Provided by: chef_13.8.7-4_all 
NAME
knife-bootstrap - The man page for the knife bootstrap subcommand.
A bootstrap is a process that installs the chef-client on a target system so that it can
run as a chef-client and communicate with a Chef server.
The knife bootstrap subcommand is used to run a bootstrap operation that installs the
chef-client on the target system. The bootstrap operation must specify the IP address or
FQDN of the target system.
Syntax
This subcommand has the following syntax:
$ knife bootstrap FQDN_or_IP_ADDRESS (options)
Options
This subcommand has the following options:
-A, --forward-agent
Use to enable SSH agent forwarding.
--bootstrap-curl-options OPTIONS
Use to specify arbitrary options to be added to the bootstrap command when using
cURL. This option may not be used in the same command with
--bootstrap-install-command.
--bootstrap-install-command COMMAND
Use to execute a custom installation command sequence for the chef-client. This
option may not be used in the same command with --bootstrap-curl-options,
--bootstrap-install-sh, or --bootstrap-wget-options.
--bootstrap-install-sh URL
Use to fetch and execute an installation script at the specified URL. This option
may not be used in the same command with --bootstrap-install-command.
--bootstrap-no-proxy NO_PROXY_URL_or_IP
A URL or IP address that specifies a location that should not be proxied.
NOTE:
This option is used internally by Chef to help verify bootstrap operations
during testing and should never be used during an actual bootstrap operation.
--bootstrap-proxy PROXY_URL
The proxy server for the node that is the target of a bootstrap operation.
--bootstrap-version VERSION
The version of the chef-client to install.
--bootstrap-wget-options OPTIONS
Use to specify arbitrary options to be added to the bootstrap command when using
GNU Wget. This option may not be used in the same command with
--bootstrap-install-command.
-E ENVIRONMENT, --environment ENVIRONMENT
The name of the environment. When this option is added to a command, the command
will run only against the named environment.
-G GATEWAY, --ssh-gateway GATEWAY
The SSH tunnel or gateway that is used to run a bootstrap action on a machine that
is not accessible from the workstation.
--hint HINT_NAME[=HINT_FILE]
Use to specify an Ohai hint to be set on the target node.
Ohai hints are used to tell Ohai something about the system that it is running on
that it would not be able to discover itself. An Ohai hint exists if a JSON file
exists in the hint directory with the same name as the hint. For example, calling
hint?('antartica') in an Ohai plugin would return an empty hash if the file
antartica.json existed in the hints directory, and return nil if the file does not
exist.
If the hint file contains JSON content, it will be returned as a hash from the call
to hint?.
{
"snow": true,
"penguins": "many"
}
arctic_hint = hint?('antartica')
if arctic_hint['snow']
"There are #{arctic_hint['penguins']} penguins here."
else
"There is no snow here, and penguins like snow."
end
The default directory in which hint files are located is /etc/chef/ohai/hints/. Use
the Ohai::Config[:hints_path] setting in the client.rb file to customize this
location.
HINT_FILE is the name of the JSON file. HINT_NAME is the name of a hint in a JSON
file. Use multiple --hint options to specify multiple hints.
-i IDENTITY_FILE, --identity-file IDENTITY_FILE
The SSH identity file used for authentication. Key-based authentication is
recommended.
-j JSON_ATTRIBS, --json-attributes JSON_ATTRIBS
A JSON string that is added to the first run of a chef-client.
-N NAME, --node-name NAME
The name of the node.
--[no-]host-key-verify
Use --no-host-key-verify to disable host key verification. Default setting:
--host-key-verify.
--[no-]node-verify-api-cert
Use verify_api_cert to only do SSL validation of the Chef server connection; may be
needed if the chef-client needs to talk to other services that have broken SSL
certificates. If this option is not specified, the setting for verify_api_cert in
the configuration file is applied.
--node-ssl-verify-mode PEER_OR_NONE
The verify mode for HTTPS requests.
Use :verify_none to do no validation of SSL certificates.
Use :verify_peer to do validation of all SSL certificates, including the Chef
server connections, S3 connections, and any HTTPS remote_file resource URLs used in
the chef-client run. This is the recommended setting.
If this option is not specified, the setting for ssl_verify_mode in the
configuration file is applied.
-p PORT, --ssh-port PORT
The SSH port.
-P PASSWORD, --ssh-password PASSWORD
The SSH password. This can be used to pass the password directly on the command
line. If this option is not specified (and a password is required) knife will
prompt for the password.
--prerelease
Use to install pre-release gems.
-r RUN_LIST, --run-list RUN_LIST
A comma-separated list of roles and/or recipes to be applied.
--secret SECRET
The encryption key that is used for values contained within a data bag item.
--secret-file FILE
The path to the file that contains the encryption key.
--sudo Use to execute a bootstrap operation with sudo.
-t TEMPLATE, --bootstrap-template TEMPLATE
Use to specify the bootstrap template to use. This may specify the name of a
bootstrap template---chef-full, for example---or it may specify the full path to an
Embedded Ruby (ERB) template that defines a custom bootstrap. Default value:
chef-full, which installs the chef-client using the omnibus installer on all
supported platforms.
--use-sudo-password
Use to perform a bootstrap operation with sudo; specify the password with the -P
(or --ssh-password) option.
-V -V Use to run the initial chef-client run at the debug log-level (e.g. chef-client -l
debug).
-x USERNAME, --ssh-user USERNAME
The SSH user name.
Examples
$ knife bootstrap 192.168.1.1 -x username -P PASSWORD --sudo
$ knife bootstrap 192.168.1.1 -x username -i ~/.ssh/id_rsa --sudo
AUTHOR
Chef
Chef 12.0 KNIFE-BOOTSTRAP(1)