Knife commands to treat the Chef server like a filesystem
Pull request Compare This branch is 369 commits behind jkeiser:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Knife Essentials


knife-essentials provides a number of useful knife commands that allow you to manipulate Chef using a common set of verbs that work on everything that is stored in the Chef server.

knife diff cookbooks/*apache*
knife download roles data_bags cookbooks/emacs
knife list data_bags/users
knife show roles/*base*

The plugin is in early days: more verbs will be added as time goes by, including edit, delete, upload and download.


  • Unified commands that work on everything

knife-essentials thinks verbs come first. There are only a few things you need to do with pretty much everything in the system: you upload them, download them, look at them, edit them, list them, diff them, and delete then.

knife-essentials provides a number of verb commands: +knife diff roles+ and +knife list roles+ among them. These commands work on all types of objects, as well. You can type +knife diff roles+, or +knife diff data_bags/users/jkeiser.json+.

  • Treat the Chef server is like your filesystem

knife-essentials treats the Chef server like a mirror of a Chef repository. Most of the stuff you do with the Chef Server is based on your local repository–a set of files in directories like roles, data_bags, cookbooks, etc. The Chef Server has objects that match them–in fact, you can upload and download the files on your filesystem to change the file server.

This makes learning the knife commands easy, and makes important commands like diff, upload and download extremely simple to do and easy to understand.

  • Take context into account

When you're in the roles directory, the system knows that's what you are working with. Just type +knife show base.json+ and it will show you the base role from the server. knife-essentials knows.


This plugin builds a Ruby Gem (but has not yet been released to RubyGems). To install it, run:

rake install


chef_fs installs a number of useful knife verbs, including:

knife diff [pattern1 pattern2 ...]
knife download [pattern1 pattern2 ...]
knife list [pattern1 pattern2 ...]
knife show [pattern2 pattern2 ...]

These commands will list data on the server, exactly mirroring the data in a local Chef repository. So if you type +knife diff data_bags/*s+, it will diff all data bags that end with s.

The commands are also context-sensitive. If you are in the +roles+ directory and type +knife show base+, you will get the current Chef server contents of all roles that contain the word base in them.

The Knife commands generally run off file patterns (globs you can type on the command line). Patterns can include *, ?, ** and character matchers like [a-z045].


To run the knife plugin functionality, install a version of Chef > 0.10.10:

gem install chef

knife diff

knife diff [pattern1 pattern2 ...]

Diffs objects on the server against files in the local repository. Output is similar to +git diff+.

knife download

knife download [pattern1 pattern2 ...]

Downloads objects from the server to your local repository. Pass –purge to delete local files and directories which do not exist on the server.

knife list

knife list [pattern1 pattern2 ...]

Works just like 'ls', except it lists files on the server.

knife show

knife show [pattern1 pattern2 ...]

Works just like +knife node show+, +knife role show+, etc. except there is One Verb To Rule Them All.


knife-essentials supports wildcards internally, and will use them to sift through objects on the server. This can be very useful. However, since it uses the same wildcard characters as the Unix command line (+*+, +?+, etc.), you need to backslash them so that the +*+ actually reaches the server. If you don't, the shell will expand the * into actual filenames and knife will never know you typed +*+ in the first place. For example, if the Chef server has data bags aardvarks, anagrams and arp_tables, but your local filesystem only has aardvarks and anagrams, backslashing vs. not backslashing will yield slightly different results:

# This actually asks the server for everything starting with a
$ knife list data_bags/a\*
aardvarks/ anagrams/ arp_tables/
# But this ...
$ knife list data_bags/a*
aardvarks/ anagrams/
# Is actually expanded by the command line to this:
$ knife list data_bags/aardvarks data_bags/aardvarks
aardvarks/ anagrams/

You can avoid this problem permanently in zsh with this alias:

alias knife="noglob knife"