chef 11.12.8-x86-mingw32 → 11.14.0.alpha.2-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Rakefile +4 -2
- data/distro/common/html/_sources/index.txt +6 -0
- data/distro/common/html/_sources/knife_ssl_check.txt +41 -0
- data/distro/common/html/_sources/knife_ssl_fetch.txt +41 -0
- data/distro/common/html/_static/basic.css +2 -5
- data/distro/common/html/_static/doctools.js +5 -14
- data/distro/common/html/_static/jquery.js +2 -154
- data/distro/common/html/_static/pygments.css +2 -2
- data/distro/common/html/_static/searchtools.js +212 -150
- data/distro/common/html/_static/underscore.js +29 -21
- data/distro/common/html/_static/websupport.js +1 -1
- data/distro/common/html/ctl_chef_client.html +15 -18
- data/distro/common/html/ctl_chef_server.html +7 -7
- data/distro/common/html/ctl_chef_shell.html +6 -6
- data/distro/common/html/ctl_chef_solo.html +7 -8
- data/distro/common/html/index.html +34 -24
- data/distro/common/html/knife.html +23 -24
- data/distro/common/html/knife_bootstrap.html +13 -9
- data/distro/common/html/knife_client.html +10 -11
- data/distro/common/html/knife_common_options.html +6 -7
- data/distro/common/html/knife_configure.html +3 -4
- data/distro/common/html/knife_cookbook.html +18 -11
- data/distro/common/html/knife_cookbook_site.html +14 -14
- data/distro/common/html/knife_data_bag.html +24 -23
- data/distro/common/html/knife_delete.html +4 -5
- data/distro/common/html/knife_deps.html +4 -5
- data/distro/common/html/knife_diff.html +6 -7
- data/distro/common/html/knife_download.html +12 -13
- data/distro/common/html/knife_edit.html +4 -5
- data/distro/common/html/knife_environment.html +8 -9
- data/distro/common/html/knife_exec.html +9 -10
- data/distro/common/html/knife_index_rebuild.html +4 -5
- data/distro/common/html/knife_list.html +8 -9
- data/distro/common/html/knife_node.html +34 -33
- data/distro/common/html/knife_raw.html +2 -3
- data/distro/common/html/knife_recipe_list.html +3 -4
- data/distro/common/html/knife_role.html +30 -29
- data/distro/common/html/knife_search.html +7 -7
- data/distro/common/html/knife_show.html +4 -5
- data/distro/common/html/knife_ssh.html +2 -3
- data/distro/common/html/knife_ssl_check.html +148 -0
- data/distro/common/html/knife_ssl_fetch.html +152 -0
- data/distro/common/html/knife_status.html +4 -5
- data/distro/common/html/knife_tag.html +2 -3
- data/distro/common/html/knife_upload.html +5 -6
- data/distro/common/html/knife_user.html +9 -10
- data/distro/common/html/knife_using.html +12 -12
- data/distro/common/html/knife_xargs.html +11 -12
- data/distro/common/html/search.html +1 -2
- data/distro/common/html/searchindex.js +1 -1
- data/distro/common/man/man1/chef-shell.1 +19 -11
- data/distro/common/man/man1/knife-bootstrap.1 +35 -19
- data/distro/common/man/man1/knife-client.1 +111 -28
- data/distro/common/man/man1/knife-configure.1 +30 -14
- data/distro/common/man/man1/knife-cookbook-site.1 +105 -22
- data/distro/common/man/man1/knife-cookbook.1 +164 -23
- data/distro/common/man/man1/knife-data-bag.1 +157 -33
- data/distro/common/man/man1/knife-delete.1 +21 -17
- data/distro/common/man/man1/knife-deps.1 +60 -16
- data/distro/common/man/man1/knife-diff.1 +37 -17
- data/distro/common/man/man1/knife-download.1 +68 -24
- data/distro/common/man/man1/knife-edit.1 +19 -15
- data/distro/common/man/man1/knife-environment.1 +105 -17
- data/distro/common/man/man1/knife-exec.1 +78 -18
- data/distro/common/man/man1/knife-index-rebuild.1 +16 -8
- data/distro/common/man/man1/knife-list.1 +39 -23
- data/distro/common/man/man1/knife-node.1 +170 -22
- data/distro/common/man/man1/knife-raw.1 +33 -13
- data/distro/common/man/man1/knife-recipe-list.1 +17 -5
- data/distro/common/man/man1/knife-role.1 +86 -18
- data/distro/common/man/man1/knife-search.1 +80 -16
- data/distro/common/man/man1/knife-show.1 +30 -14
- data/distro/common/man/man1/knife-ssh.1 +54 -14
- data/distro/common/man/man1/knife-ssl-check.1 +207 -0
- data/distro/common/man/man1/knife-ssl-fetch.1 +207 -0
- data/distro/common/man/man1/knife-status.1 +48 -12
- data/distro/common/man/man1/knife-tag.1 +30 -10
- data/distro/common/man/man1/knife-upload.1 +72 -20
- data/distro/common/man/man1/knife-user.1 +79 -23
- data/distro/common/man/man1/knife-xargs.1 +61 -53
- data/distro/common/man/man8/chef-client.8 +87 -29
- data/distro/common/man/man8/chef-solo.8 +36 -15
- data/lib/chef/application.rb +19 -14
- data/lib/chef/application/client.rb +5 -0
- data/lib/chef/application/solo.rb +5 -0
- data/lib/chef/application/windows_service_manager.rb +3 -0
- data/lib/chef/chef_fs/chef_fs_data_store.rb +72 -24
- data/lib/chef/chef_fs/file_system/chef_repository_file_system_cookbook_dir.rb +20 -4
- data/lib/chef/chef_fs/file_system/chef_repository_file_system_cookbooks_dir.rb +20 -1
- data/lib/chef/chef_fs/file_system/file_system_entry.rb +10 -2
- data/lib/chef/client.rb +2 -3
- data/lib/chef/config.rb +34 -8
- data/lib/chef/cookbook/cookbook_version_loader.rb +45 -4
- data/lib/chef/cookbook_version.rb +38 -30
