes the locked policy set. The Policyfile.lock.json file may be used to install the locked policy set to other machines and may be pushed to a policy group on the Chef Infra Server to apply that policy to a group of nodes that are under management by Chef.
This subcommand has the following syntax:
chef install POLICY_FILE (options)
This subcommand has the following options:
-D, --debug
Enable stack traces and other debug output.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
When the chef install command is run, Chef Workstation caches any necessary cookbooks and emits a Policyfile.lock.json file that describes:
A Policyfile.lock.json file is associated with a specific policy group, i.e. is associated with one (or more) nodes that use the same revision of a given policy.
A Policyfile.lock.json file is similar to:
{
"revision_id": "288ed244f8db8bff3caf58147e840bbe079f76e0",
"name": "jenkins",
"run_list": [
"recipe[java::default]",
"recipe[jenkins::master]",
"recipe[policyfile_demo::default]"
],
"cookbook_locks": {
"policyfile_demo": {
"version": "0.1.0",
"identifier": "f04cc40faf628253fe7d9566d66a1733fb1afbe9",
"dotted_decimal_identifier": "67638399371010690.23642238397896298.25512023620585",
"source": "cookbooks/policyfile_demo",
"cache_key": null,
"scm_info": null,
"source_options": {
"path": "cookbooks/policyfile_demo"
}
},
"java": {
"version": "1.24.0",
"identifier": "4c24ae46a6633e424925c24e683e0f43786236a3",
"dotted_decimal_identifier": "21432429158228798.18657774985439294.16782456927907",
"cache_key": "java-1.24.0-supermarket.chef.io",
"origin": "https://supermarket.chef.io/api/v1/cookbooks/java/versions/1.24.0/download",
"source_options": {
"artifactserver": "https://supermarket.chef.io/api/v1/cookbooks/java/versions/1.24.0/download",
"version": "1.24.0"
}
None.
Use the chef push subcommand to upload an existing Policyfile.lock.json file to the Chef Infra Server, along with all of the cookbooks that are contained in the file. The Policyfile.lock.json file will be applied to the specified policy group, which is a set of nodes that share the same run-list and cookbooks.
This subcommand has the following syntax:
chef push POLICY_GROUP POLICY_FILE (options)
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
The chef push-archive subcommand is used to publish a policy archive file to the Chef Infra Server. (A policy archive is created using the chef export subcommand.) The policy archive is assigned to the specified policy group, which is a set of nodes that share the same run-list and cookbooks.
This subcommand has the following syntax:
chef push-archive POLICY_GROUP ARCHIVE_FILE (options)
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
Use the chef show-policy subcommand to display revisions for every Policyfile.rb file that is on the Chef Infra Server. By default, only active policy revisions are shown. When both a policy and policy group are specified, the contents of the active Policyfile.lock.json file for the policy group is returned.
This subcommand has the following syntax:
chef show-policy POLICY_NAME POLICY_GROUP (options)
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-h, --help
Show help for the command.
-o, --orphans
Show policy revisions that are not currently assigned to any policy group.
--[no-]pagerUse --pager to enable paged output for a Policyfile.lock.json file. Default value: --pager.
-v, --version
The Chef Infra Client version.
None.
Use the chef undelete subcommand to recover a deleted policy or policy group. This command:
This subcommand has the following syntax:
chef undelete (options)
When run with no arguments, returns a list of available operations.
This subcommand has the following options:
-c CONFIG_FILE, --config CONFIG_FILE
The path to the knife configuration file.
-D, --debug
Enable stack traces and other debug output.
-h, --help
Show help for the command.
-i ID, --id ID
Undo the delete operation specified by ID.
-l, --last
Undo the most recent delete operation.
--listDefault. Return a list of available operations.
-v, --version
The Chef Infra Client version.
None.
Use the chef update subcommand to read the Policyfile.rb file, and then apply any changes. This will resolve dependencies and will create a Policyfile.lock.json file. The locked policy will reflect any changes to the run-list and will pull in any cookbook updates that are compatible with any version constraints defined in the Policyfile.rb file.
This subcommand has the following syntax:
chef update POLICY_FILE (options)
This subcommand has the following options:
-a, --attributes
Update attributes. Default value: false.
-D, --debug
Enable stack traces and other debug output. Default value: false.
-h, --help
Show help for the command.
-v, --version
The Chef Infra Client version.
None.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/ctl_chef/