iPXE in Amazon EC2

You can use iPXE to boot Amazon (AWS) EC2 instances using a public iPXE AMI. You can use an iPXE script to direct the EC2 instance to boot via any means supported by iPXE. For example, you could boot a set of diskless EC2 instances using HTTPS or iSCSI from a single server hosted in the same AWS region.

Launching

The EC2 iPXE images are published outside of the AWS Marketplace and are shared directly from account 833372943033.

Launch the latest iPXE AMI for your AWS region and CPU architecture from the table below:

AWS region CPU architecture AMI ID
af-south-1 x86_64 ami-01c8397cd7a120e23
af-south-1 arm64 ami-01fa99d1241011159
ap-east-1 x86_64 ami-0dd1eec06e458be53
ap-east-1 arm64 ami-0297245620445a528
ap-northeast-1 x86_64 ami-042f594860f1d7998
ap-northeast-1 arm64 ami-0c9a104c2e938b1c0
ap-northeast-2 x86_64 ami-062dfe1de050f3a86
ap-northeast-2 arm64 ami-00a52af0d65026004
ap-northeast-3 x86_64 ami-0aeb30b86bbe44569
ap-northeast-3 arm64 ami-0d5fec1e826ab8ee2
ap-south-1 x86_64 ami-09881028e7acc9eee
ap-south-1 arm64 ami-06e27b3496b7466ee
ap-southeast-1 x86_64 ami-058395d85b4b913c2
ap-southeast-1 arm64 ami-01f9d91496a4e5d62
ap-southeast-2 x86_64 ami-0d20de5ccbd32b9b0
ap-southeast-2 arm64 ami-0523c5539a15fc7ad
ap-southeast-3 x86_64 ami-01acaadea8e97b59a
ap-southeast-3 arm64 ami-0f4b18223d611ad5b
ca-central-1 x86_64 ami-00d6ff48c97f71df5
ca-central-1 arm64 ami-0cd8f5671d468a548
eu-central-1 x86_64 ami-02690a18e47a37179
eu-central-1 arm64 ami-0f32189ee35cff556
eu-north-1 x86_64 ami-0cb9cb5f0cdb943fa
eu-north-1 arm64 ami-0441971661100096c
eu-south-1 x86_64 ami-0d9d7f85272c4a638
eu-south-1 arm64 ami-009e3b594d1ad237e
eu-west-1 x86_64 ami-09c86465ef925b518
eu-west-1 arm64 ami-0e74ec3794bf3de37
eu-west-2 x86_64 ami-014cfdbf54b482c94
eu-west-2 arm64 ami-0ff90a1de60cae3f7
eu-west-3 x86_64 ami-01f61db93e2780933
eu-west-3 arm64 ami-0c201d2f2a5708212
me-south-1 x86_64 ami-021eca88a0284de29
me-south-1 arm64 ami-0967d3109cb09a18d
sa-east-1 x86_64 ami-0883e10721158efa2
sa-east-1 arm64 ami-00a01cf767f4db603
us-east-1 x86_64 ami-06ee6b520dec2baac
us-east-1 arm64 ami-0f654458ecbffee80
us-east-2 x86_64 ami-04d8a9c3e86db841f
us-east-2 arm64 ami-0300c2a8927494239
us-west-1 x86_64 ami-0a964a3e266d62e62
us-west-1 arm64 ami-0735956fbef8c14a3
us-west-2 x86_64 ami-0734e039014b5dcae
us-west-2 arm64 ami-0b4894526ea625f97

You can use any compatible EC2 instance type (including instance types with Enhanced or SR-IOV networking).

Configuring

iPXE EC2 instances are controlled via an iPXE script stored as the instance user-data. The iPXE AMI includes an embedded script that will automatically obtain an IP address via DHCP, print out some useful diagnostic information, and then download and execute http://169.254.169.254/latest/user-data.

You can use this user-data iPXE script to direct the remainder of the network boot process. For example, to download and boot Tiny Core Linux, you could set your instance's user data to contain:

  #!ipxe
  set base http://tinycorelinux.net/12.x/x86/release/distribution_files/
  kernel ${base}/vmlinuz64 initrd=rootfs.gz initrd=modules64.gz
  initrd ${base}/rootfs.gz
  initrd ${base}/modules64.gz
  boot

EC2 iPXE boot

Congratulations on successfully booting an EC2 instance using iPXE!

Success

iSCSI

You can use your user-data script to direct iPXE to boot from an iSCSI target. For example: to boot from an iSCSI target hosted on another EC2 instance 172.16.0.1 within the same VPC, you could set your instance's user data to contain:

  #!ipxe
  sanboot iscsi:172.16.0.1::::iqn.1995-08.org.example.iscsitarget:disk1

Note that the operating system on the iSCSI target disk will need to include the appropriate software and configuration to allow it to identify its own iSCSI root disk. You can install software such as sanbootable to help set up the required configuration.

IPv6

The iPXE AMI will include support for both IPv4 and IPv6. You should enable IPv6 in your VPC to speed up the boot, since otherwise iPXE will spend several seconds attempting to obtain an IPv6 address.

Troubleshooting

You can view the iPXE output via the EC2 system log or instance screenshot. For example:

  aws ec2 get-console-output --query Output --output text \
          --instance-id i-04549ed5e420eae6e

You should see output similar to:

  iPXE 1.21.1+ (gfa012) -- Open Source Network Boot Firmware -- http://ipxe.org
  Features: DNS HTTP HTTPS iSCSI TFTP SRP AoE ELF MBOOT PXE bzImage Menu PXEXT
  Amazon EC2 - iPXE boot via user-data
  CPU: GenuineIntel Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz
  net0: 06:ee:8d:98:cc:67 using netfront on vif/0 (Ethernet) [closed]
    [Link:up TX:0 TXE:0 RX:0 RXE:0]
  Configuring (net0 06:ee:8d:98:cc:67)...... ok
  net0: 172.31.41.104/255.255.240.0 gw 172.31.32.1
  net0: fe80::4ee:8dff:fe98:cc67/64
  http://169.254.169.254/latest/user-data... ok

Warning

Note that there is often a time delay of several minutes in obtaining system logs or instance screenshots from EC2 - this is a longstanding problem with EC2 itself and is not related to iPXE. You may need to retry the command several times (or possibly stop the instance) in order to obtain any output.

Building from source

You can build your own version of the public iPXE AMIs using:

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe bin/ipxe.usb
  
  make CONFIG=cloud EMBED=config/cloud/aws.ipxe \
       CROSS=aarch64-linux-gnu- bin-arm64-efi/ipxe.usb

and import them using the aws-import tool (found in the contrib directory in the iPXE source tree).

howto/ec2.txt ยท Last modified: 2021/05/19 09:11 by mcb30
Recent changes RSS feed CC Attribution-Share Alike 4.0 International Driven by DokuWiki
All uses of this content must include an attribution to the iPXE project and the URL https://ipxe.org
References to "iPXE" may not be altered or removed.