- data/lib/chef/dsl/recipe.rb +4 -1
- data/lib/chef/event_dispatch/base.rb +14 -0
- data/lib/chef/event_dispatch/events_output_stream.rb +29 -0
- data/lib/chef/exceptions.rb +8 -0
- data/lib/chef/formatters/base.rb +16 -45
- data/lib/chef/formatters/doc.rb +51 -26
- data/lib/chef/formatters/indentable_output_stream.rb +165 -0
- data/lib/chef/knife/node_environment_set.rb +54 -0
- data/lib/chef/knife/user_create.rb +1 -1
- data/lib/chef/monkey_patches/pathname.rb +32 -0
- data/lib/chef/node.rb +1 -1
- data/lib/chef/platform/provider_mapping.rb +345 -338
- data/lib/chef/policy_builder/expand_node_object.rb +1 -1
- data/lib/chef/policy_builder/policyfile.rb +1 -1
- data/lib/chef/provider.rb +1 -0
- data/lib/chef/provider/git.rb +1 -1
- data/lib/chef/provider/link.rb +2 -2
- data/lib/chef/provider/remote_file/content.rb +1 -1
- data/lib/chef/provider/remote_file/local_file.rb +8 -2
- data/lib/chef/provider/service/arch.rb +0 -1
- data/lib/chef/provider/service/debian.rb +0 -2
- data/lib/chef/provider/service/freebsd.rb +2 -1
- data/lib/chef/provider/service/gentoo.rb +1 -1
- data/lib/chef/provider/service/init.rb +0 -1
- data/lib/chef/provider/service/insserv.rb +0 -2
- data/lib/chef/provider/service/invokercd.rb +0 -2
- data/lib/chef/provider/service/macosx.rb +2 -1
- data/lib/chef/provider/service/redhat.rb +0 -1
- data/lib/chef/provider/service/simple.rb +1 -0
- data/lib/chef/provider/service/solaris.rb +1 -0
- data/lib/chef/provider/service/systemd.rb +1 -1
- data/lib/chef/provider/service/upstart.rb +1 -1
- data/lib/chef/provider/user.rb +9 -9
- data/lib/chef/provider/user/solaris.rb +2 -0
- data/lib/chef/resource.rb +1 -0
- data/lib/chef/resource/remote_file.rb +32 -6
- data/lib/chef/run_context.rb +22 -0
- data/lib/chef/run_lock.rb +43 -4
- data/lib/chef/version.rb +2 -2
- data/spec/functional/http/simple_spec.rb +84 -0
- data/spec/functional/resource/remote_file_spec.rb +107 -43
- data/spec/functional/rest_spec.rb +94 -0
- data/spec/functional/run_lock_spec.rb +1 -1
- data/spec/functional/win32/service_manager_spec.rb +6 -0
- data/spec/integration/knife/chef_fs_data_store_spec.rb +2 -0
- data/spec/integration/recipes/lwrp_inline_resources_spec.rb +76 -0
- data/spec/spec_helper.rb +2 -0
- data/spec/support/mock/platform.rb +7 -0
- data/spec/support/pedant/pedant_config.rb +121 -0
- data/spec/support/pedant/run_pedant.rb +63 -0
- data/spec/support/pedant/stickywicket.pem +27 -0
- data/spec/support/shared/functional/http.rb +242 -0
- data/spec/support/shared/unit/api_error_inspector.rb +2 -2
- data/spec/unit/api_client_spec.rb +2 -2
- data/spec/unit/application/client_spec.rb +6 -1
- data/spec/unit/application/knife_spec.rb +4 -0
- data/spec/unit/application/solo_spec.rb +2 -0
- data/spec/unit/application_spec.rb +7 -0
- data/spec/unit/client_spec.rb +16 -0
- data/spec/unit/config_spec.rb +3 -20
- data/spec/unit/cookbook_version_spec.rb +224 -122
- data/spec/unit/formatters/error_inspectors/compile_error_inspector_spec.rb +2 -2
- data/spec/unit/formatters/error_inspectors/cookbook_resolve_error_inspector_spec.rb +2 -2
- data/spec/unit/formatters/error_inspectors/cookbook_sync_error_inspector_spec.rb +2 -2
- data/spec/unit/formatters/error_inspectors/resource_failure_inspector_spec.rb +2 -2
- data/spec/unit/formatters/error_inspectors/run_list_expansion_error_inspector_spec.rb +2 -2
- data/spec/unit/handler_spec.rb +0 -1
- data/spec/unit/knife/client_bulk_delete_spec.rb +3 -0
- data/spec/unit/knife/cookbook_bulk_delete_spec.rb +2 -0
- data/spec/unit/knife/cookbook_metadata_spec.rb +2 -2
- data/spec/unit/knife/cookbook_site_install_spec.rb +3 -1
- data/spec/unit/knife/cookbook_upload_spec.rb +10 -10
- data/spec/unit/knife/node_environment_set_spec.rb +80 -0
- data/spec/unit/knife/user_create_spec.rb +6 -4
- data/spec/unit/knife/user_edit_spec.rb +5 -0
- data/spec/unit/knife_spec.rb +3 -0
- data/spec/unit/mixin/securable_spec.rb +18 -20
- data/spec/unit/node/attribute_spec.rb +15 -2
- data/spec/unit/node/immutable_collections_spec.rb +4 -4
- data/spec/unit/provider/cron_spec.rb +14 -14
- data/spec/unit/provider/git_spec.rb +4 -4
- data/spec/unit/provider/group_spec.rb +1 -1
- data/spec/unit/provider/ohai_spec.rb +2 -2
- data/spec/unit/provider/remote_file/content_spec.rb +58 -35
- data/spec/unit/provider/remote_file/local_file_spec.rb +23 -0
- data/spec/unit/provider/service/solaris_smf_service_spec.rb +13 -13
- data/spec/unit/resource/mount_spec.rb +0 -1
- data/spec/unit/resource/remote_file_spec.rb +29 -0
- data/spec/unit/resource_spec.rb +1 -1
- data/spec/unit/run_context_spec.rb +7 -0
- data/spec/unit/run_lock_spec.rb +98 -0
- data/spec/unit/version_constraint_spec.rb +1 -1
- metadata +166 -153
- data/distro/common/html/_static/chef.css +0 -507
- data/distro/common/html/_static/chef_logo.png +0 -0
- data/lib/chef/checksum/storage.rb +0 -18
- data/lib/chef/checksum/storage/filesystem.rb +0 -56
- data/spec/unit/checksum/storage/filesystem_spec.rb +0 -70
@@ -0,0 +1,207 @@
|
|
1
|
+
.\" Man page generated from reStructuredText.
