Subcommands in Knife Client
bulk delete
You can use the “bulk delete” command to delete the API client that matches the pattern defined by regular expression. The regular expression should be in quotes and should not be surrounded by a forward slash (/).
Syntax
This command has the below syntax:
knife client bulk delete REGEX
Options
This command has the below options:
-D, --delete-validators
It forces the deletion of the client.
create
You can use the “create” subcommand to create a new API client. With this process, an RSA key pair will be generated for the named API client. a provided API client. The public key can be stored on a Chef-Infra Server and the private key will be written to a named file or displayed on the STDOUT.
Syntax
This command has the below syntax:
knife client create NAME_OF_CLIENT (options)
Options
This command has the below options:
-f FILE, --file FILE
It saves the private key to a specified file name
-k, --prevent-keygen
It creates the client without a key pair. This key can be managed later with the help of the knife client key create subcommand.
-p FILE, --public-key FILE
A path to the file which contains a public key.
--validator
It creates the client as a chef-validator. The default value is true.
Examples
Below are the examples that show how you can use this knife subcommand:
Create the admin client:
To create the Chef Infra Client which can access a Chef Infra Server API as an administrator - it is sometimes referred to as the “API Chef Infra Client” - with the name “XYZ” and save its private key to the file, enters:
knife client create XYZ -a -f "/etc/chef/client.pem"
delete
The “delete” command can delete the registered API client. If you use the Chef Client 12.17 or later, you may delete multiple clients using this subcommand.
Syntax
This command has the below syntax:
knife client delete NAME_OF_CLIENT
Options
This command has the below options:
-D, --delete-validators
It forces the deletion of a client when it is a chef validator.
Examples
Below are the examples that show how you can use the knife subcommand:
Delete a client:
To delete the client with the name “codingninjas”, enter:
knife client delete codingninjas
Type Y to confirm a deletion.
edit
You can use the “edit” command to modify the details of the registered API client. When this command is run, the knife will open $EDITOR to enable the editing of the admin attribute.
Syntax
This command has the below syntax:
knife client edit NAME_OF_CLIENT
Options
This does not contain any specific options.
Examples
Below are the examples that show how you can use the knife subcommand:
Edit a client
To edit the client with the name “XYZ”, enter:
knife client edit XYZ
key create
You can use the “key create” command to create a public key.
Syntax
This command has the below syntax:
knife client key create NAME_OF_CLIENT (options)
Options
This command has the below options:
-e DATE, --expiration-date DATE
The expiry date for the public key is specified as an ISO 8601 formatted string: YYYY-MM-DDTHH:MM:SSZ.
-f FILE, --file FILE
It saves a private key to the provided file name. If the --public-key option is not set, the Chef Infra Server can generate a private key.
-k NAME, --key-name NAME_OF_PUBLIC_KEY
This gives the name of a public key.
-p FILE_NAME, --public-key NAME_OF_FILE
This is a path to the file which contains a public key. If the option is not set, and only if --key-name is set, the Chef Infra Server will create a private or public key pair.
key delete
You can use the “key delete” command to delete the public key.
Syntax
This command has the below syntax:
knife client key delete NAME_OF_CLIENT NAME_OF_KEY
key edit
You can use the “key edit” argument to edit or rename the public key.
Syntax
This command has the below syntax:
knife client key edit NAME_OF_CLIENT NAME_OF_KEY (options)
Options
-f FILE, --file FILE
It saves a private key to the provided file name. If the --public-key option is not set, the Chef Infra Server will generate a private key.
-c, --create-key
Generate a new public/private key pair and replace an existing public key with the newly-generated public key. To replace the public key with an existing public key, use --public-key instead.
-k NAME, --key-name NAME
This gives the name of a public key.
-p FILE_NAME, --public-key FILE_NAME
This is a path to the file which contains a public key. If the option is not set, and only if --key-name is set, the Chef Infra Server can create a public or private key pair.
-e DATE, --expiration-date DATE
The expiry date for the public key is specified as an ISO 8601 formatted string: YYYY-MM-DDTHH:MM:SSZ.
key list
You can use the “key list” command to view the list of public keys for a named client.
Syntax
This command has the below syntax:
knife client key list NAME_OF_CLIENT (options)
Options
This command has the below options:
-e, --only-expired
It shows a list of the public keys that are expired.
-n, --only-non-expired
It shows a list of the public keys that are not expired.
-w, --with-details
It shows a list of the public keys, including expiration status and URIs.
key show
You can use the “key show” command to view the details for a particular public key.
Syntax
This command has the below syntax:
knife client key show NAME_OF_CLIENT NAME_OF_ KEY
list
You can use the “list” subcommand to view the list of a registered API client.
Syntax
This command has the below syntax:
knife client list (options)
Options
This command has the below options:
-w, --with-uri
It shows the corresponding URIs.
reregister
You can use the “reregister” command to regenerate the RSA key pair for the API client. a provided API client. The public key can be stored on a Chef-Infra Server and the private key will be written to a named file or displayed on the STDOUT.
Syntax
This command has the below syntax:
knife client reregister NAME_OF_CLIENT (options)
Options
This command has the below options:
-f FILE_NAME, --file NAME_OF_FILE
It saves the private key to the specific file name.
Examples
Below are the examples that show how you can use this knife subcommand:
Re-register a client
To re-register a RSA key pair for the client named “CN” and save it to a file named “rsa_key”, enter:
knife client reregister CN -f rsa_key
show
You can use the “show” command to show details of the API client.
Syntax
This command has the below syntax:
knife client show NAME_OF_CLIENT (options)
Options
This command has the below options:
-a ATTR, --attribute ATTR
The attributes (or attribute) to show.
Examples
Below are the examples that show how you can use this knife subcommand:
Show clients
To view the client named “XYZ”, enter:
knife client show XYZ
to return something like:
admin: false
chef_type: client
json_class: Chef::ApiClient
name: XYZ
public_key:
To view the information in a JSON format, use the -F common options as part of a command like this:
knife client show devops -F json
Some other available formats include text, yaml, and pp.
Frequently Asked Questions
What is a knife in DevOps?
A knife is a command-line tool that interfaces between a chef Infra Server and local chef-repo.
What is a chef knife used for DevOps?
It is a system admin tool that is used to interact with a server to take the cookbooks and custom configurations and load them into the server.
What is a chef's workstation?
Chef Workstation is a modern developer tool kit by Chef that includes InSpec, Chef Infra, and a Habitat plus a host of resources, testing tools, and helpers that make an automated infrastructure, security testing, and application easy.
What is the chef-client command?
A chef-client is an agent that runs on each node locally that is under the management of the Chef. When a chef-client is run, it can perform all of the steps that require to bring the node into an expected state, including authenticating and Registering the node with the Chef server.
Conclusion
In this article, we discussed the overview of Knife Client. We started by introducing the knife client and discussed different concepts such syntax of the knife client, different options for the knife client, etc. To learn more about Knife, check out our articles on
Check out more similar article:
Difference between Public Key and Private Key
Refer to our guided paths on Coding Ninjas Studio to learn more about DSA, Competitive Programming, JavaScript, System Design, etc. Enroll in our courses and attempt the mock test and problems given on our platform. Take a look at the interview experiences and interview bundle for placement preparations.
Happy Learning, Ninjas!
34+ registered 
