Provided by: chef_11.8.2-2_all bug


       knife-exec - The man page for the knife exec subcommand.

       The knife exec subcommand uses the Knife configuration file to execute Ruby scripts in the
       context of a fully configured chef-client. This subcommand  is  most  often  used  to  run
       scripts  that  will only access server one time (or otherwise very infrequently). Use this
       subcommand any time that an operation does not warrant full usage of the Knife  subcommand

       For Ruby scripts that will be run using the exec subcommand, note the following:

          · The  Ruby  script  must  be located on the system from which Knife is run (and not be
            located on any of the systems that Knife will be managing).

          · Shell commands will be run from a management workstation. For example, something like
            %x[ls  -lash  /opt/only-on-a-node]  would  give  you  the  directory  listing for the
            "opt/only-on-a-node" directory or a "No such file or directory"  error  if  the  file
            does not already exist locally.

          · When  the  chef-shell  DSL  is available, the chef-client DSL will not be (unless the
            management workstation is also a chef-client). Without the chef-client  DSL,  a  bash
            block cannot be used to run bash commands.

       Common Options

       The following options can be run with all Knife sub-commands and plug-ins:

       -c CONFIG, --config CONFIG
              The configuration file to use.

              Indicates that colored output will be used.

       -d, --disable-editing
              Indicates that $EDITOR will not be opened; data will be accepted as-is.

              Indicates  that  Knife  will  use  the  default  value, instead of asking a user to
              provide one.

       -e EDITOR, --editor EDITOR
              The $EDITOR that is used for all interactive commands.

       -E ENVIRONMENT, --environment ENVIRONMENT
              The name of the environment. When this option is added to a  command,  the  command
              will run only against the named environment.

       -f FILE_NAME, --file FILE_NAME
              Indicates that the private key will be saved to a specified file name.

       -F FORMAT, --format FORMAT
              The output format: summary (default), text, json, yaml, and pp.

       -h, --help
              Shows help for the command.

       -k KEY, --key KEY
              The  private key that Knife will use to sign requests made by the API client to the

              Indicates that color will not be used in the output.

       -p PASSWORD, --password PASSWORD
              The user password.

              Indicates that data will be shown after a destructive operation.

       -s URL, --server-url URL
              The URL for the server.

       -u USER, --user USER
              The user name used by Knife to sign requests made by the API client to the  server.
              Authentication will fail if the user name does not match the private key.

       -v, --version
              The version of the chef-client.

       -V, --verbose
              Set for more verbose outputs. Use -VV for maximum verbosity.

       -y, --yes
              Indicates  that  the  response  to all confirmation prompts will be "Yes" (and that
              Knife will not ask for confirmation).

       Authenticated API Requests

       The knife exec subcommand can be used to make authenticated API  requests  to  the  server
       using the following methods:

                            │Method     │ Description                      │
                            │api.delete │ Use to delete an object from the │
                            │           │ server.                          │
                            │api.get    │ Use to get  the  details  of  an │
                            │           │ object on the server.            │
                            │   │ Use  to  add  an  object  to the │
                            │           │ server.                          │
                            │api.put    │ Use to update an object  on  the │
                            │           │ server.                          │

       These  methods  are  used  with  the  -E option, which executes that string locally on the
       workstation using chef-shell. These methods have the following syntax:

       $ knife exec -E 'api.method(/endpoint)'


       · api.method is the corresponding authentication method --- api.delete, api.get,,
         or api.put

       · /endpoint is an endpoint in the Chef Server API

       For example, to get the data for a node named "Example_Node":

       $ knife exec -E 'puts api.get("/nodes/Example_Node")'

       and  to ensure that the output is visible in the console, add the puts in front of the API
       authorization request:

       $ knife exec -E 'puts api.get("/nodes/Example_Node")'

       where puts is the shorter version of the $stdout.puts predefined variable in Ruby.

       The following example shows how to add a  client  named  "IBM305RAMAC"  and  the  /clients
       endpoint, and then return the private key for that user in the console:

       $ client_desc = {
           "name"  => "IBM305RAMAC",
           "admin" => false

         new_client ="/clients", client_desc)
         puts new_client["private_key"]


       This argument has the following syntax:

       $ knife exec SCRIPT (options)


       This subcommand has the following options:

       -E CODE, --exec CODE
              A string of code that will be executed.

       -p PATH:PATH, --script-path PATH:PATH
              A colon-separated path at which Ruby scripts are located.


       There are three ways to use knife exec to run Ruby script files. For example:

       $ knife exec /path/to/script_file


       $ knife exec -E 'RUBY CODE'


       $ knife exec
       RUBY CODE

       To check the status of Knife using a Ruby script named "status.rb" (which looks like):

       printf "%-5s %-12s %-8s %s\n", "Check In", "Name", "Ruby", "Recipes"
       nodes.all do |n|
          checkin =['ohai_time']).strftime("%F %R")
          rubyver = n['languages']['ruby']['version']
          recipes = n.run_list.expand(_default).recipes.join(", ")
          printf "%-20s %-12s %-8s %s\n", checkin,, rubyver, recipes

       and is located in a directory named "scripts", enter:

       $ knife exec scripts/status.rb

       To show the available free memory for all nodes, enter:

       $ knife exec -E 'nodes.all {|n| puts "#{} has #{} free memory"}'

       To list all of the available search indexes, enter:

       $ knife exec -E 'puts api.get("search").keys'

       To  query  a  node  for multiple attributes using a Ruby script named search_attributes.rb
       (which looks like):

       % cat scripts/search_attributes.rb
       query = ARGV[2]
       attributes = ARGV[3].split(",")
       puts "Your query: #{query}"
       puts "Your attributes: #{attributes.join(" ")}"
       results = {}
       search(:node, query) do |n|
          results[] = {}
          attributes.each {|a| results[][a] = n[a]}

       puts results
       exit 0


       % knife exec scripts/search_attributes.rb "hostname:test_system" ipaddress,fqdn

       to return something like:

       Your query: hostname:test_system
       Your attributes: ipaddress fqdn
       {""=>{"ipaddress"=>"", "fqdn"=>""}}



                                           Chef 11.8.0                              KNIFE-EXEC(1)