|
2
|
+
.
|
3
|
+
.TH "KNIFE-SSL-CHECK" "1" "Chef 11.12.0" "" "knife ssl check"
|
4
|
+
.SH NAME
|
5
|
+
knife-ssl-check \- The man page for the knife ssl check subcommand.
|
6
|
+
.
|
7
|
+
.nr rst2man-indent-level 0
|
8
|
+
.
|
9
|
+
.de1 rstReportMargin
|
10
|
+
\\$1 \\n[an-margin]
|
11
|
+
level \\n[rst2man-indent-level]
|
12
|
+
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
13
|
+
-
|
14
|
+
\\n[rst2man-indent0]
|
15
|
+
\\n[rst2man-indent1]
|
16
|
+
\\n[rst2man-indent2]
|
17
|
+
..
|
18
|
+
.de1 INDENT
|
19
|
+
.\" .rstReportMargin pre:
|
20
|
+
. RS \\$1
|
21
|
+
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
|
22
|
+
. nr rst2man-indent-level +1
|
23
|
+
.\" .rstReportMargin post:
|
24
|
+
..
|
25
|
+
.de UNINDENT
|
26
|
+
. RE
|
27
|
+
.\" indent \\n[an-margin]
|
28
|
+
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
29
|
+
.nr rst2man-indent-level -1
|
30
|
+
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
31
|
+
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
|
32
|
+
..
|
33
|
+
.sp
|
34
|
+
The \fBknife ssl check\fP subcommand is used to verify the SSL configuration for the Enterprise Chef and/or Open Source Chef servers, or at another location specified by a URL or URI.
|
35
|
+
.sp
|
36
|
+
\fBWARNING:\fP
|
37
|
+
.INDENT 0.0
|
38
|
+
.INDENT 3.5
|
39
|
+
When verification of a remote server\(aqs SSL certificate is disabled, the chef\-client will issue a warning similar to "SSL validation of HTTPS requests is disabled. HTTPS connections are still encrypted, but the chef\-client is not able to detect forged replies or man\-in\-the\-middle attacks." To configure SSL for the chef\-client, set \fBssl_verify_mode\fP to \fB:verify_peer\fP (recommended) \fBor\fP \fBverify_api_cert\fP to \fBtrue\fP in the client.rb file.
|
40
|
+
.UNINDENT
|
41
|
+
.UNINDENT
|
42
|
+
.sp
|
43
|
+
\fBSyntax\fP
|
44
|
+
.sp
|
45
|
+
This subcommand has the following syntax:
|
46
|
+
.INDENT 0.0
|
47
|
+
.INDENT 3.5
|
48
|
+
.sp
|
49
|
+
.nf
|
50
|
+
.ft C
|
51
|
+
$ knife ssl check URI
|
52
|
+
.ft P
|
53
|
+
.fi
|
54
|
+
.UNINDENT
|
55
|
+
.UNINDENT
|
56
|
+
.sp
|
57
|
+
\fBOptions\fP
|
58
|
+
.sp
|
59
|
+
This subcommand has the following options:
|
60
|
+
.INDENT 0.0
|
61
|
+
.TP
|
62
|
+
.B \fB\-a SSH_ATTR\fP, \fB\-\-attribute SSH_ATTR\fP
|
63
|
+
The attribute that is used when opening the SSH connection. The default attribute is the FQDN of the host. Other possible values include a public IP address, a private IP address, or a hostname.
|
64
|
+
.TP
|
65
|
+
.B \fB\-A\fP, \fB\-\-forward\-agent\fP
|
66
|
+
Indicates that SSH agent forwarding is enabled.
|
67
|
+
.TP
|
68
|
+
.B \fB\-c CONFIG_FILE\fP, \fB\-\-config CONFIG_FILE\fP
|
69
|
+
The configuration file to use.
|
70
|
+
.TP
|
71
|
+
.B \fB\-C NUM\fP, \fB\-\-concurrency NUM\fP
|
72
|
+
The number of allowed concurrent connections.
|
73
|
+
.TP
|
74
|
+
.B \fB\-\-chef\-zero\-port PORT\fP
|
75
|
+
The port on which chef\-zero will listen.
|
76
|
+
.TP
|
77
|
+
.B \fB\-\-[no\-]color\fP
|
78
|
+
Indicates whether colored output will be used.
|
79
|
+
.TP
|
80
|
+
.B \fB\-d\fP, \fB\-\-disable\-editing\fP
|
81
|
+
Indicates that $EDITOR will not be opened; data will be accepted as\-is.
|
82
|
+
.TP
|
83
|
+
.B \fB\-\-defaults\fP
|
84
|
+
Indicates that Knife will use the default value, instead of asking a user to provide one.
|
85
|
+
.TP
|
86
|
+
.B \fB\-e EDITOR\fP, \fB\-\-editor EDITOR\fP
|
87
|
+
The $EDITOR that is used for all interactive commands.
|
88
|
+
.TP
|
89
|
+
.B \fB\-E ENVIRONMENT\fP, \fB\-\-environment ENVIRONMENT\fP
|
90
|
+
The name of the environment. When this option is added to a command, the command will run only against the named environment.
