Chef — knife super quick start

In this post, I will show you how to get started with the open-source version of Chef using knife.


  • A working Chef server
  • An admin account on the Chef server
  • A supported version of Linux (this might work on OS X too, but I haven’t tested it)

We’ll start off by installing the Chef client on your management workstation:

Assuming all went well, we now have the knife command at our disposal.

We now have to point knife at our Chef server.  Most documentation will tell you to copy /etc/chef-server/chef-validator.pem from your Chef server, and let knife send that over to nodes upon bootstrapping.  While this works well, I much prefer to have each user use his/her own validation key.  Our Chef server is shared, and it makes a lot of sense for us this way.

To create an administrative client:

  • Login to Chef server
  • Click on ‘Clients’
  • Click on ‘Create’
  • Type in a unique name for the client and check the ‘Admin’ checkbox
  • Click on ‘Create Client’ and save the private key on the next page as ~/.chef/validator.pem

If you do not have your user private key, you’ll need to go to Users-><your username>->Regenerate Private Key->Save User and save that key to ~/.chef/user.pem.

Now, we can go ahead with our knife setup.  On your workstation, run the following:

You’ll be asked a series of questions, as shown below:

You should now be able to use knife.

You can test by doing knife client list.  This will perform an API call to the Chef server, and use your Chef user private key for authentication.  You should see at least your computer listed, if you followed the instructions as-is.

The next step would be to bootstrap a node.  This can be done by doing:

That’s it!

Leave a Reply

Your email address will not be published. Required fields are marked *