iPXE in Amazon EC2

You can use iPXE to boot Amazon (AWS) EC2 instances using a public iPXE AMI. You can use an iPXE script to direct the EC2 instance to boot via any means supported by iPXE. For example, you could boot a set of diskless EC2 instances using HTTPS or iSCSI from a single server hosted in the same AWS region.

Launching

The EC2 iPXE images are published outside of the AWS Marketplace and are shared directly from account 833372943033.

Launch the latest iPXE AMI for your AWS region and CPU architecture from the table below:

AWS region CPU architecture AMI ID
af-south-1 x86_64 ami-074f9ac4b3b8ff1f7
af-south-1 arm64 ami-0cd73790df0209b6e
ap-east-1 x86_64 ami-056a1ca21f92fe511
ap-east-1 arm64 ami-0408c9888826612a4
ap-northeast-1 x86_64 ami-0846588b172b9e8f5
ap-northeast-1 arm64 ami-0f08621736a201a01
ap-northeast-2 x86_64 ami-048b5c6d73d6a7106
ap-northeast-2 arm64 ami-0e7fa8fe2bd06ab20
ap-northeast-3 x86_64 ami-085e6a1573f6a32a1
ap-northeast-3 arm64 ami-0ab9058a0853d401e
ap-south-1 x86_64 ami-0f29417d73af87603
ap-south-1 arm64 ami-0b6da841e1e43e6f4
ap-southeast-1 x86_64 ami-01ad14c052c2a6726
ap-southeast-1 arm64 ami-0463e20407b7cd6a1
ap-southeast-2 x86_64 ami-028fad0f87dcf77fb
ap-southeast-2 arm64 ami-00393e817f9d9cfaf
ap-southeast-3 x86_64 ami-0e76ce0786ac7df9d
ap-southeast-3 arm64 ami-0ff5a2bf0bbf0d59c
ca-central-1 x86_64 ami-0801d2dfc09bdca36
ca-central-1 arm64 ami-0fa8922fa874294cc
eu-central-1 x86_64 ami-00869ed74199a7057
eu-central-1 arm64 ami-0d6a0c1ad3af15f14
eu-north-1 x86_64 ami-0275d7c282f7dfa44
eu-north-1 arm64 ami-0f25de89fd29a4407
eu-south-1 x86_64 ami-06d259774b5f1d3b5
eu-south-1 arm64 ami-0e67e0f234533e503
eu-west-1 x86_64 ami-0ffd17708930b3205
eu-west-1 arm64 ami-0d579808db3ce1962
eu-west-2 x86_64 ami-0cd24ea4bb496ec58
eu-west-2 arm64 ami-02bfe2333817cb488
eu-west-3 x86_64 ami-0f98fb194b4c2b077
eu-west-3 arm64 ami-009131dd2f49bc902
me-south-1 x86_64 ami-02065ef6151f0745e
me-south-1 arm64 ami-03aca87012ef4173d
sa-east-1 x86_64 ami-0412d019e888ccaeb
sa-east-1 arm64 ami-01ba48c7f2100293b
us-east-1 x86_64 ami-0a49750c91c7e5031
us-east-1 arm64 ami-03d01f3a7165ff2dd
us-east-2 x86_64 ami-09d5aea5d5c9618fe
us-east-2 arm64 ami-05fd6a3599415f137
us-west-1 x86_64 ami-066136c05cda2af35
us-west-1 arm64 ami-00b611341669bcf4f
us-west-2 x86_64 ami-0d5f3ca2a183b0af3
us-west-2 arm64 ami-0e08eee9413d02b01

You can use any compatible EC2 instance type (including instance types with Enhanced or SR-IOV networking).

Configuring

iPXE EC2 instances are controlled via an iPXE script stored as the instance user-data. The iPXE AMI includes an embedded script that will automatically obtain an IP address via DHCP, print out some useful diagnostic information, and then download and execute http://169.254.169.254/latest/user-data.

You can use this user-data iPXE script to direct the remainder of the network boot process. For example, to download and boot Tiny Core Linux, you could set your instance's user data to contain:

  #!ipxe
  set base http://tinycorelinux.net/12.x/x86/release/distribution_files/
  kernel ${base}/vmlinuz64 initrd=rootfs.gz initrd=modules64.gz
  initrd ${base}/rootfs.gz
  initrd ${base}/modules64.gz
  boot

EC2 iPXE boot

Congratulations on successfully booting an EC2 instance using iPXE!

Success

iSCSI

You can use your user-data script to direct iPXE to boot from an iSCSI target. For example: to boot from an iSCSI target hosted on another EC2 instance 172.16.0.1 within the same VPC, you could set your instance's user data to contain:

  #!ipxe
  sanboot iscsi:172.16.0.1::::iqn.1995-08.org.example.iscsitarget:disk1

Note that the operating system on the iSCSI target disk will need to include the appropriate software and configuration to allow it to identify its own iSCSI root disk. You can install software such as sanbootable to help set up the required configuration.

IPv6

The iPXE AMI will include support for both IPv4 and IPv6. You should enable IPv6 in your VPC to speed up the boot, since otherwise iPXE will spend several seconds attempting to obtain an IPv6 address.

Troubleshooting

You can view the iPXE output via the EC2 system log or instance screenshot. For example:

  aws ec2 get-console-output --query Output --output text \
          --instance-id i-04549ed5e420eae6e

You should see output similar to:

  iPXE 1.21.1+ (gfa012) -- Open Source Network Boot Firmware -- http://ipxe.org
  Features: DNS HTTP HTTPS iSCSI TFTP SRP AoE ELF MBOOT PXE bzImage Menu PXEXT
  Amazon EC2 - iPXE boot via user-data
  CPU: GenuineIntel Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz
  net0: 06:ee:8d:98:cc:67 using netfront on vif/0 (Ethernet) [closed]
    [Link:up TX:0 TXE:0 RX:0 RXE:0]
  Configuring (net0 06:ee:8d:98:cc:67)...... ok
  net0: 172.31.41.104/255.255.240.0 gw 172.31.32.1
  net0: fe80::4ee:8dff:fe98:cc67/64
  http://169.254.169.254/latest/user-data... ok

Warning

Note that there is often a time delay of several minutes in obtaining system logs or instance screenshots from EC2 - this is a longstanding problem with EC2 itself and is not related to iPXE. You may need to retry the command several times (or possibly stop the instance) in order to obtain any output.

Building from source

You can build your own version of the public iPXE AMIs using:

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe bin/ipxe.usb
  
  make CONFIG=cloud EMBED=config/cloud/aws.ipxe \
       CROSS=aarch64-linux-gnu- bin-arm64-efi/ipxe.usb

and import them using the aws-import tool (found in the contrib directory in the iPXE source tree).

howto/ec2.txt ยท Last modified: 2021/05/19 09:11 by mcb30
Recent changes RSS feed CC Attribution-Share Alike 4.0 International Driven by DokuWiki
All uses of this content must include an attribution to the iPXE project and the URL https://ipxe.org
References to "iPXE" may not be altered or removed.