|
91
|
+
.TP
|
92
|
+
.B \fB\-F FORMAT\fP, \fB\-\-format FORMAT\fP
|
93
|
+
The output format: \fBsummary\fP (default), \fBtext\fP, \fBjson\fP, \fByaml\fP, and \fBpp\fP\&.
|
94
|
+
.TP
|
95
|
+
.B \fB\-G GATEWAY\fP, \fB\-\-ssh\-gateway GATEWAY\fP
|
96
|
+
The SSH tunnel or gateway that is used to run a bootstrap action on a machine that is not accessible from the workstation.
|
97
|
+
.TP
|
98
|
+
.B \fB\-h\fP, \fB\-\-help\fP
|
99
|
+
Shows help for the command.
|
100
|
+
.TP
|
101
|
+
.B \fB\-i IDENTITY_FILE\fP, \fB\-\-identity\-file IDENTIFY_FILE\fP
|
102
|
+
The SSH identity file used for authentication. Key\-based authentication is recommended.
|
103
|
+
.TP
|
104
|
+
.B \fB\-k KEY\fP, \fB\-\-key KEY\fP
|
105
|
+
The private key that Knife will use to sign requests made by the API client to the Chef server\&.
|
106
|
+
.TP
|
107
|
+
.B \fB\-m\fP, \fB\-\-manual\-list\fP
|
108
|
+
Indicates that a search query is a space\-separated list of servers. If there is more than one item in the list, put quotes around the entire list. For example: \fB\-\-manual\-list "server01 server 02 server 03"\fP
|
109
|
+
.TP
|
110
|
+
.B \fB\-\-[no\-]host\-key\-verify\fP
|
111
|
+
Use \fB\-\-no\-host\-key\-verify\fP to disable host key verification. Default setting: \fB\-\-host\-key\-verify\fP\&.
|
112
|
+
.TP
|
113
|
+
.B \fBOTHER\fP
|
114
|
+
The shell type. Possible values: \fBinteractive\fP, \fBscreen\fP, \fBtmux\fP, \fBmacterm\fP, or \fBcssh\fP\&. (\fBcsshx\fP is deprecated in favor of \fBcssh\fP\&.)
|
115
|
+
.TP
|
116
|
+
.B \fB\-p PORT\fP, \fB\-\-ssh\-port PORT\fP
|
117
|
+
The SSH port.
|
118
|
+
.TP
|
119
|
+
.B \fB\-P PASSWORD\fP, \fB\-\-ssh\-password PASSWORD\fP
|
120
|
+
The SSH password. This can be used to pass the password directly on the command line. If this option is not specified (and a password is required) Knife will prompt for the password.
|
121
|
+
.TP
|
122
|
+
.B \fB\-\-print\-after\fP
|
123
|
+
Indicates that data will be shown after a destructive operation.
|
124
|
+
.TP
|
125
|
+
.B \fB\-s URL\fP, \fB\-\-server\-url URL\fP
|
126
|
+
The URL for the Chef server\&.
|
127
|
+
.TP
|
128
|
+
.B \fBSEARCH_QUERY\fP
|
129
|
+
The search query used to return a list of servers to be accessed using SSH and the specified \fBSSH_COMMAND\fP\&. This option uses the same syntax as the search sub\-command.
|
130
|
+
.TP
|
131
|
+
.B \fBSSH_COMMAND\fP
|
132
|
+
The command that will be run against the results of a search query.
|
133
|
+
.TP
|
134
|
+
.B \fB\-u USER\fP, \fB\-\-user USER\fP
|
135
|
+
The user name used by Knife to sign requests made by the API client to the Chef server\&. Authentication will fail if the user name does not match the private key.
|
136
|
+
.TP
|
137
|
+
.B \fB\-v\fP, \fB\-\-version\fP
|
138
|
+
The version of the chef\-client\&.
|
139
|
+
.TP
|
140
|
+
.B \fB\-V\fP, \fB\-\-verbose\fP
|
141
|
+
Set for more verbose outputs. Use \fB\-VV\fP for maximum verbosity.
|
142
|
+
.TP
|
143
|
+
.B \fB\-x USER_NAME\fP, \fB\-\-ssh\-user USER_NAME\fP
|
144
|
+
The SSH user name.
|
145
|
+
.TP
|
146
|
+
.B \fB\-y\fP, \fB\-\-yes\fP
|
147
|
+
Indicates that the response to all confirmation prompts will be "Yes" (and that Knife will not ask for confirmation).
|
148
|
+
.TP
|
149
|
+
.B \fB\-z\fP, \fB\-\-local\-mode\fP
|
150
|
+
Indicates that the chef\-client will be run in local mode, which allows all commands that work against the Chef server to also work against the local chef\-repo\&.
|
151
|
+
.UNINDENT
|
152
|
+
.sp
|
153
|
+
\fBExamples\fP
|
154
|
+
.sp
|
155
|
+
The following examples show how to use this Knife subcommand:
|
156
|
+
.sp
|
157
|
+
\fBVerify the SSL configuration for the Chef server\fP
|
158
|
+
.INDENT 0.0
|
159
|
+
.INDENT 3.5
|
160
|
+
.sp
|
161
|
+
.nf
|
162
|
+
.ft C
|
163
|
+
$ knife ssl check
|
164
|
+
.ft P
|
165
|
+
.fi
|
166
|
+
.UNINDENT
|
167
|
+
.UNINDENT
|
168
|
+
.sp
|
169
|
+
\fBVerify the SSL configuration for the chef\-client\fP
|
170
|
+
.INDENT 0.0
|
171
|
+
.INDENT 3.5
|
172
|
+
.sp
|
173
|
+
.nf
|
174
|
+
.ft C
|
175
|
+
$ knife ssl check \-c /etc/chef/client.rb
|
176
|
+
.ft P
|
177
|
+
.fi
|
178
|
+
.UNINDENT
|
179
|
+
.UNINDENT
|
180
|
+
.sp
|
181
|
+
\fBVerify an external server\(aqs SSL certificate\fP
|
182
|
+
.INDENT 0.0
|
183
|
+
.INDENT 3.5
|
184
|
+
.sp
|
185
|
+
.nf
|
186
|
+
.ft C
|
187
|
+
$ knife ssl check URL_or_URI
|
188
|
+
.ft P
|
189
|
+
.fi
|
190
|
+
.UNINDENT
|
191
|
+
.UNINDENT
|
192
|
+
.sp
|
193
|
+
for example:
|
194
|
+
.INDENT 0.0
|
195
|
+
.INDENT 3.5
|
196
|
+
.sp
|
197
|
+
.nf
|
198
|
+
.ft C
|
199
|
+
$ knife ssl check https://www.getchef.com
|
200
|
+
.ft P
|
201
|
+
.fi
|
202
|
+
.UNINDENT
|
203
|
+
.UNINDENT
|
204
|
+
.SH AUTHOR
|
205
|
+
Chef
|
206
|
+
.\" Generated by docutils manpage writer.
