Opscode Chef knife plug-in for EC2
Clone or download
Pull request Compare This branch is 636 commits behind chef:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Knife EC2


This is the official Opscode Knife plugin for EC2. This plugin gives knife the ability to create, bootstrap, and manage EC2 instances.


Be sure you are running the latest version Chef. Versions earlier than 0.10.0 don't support plugins:

gem install chef

This plugin is distributed as a Ruby Gem. To install it, run:

gem install knife-ec2

Depending on your system's configuration, you may need to run this command with root privileges.


In order to communicate with the Amazon's EC2 API you will have to tell Knife about your AWS Access Key and Secret Access Key. The easiest way to accomplish this is to create some entries in your knife.rb file:

knife[:aws_access_key_id]  = "Your AWS Access Key ID"
knife[:aws_secret_access_key] = "Your AWS Secret Access Key"

If your knife.rb file will be checked into a SCM system (ie readable by others) you may want to read the values from environment variables:

knife[:aws_access_key_id] = "#{ENV['AWS_ACCESS_KEY_ID']}"
knife[:aws_secret_access_key] = "#{ENV['AWS_SECRET_ACCESS_KEY']}"

You also have the option of passing your AWS API Key/Secret into the individual knife subcommands using the -A (or --aws-access-key-id) -K (or --aws-secret-access-key) command options

# provision a new m1.small Ubuntu 10.04 webserver
knife ec2 server create -r 'role[webserver]' -I ami-7000f019 -f m1.small -A 'Your AWS Access Key ID' -K "Your AWS Secret Access Key"

Additionally the following options may be set in your `knife.rb`:

  • flavor

  • image

  • availability_zone

  • aws_ssh_key_id

  • region

  • distro

  • template_file


This plugin provides the following Knife subcommands. Specific command options can be found by invoking the subcommand with a --help flag

knife ec2 server create

Provisions a new server in the Amazon EC2 and then perform a Chef bootstrap (using the SSH protocol). The goal of the bootstrap is to get Chef installed on the target system so it can run Chef Client with a Chef Server. The main assumption is a baseline OS installation exists (provided by the provisioning). It is primarily intended for Chef Client systems that talk to a Chef server. By default the server is bootstrapped using the ubuntu10.04-gems template. This can be overridden using the -d or --template-file command options.

knife ec2 server delete

Deletes an existing server in the currently configured AWS account. PLEASE NOTE - By default, this does not delete the associated node and client objects from the Chef server. To do so, add the --purge flag.

knife ec2 server list

Outputs a list of all servers in the currently configured AWS account. PLEASE NOTE - this shows all instances associated with the account, some of which may not be currently managed by the Chef server.

knife ec2 instance data

Generates instance metadata in meant to be used with Opscode's custom AMIs. This will read your knife configuration ~/.chef/knife.rb for the validation certificate and Chef server URL to use and output in JSON format. The subcommand also accepts a list of roles/recipes that will be in the node's initial run list.

PLEASE NOTE - Using Opscode's custom AMIs reflect an older way of launching instances in EC2 for Chef and should be considered DEPRECATED. Leveraging this plugins's knife ec2 server create subcommands with a base AMIs directly from your Linux distribution (ie Ubuntu AMIs from Canonical) is much preferred and more flexible. Although this subcommand will remain, the Opscode custom AMIs are currently out of date.

In-depth usage instructions can be found on the Chef Wiki.



Adam Jacob (<adam@opscode.com>)


Copyright © 2009-2011 Opscode, Inc.


Apache License, Version 2.0

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at


Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.