|
207
|
+
.
|
@@ -0,0 +1,207 @@
|
|
1
|
+
.\" Man page generated from reStructuredText.
|
2
|
+
.
|
3
|
+
.TH "KNIFE-SSL-FETCH" "1" "Chef 11.12.0" "" "knife ssl fetch"
|
4
|
+
.SH NAME
|
5
|
+
knife-ssl-fetch \- The man page for the knife ssl fetch subcommand.
|
6
|
+
.
|
7
|
+
.nr rst2man-indent-level 0
|
8
|
+
.
|
9
|
+
.de1 rstReportMargin
|
10
|
+
\\$1 \\n[an-margin]
|
11
|
+
level \\n[rst2man-indent-level]
|
12
|
+
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
13
|
+
-
|
14
|
+
\\n[rst2man-indent0]
|
15
|
+
\\n[rst2man-indent1]
|
16
|
+
\\n[rst2man-indent2]
|
17
|
+
..
|
18
|
+
.de1 INDENT
|
19
|
+
.\" .rstReportMargin pre:
|
20
|
+
. RS \\$1
|
21
|
+
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
|
22
|
+
. nr rst2man-indent-level +1
|
23
|
+
.\" .rstReportMargin post:
|
24
|
+
..
|
25
|
+
.de UNINDENT
|
26
|
+
. RE
|
27
|
+
.\" indent \\n[an-margin]
|
28
|
+
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
29
|
+
.nr rst2man-indent-level -1
|
30
|
+
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
31
|
+
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
|
32
|
+
..
|
33
|
+
.sp
|
34
|
+
The \fBknife ssl fetch\fP subcommand is used to copy SSL certificates from an HTTPS server to the \fBtrusted_certs_dir\fP directory that is used by Knife and the chef\-client to store trusted SSL certificates. When these certificates match the hostname of the remote server, running \fBknife ssl fetch\fP is the only step required to verify a remote server that is accessed by either Knife or the chef\-client\&.
|
35
|
+
.sp
|
36
|
+
\fBWARNING:\fP
|
37
|
+
.INDENT 0.0
|
38
|
+
.INDENT 3.5
|
39
|
+
It is the user\(aqs responsibility to verify the authenticity of every SSL certificate before downloading it to the \fBtrusted_certs_dir\fP directory. Knife will use any certificate in that directory as if it is a 100% trusted and authentic SSL certificate. Knife will not be able to determine if any certificate in this directory has been tampered with, is forged, malicious, or otherwise harmful. Therefore it is essential that users take the proper steps before downloading certificates into this directory.
|
40
|
+
.UNINDENT
|
41
|
+
.UNINDENT
|
42
|
+
.sp
|
43
|
+
\fBSyntax\fP
|
44
|
+
.sp
|
45
|
+
This subcommand has the following syntax:
|
46
|
+
.INDENT 0.0
|
47
|
+
.INDENT 3.5
|
48
|
+
.sp
|
49
|
+
.nf
|
50
|
+
.ft C
|
51
|
+
$ knife ssh SEARCH_QUERY SSH_COMMAND (options)
|
52
|
+
.ft P
|
53
|
+
.fi
|
54
|
+
.UNINDENT
|
55
|
+
.UNINDENT
|
56
|
+
.sp
|
57
|
+
\fBOptions\fP
|
58
|
+
.sp
|
59
|
+
This subcommand has the following options:
|
60
|
+
.INDENT 0.0
|
61
|
+
.TP
|
62
|
+
.B \fB\-a SSH_ATTR\fP, \fB\-\-attribute SSH_ATTR\fP
|
63
|
+
The attribute that is used when opening the SSH connection. The default attribute is the FQDN of the host. Other possible values include a public IP address, a private IP address, or a hostname.
|
64
|
+
.TP
|
65
|
+
.B \fB\-A\fP, \fB\-\-forward\-agent\fP
|
66
|
+
Indicates that SSH agent forwarding is enabled.
|
67
|
+
.TP
|
68
|
+
.B \fB\-c CONFIG_FILE\fP, \fB\-\-config CONFIG_FILE\fP
|
69
|
+
The configuration file to use.
|
70
|
+
.TP
|
71
|
+
.B \fB\-C NUM\fP, \fB\-\-concurrency NUM\fP
|
72
|
+
The number of allowed concurrent connections.
|
73
|
+
.TP
|
74
|
+
.B \fB\-\-chef\-zero\-port PORT\fP
|
75
|
+
The port on which chef\-zero will listen.
|
76
|
+
.TP
|
77
|
+
.B \fB\-\-[no\-]color\fP
|
78
|
+
Indicates whether colored output will be used.
|
79
|
+
.TP
|
80
|
+
.B \fB\-d\fP, \fB\-\-disable\-editing\fP
|
81
|
+
Indicates that $EDITOR will not be opened; data will be accepted as\-is.
|
82
|
+
.TP
|
83
|
+
.B \fB\-\-defaults\fP
|
84
|
+
Indicates that Knife will use the default value, instead of asking a user to provide one.
|
85
|
+
.TP
|
86
|
+
.B \fB\-e EDITOR\fP, \fB\-\-editor EDITOR\fP
|
87
|
+
The $EDITOR that is used for all interactive commands.
|
88
|
+
.TP
|
89
|
+
.B \fB\-E ENVIRONMENT\fP, \fB\-\-environment ENVIRONMENT\fP
|
90
|
+
The name of the environment. When this option is added to a command, the command will run only against the named environment.
|
91
|
+
.TP
|
92
|
+
.B \fB\-F FORMAT\fP, \fB\-\-format FORMAT\fP
|
93
|
+
The output format: \fBsummary\fP (default), \fBtext\fP, \fBjson\fP, \fByaml\fP, and \fBpp\fP\&.
|
94
|
+
.TP
|
95
|
+
.B \fB\-G GATEWAY\fP, \fB\-\-ssh\-gateway GATEWAY\fP
|
96
|
+
The SSH tunnel or gateway that is used to run a bootstrap action on a machine that is not accessible from the workstation.
|
97
|
+
.TP
|
98
|
+
.B \fB\-h\fP, \fB\-\-help\fP
|
99
|
+
Shows help for the command.
|
100
|
+
.TP
|
101
|
+
.B \fB\-i IDENTITY_FILE\fP, \fB\-\-identity\-file IDENTIFY_FILE\fP
|
102
|
+
The SSH identity file used for authentication. Key\-based authentication is recommended.
|
103
|
+
.TP
|
104
|
+
.B \fB\-k KEY\fP, \fB\-\-key KEY\fP
|
105
|
+
The private key that Knife will use to sign requests made by the API client to the Chef server\&.
|
106
|
+
.TP
|
107
|
+
.B \fB\-m\fP, \fB\-\-manual\-list\fP
|
108
|
+
Indicates that a search query is a space\-separated list of servers. If there is more than one item in the list, put quotes around the entire list. For example: \fB\-\-manual\-list "server01 server 02 server 03"\fP
|
109
|
+
.TP
|
110
|
+
.B \fB\-\-[no\-]host\-key\-verify\fP
|
111
|
+
Use \fB\-\-no\-host\-key\-verify\fP to disable host key verification. Default setting: \fB\-\-host\-key\-verify\fP\&.
|
112
|
+
.TP
|
113
|
+
.B \fBOTHER\fP
|
114
|
+
The shell type. Possible values: \fBinteractive\fP, \fBscreen\fP, \fBtmux\fP, \fBmacterm\fP, or \fBcssh\fP\&. (\fBcsshx\fP is deprecated in favor of \fBcssh\fP\&.)
|
115
|
+
.TP
|
116
|
+
.B \fB\-p PORT\fP, \fB\-\-ssh\-port PORT\fP
|
117
|
+
The SSH port.
|
118
|
+
.TP
|
119
|
+
.B \fB\-P PASSWORD\fP, \fB\-\-ssh\-password PASSWORD\fP
|
120
|
+
The SSH password. This can be used to pass the password directly on the command line. If this option is not specified (and a password is required) Knife will prompt for the password.
|
121
|
+
.TP
|
122
|
+
.B \fB\-\-print\-after\fP
|
123
|
+
Indicates that data will be shown after a destructive operation.
|
124
|
+
.TP
|
125
|
+
.B \fB\-s URL\fP, \fB\-\-server\-url URL\fP
|
126
|
+
The URL for the Chef server\&.
|
127
|
+
.TP
|
128
|
+
.B \fBSEARCH_QUERY\fP
|
129
|
+
The search query used to return a list of servers to be accessed using SSH and the specified \fBSSH_COMMAND\fP\&. This option uses the same syntax as the search sub\-command.
|
130
|
+
.TP
|
131
|
+
.B \fBSSH_COMMAND\fP
|
132
|
+
The command that will be run against the results of a search query.
|
133
|
+
.TP
|
134
|
+
.B \fB\-u USER\fP, \fB\-\-user USER\fP
|
135
|
+
The user name used by Knife to sign requests made by the API client to the Chef server\&. Authentication will fail if the user name does not match the private key.
|
136
|
+
.TP
|
137
|
+
.B \fB\-v\fP, \fB\-\-version\fP
|
138
|
+
The version of the chef\-client\&.
|
139
|
+
.TP
|
140
|
+
.B \fB\-V\fP, \fB\-\-verbose\fP
|
141
|
+
Set for more verbose outputs. Use \fB\-VV\fP for maximum verbosity.
|
142
|
+
.TP
|
143
|
+
.B \fB\-x USER_NAME\fP, \fB\-\-ssh\-user USER_NAME\fP
|
144
|
+
The SSH user name.
|
145
|
+
.TP
|
146
|
+
.B \fB\-y\fP, \fB\-\-yes\fP
|
147
|
+
Indicates that the response to all confirmation prompts will be "Yes" (and that Knife will not ask for confirmation).
|
148
|
+
.TP
|
149
|
+
.B \fB\-z\fP, \fB\-\-local\-mode\fP
|
150
|
+
Indicates that the chef\-client will be run in local mode, which allows all commands that work against the Chef server to also work against the local chef\-repo\&.
|
151
|
+
.UNINDENT
|
152
|
+
.sp
|
153
|
+
\fBExamples\fP
|
154
|
+
.sp
|
155
|
+
The following examples show how to use this Knife subcommand:
|
156
|
+
.sp
|
157
|
+
\fBFetch the SSL certificates used by Knife from the Chef server\fP
|
158
|
+
.INDENT 0.0
|
159
|
+
.INDENT 3.5
|
160
|
+
.sp
|
161
|
+
.nf
|
162
|
+
.ft C
|
163
|
+
$ knife ssl fetch
|
164
|
+
.ft P
|
165
|
+
.fi
|
166
|
+
.UNINDENT
|
167
|
+
.UNINDENT
|
168
|
+
.sp
|
169
|
+
\fBFetch the SSL certificates used by the chef\-client from the Chef server\fP
|
170
|
+
.INDENT 0.0
|
171
|
+
.INDENT 3.5
|
172
|
+
.sp
|
173
|
+
.nf
|
174
|
+
.ft C
|
175
|
+
$ knife ssl fetch \-c /etc/chef/client.rb
|
176
|
+
.ft P
|
177
|
+
.fi
|
178
|
+
.UNINDENT
|
179
|
+
.UNINDENT
|
180
|
+
.sp
|
181
|
+
\fBFetch SSL certificates from a URL or URI\fP
|
182
|
+
.INDENT 0.0
|
183
|
+
.INDENT 3.5
|
184
|
+
.sp
|
185
|
+
.nf
|
186
|
+
.ft C
|
187
|
+
$ knife ssl fetch URL_or_URI
|
188
|
+
.ft P
|
189
|
+
.fi
|
190
|
+
.UNINDENT
|
191
|
+
.UNINDENT
|
192
|
+
.sp
|
193
|
+
for example:
|
194
|
+
.INDENT 0.0
|
195
|
+
.INDENT 3.5
|
196
|
+
.sp
|
197
|
+
.nf
|
198
|
+
.ft C
|
199
|
+
$ knife ssl fetch https://www.getchef.com
|
200
|
+
.ft P
|
201
|
+
.fi
|
202
|
+
.UNINDENT
|
203
|
+
.UNINDENT
|
204
|
+
.SH AUTHOR
|
205
|
+
Chef
|
206
|
+
.\" Generated by docutils manpage writer.
|
207
|
+
.
|
@@ -1,4 +1,6 @@
|
|
1
|
-
|
1
|
+
.\" Man page generated from reStructuredText.
|
2
|
+
.
|
3
|
+
.TH "KNIFE-STATUS" "1" "Chef 11.12.0" "" "knife status"
|
2
4
|
.SH NAME
|
3
5
|
knife-status \- The man page for the knife status subcommand.
|
4
6
|
.
|
@@ -28,20 +30,22 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
|
28
30
|
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
|
29
31
|
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
|
30
32
|
..
|
31
|
-
.\" Man page generated from reStructuredText.
|
32
|
-
.
|
33
33
|
.sp
|
34
|
-
The \fBknife status\fP subcommand is used to display a brief summary of the nodes on a server, including the time of the most recent successful chef\-client run.
|
34
|
+
The \fBknife status\fP subcommand is used to display a brief summary of the nodes on a Chef server, including the time of the most recent successful chef\-client run.
|
35
35
|
.sp
|
36
36
|
\fBSyntax\fP
|
37
37
|
.sp
|
38
|
-
This
|
38
|
+
This subcommand has the following syntax:
|
39
|
+
.INDENT 0.0
|
40
|
+
.INDENT 3.5
|
39
41
|
.sp
|
40
42
|
.nf
|
41
43
|
.ft C
|
42
44
|
$ knife status (options)
|
43
45
|
.ft P
|
44
46
|
.fi
|
47
|
+
.UNINDENT
|
48
|
+
.UNINDENT
|
45
49
|
.sp
|
46
50
|
\fBOptions\fP
|
47
51
|
.sp
|
@@ -70,7 +74,7 @@ The $EDITOR that is used for all interactive commands.
|
|
70
74
|
The name of the environment. When this option is added to a command, the command will run only against the named environment.
|
71
75
|
.TP
|
72
76
|
.B \fB\-F FORMAT\fP, \fB\-\-format FORMAT\fP
|
73
|
-
The output format: \fBsummary\fP (default), \fBtext\fP, \fBjson\fP, \fByaml\fP, and \fBpp\fP
|
77
|
+
The output format: \fBsummary\fP (default), \fBtext\fP, \fBjson\fP, \fByaml\fP, and \fBpp\fP\&.
|
74
78
|
.TP
|
75
79
|
.B \fB\-h\fP, \fB\-\-help\fP
|
76
80
|
Shows help for the command.
|
@@ -79,13 +83,13 @@ Shows help for the command.
|
|
79
83
|
Indicates that nodes on which a chef\-client run has occurred within the previous hour will be hidden.
|
80
84
|
.TP
|
81
85
|
.B \fB\-k KEY\fP, \fB\-\-key KEY\fP
|
82
|
-
The private key that Knife will use to sign requests made by the API client to the server
|
86
|
+
The private key that Knife will use to sign requests made by the API client to the Chef server\&.
|
83
87
|
.TP
|
84
88
|
.B \fB\-\-print\-after\fP
|
85
89
|
Indicates that data will be shown after a destructive operation.
|
86
90
|
.TP
|
87
91
|
.B \fBSEARCH_QUERY\fP
|
88
|
-
The search query used to identify a a list of items on a server
|
92
|
+
The search query used to identify a a list of items on a Chef server\&. This option uses the same syntax as the \fBsearch\fP sub\-command.
|
89
93
|
.TP
|
90
94
|
.B \fB\-r RUN_LIST\fP, \fB\-\-run\-list RUN_LIST\fP
|
91
95
|
A comma\-separated list of roles and/or recipes to be applied.
|
@@ -94,13 +98,13 @@ A comma\-separated list of roles and/or recipes to be applied.
|
|
94
98
|
Indicates that the list will be sorted by last run time, descending.
|
95
99
|
.TP
|
96
100
|
.B \fB\-\-server\-url URL\fP
|
97
|
-
The URL for the server
|
101
|
+
The URL for the Chef server\&.
|
98
102
|
.TP
|
99
103
|
.B \fB\-u USER\fP, \fB\-\-user USER\fP
|
100
|
-
The user name used by Knife to sign requests made by the API client to the server
|
104
|
+
The user name used by Knife to sign requests made by the API client to the Chef server\&. Authentication will fail if the user name does not match the private key.
|
101
105
|
.TP
|
102
106
|
.B \fB\-v\fP, \fB\-\-version\fP
|
103
|
-
The version of the chef\-client
|
107
|
+
The version of the chef\-client\&.
|
104
108
|
.TP
|
105
109
|
.B \fB\-V\fP, \fB\-\-verbose\fP
|
106
110
|
Set for more verbose outputs. Use \fB\-VV\fP for maximum verbosity.
|
@@ -109,20 +113,26 @@ Set for more verbose outputs. Use \fB\-VV\fP for maximum verbosity.
|
|
109
113
|
Indicates that the response to all confirmation prompts will be "Yes" (and that Knife will not ask for confirmation).
|
110
114
|
.TP
|
111
115
|
.B \fB\-z\fP, \fB\-\-local\-mode\fP
|
112
|
-
Indicates that the chef\-client will be run in local mode, which allows all commands that work against the server to also work against the local chef\-repo
|
116
|
+
Indicates that the chef\-client will be run in local mode, which allows all commands that work against the Chef server to also work against the local chef\-repo\&.
|
113
117
|
.UNINDENT
|
114
118
|
.sp
|
115
119
|
\fBExamples\fP
|
116
120
|
.sp
|
117
121
|
To include run lists in the status, enter:
|
122
|
+
.INDENT 0.0
|
123
|
+
.INDENT 3.5
|
118
124
|
.sp
|
119
125
|
.nf
|
120
126
|
.ft C
|
121
127
|
$ knife status \-\-run\-list
|
122
128
|
.ft P
|
123
129
|
.fi
|
130
|
+
.UNINDENT
|
131
|
+
.UNINDENT
|
124
132
|
.sp
|
125
133
|
to return something like:
|
134
|
+
.INDENT 0.0
|
135
|
+
.INDENT 3.5
|
126
136
|
.sp
|
127
137
|
.nf
|
128
138
|
.ft C
|
@@ -134,16 +144,24 @@ to return something like:
|
|
134
144
|
3 hours ago, i\-f65c969b, ubuntu 10.04, ec2\-184\-73\-60\-141.compute\-1.amazonaws.com, 184.73.60.141, role[web].
|
135
145
|
.ft P
|
136
146
|
.fi
|
147
|
+
.UNINDENT
|
148
|
+
.UNINDENT
|
137
149
|
.sp
|
138
150
|
To show the status for nodes on which the chef\-client did not run successfully within the past hour, enter:
|
151
|
+
.INDENT 0.0
|
152
|
+
.INDENT 3.5
|
139
153
|
.sp
|
140
154
|
.nf
|
141
155
|
.ft C
|
142
156
|
$ knife status \-\-hide\-healthy
|
143
157
|
.ft P
|
144
158
|
.fi
|
159
|
+
.UNINDENT
|
160
|
+
.UNINDENT
|
145
161
|
.sp
|
146
162
|
to return something like:
|
163
|
+
.INDENT 0.0
|
164
|
+
.INDENT 3.5
|
147
165
|
.sp
|
148
166
|
.nf
|
149
167
|
.ft C
|
@@ -151,16 +169,24 @@ to return something like:
|
|
151
169
|
1 hour ago, i\-a47823c9, ubuntu 10.04, ec2\-174\-129\-127\-206.compute\-1.amazonaws.com, 184.129.143.111, role[lb].
|
152
170
|
.ft P
|
153
171
|
.fi
|
172
|
+
.UNINDENT
|
173
|
+
.UNINDENT
|
154
174
|
.sp
|
155
175
|
To show the status of a subset of nodes that are returned by a specific query, enter:
|
176
|
+
.INDENT 0.0
|
177
|
+
.INDENT 3.5
|
156
178
|
.sp
|
157
179
|
.nf
|
158
180
|
.ft C
|
159
181
|
$ knife status "role:web" \-\-run\-list
|
160
182
|
.ft P
|
161
183
|
.fi
|
184
|
+
.UNINDENT
|
185
|
+
.UNINDENT
|
162
186
|
.sp
|
163
187
|
to return something like:
|
188
|
+
.INDENT 0.0
|
189
|
+
.INDENT 3.5
|
164
190
|
.sp
|
165
191
|
.nf
|
166
192
|
.ft C
|
@@ -171,16 +197,24 @@ to return something like:
|
|
171
197
|
3 hours ago, i\-f65c969b, ubuntu 10.04, ec2\-184\-73\-60\-141.compute\-1.amazonaws.com, 184.73.60.141, role[web].
|
172
198
|
.ft P
|
173
199
|
.fi
|
200
|
+
.UNINDENT
|
201
|
+
.UNINDENT
|
174
202
|
.sp
|
175
203
|
To view the status of all nodes in the organization, enter:
|
204
|
+
.INDENT 0.0
|
205
|
+
.INDENT 3.5
|
176
206
|
.sp
|
177
207
|
.nf
|
178
208
|
.ft C
|
179
209
|
$ knife status
|
180
210
|
.ft P
|
181
211
|
.fi
|
212
|
+
.UNINDENT
|
213
|
+
.UNINDENT
|
182
214
|
.sp
|
183
215
|
to return something like:
|
216
|
+
.INDENT 0.0
|
217
|
+
.INDENT 3.5
|
184
218
|
.sp
|
185
219
|
.nf
|
186
220
|
.ft C
|
@@ -192,6 +226,8 @@ to return something like:
|
|
192
226
|
3 hours ago, i\-f65c969b, ubuntu 10.04, ec2\-184\-73\-60\-141.compute\-1.amazonaws.com, 184.73.60.141
|
193
227
|
.ft P
|
194
228
|
.fi
|
229
|
+
.UNINDENT
|
230
|
+
.UNINDENT
|
195
231
|
.SH AUTHOR
|
196
232
|
Chef
|
197
233
|
.\" Generated by docutils manpage writer.
|