iPXE in Amazon EC2

You can use iPXE to boot Amazon (AWS) EC2 instances using a public iPXE AMI. You can use an iPXE script to direct the EC2 instance to boot via any means supported by iPXE. For example, you could boot a set of diskless EC2 instances using HTTPS or iSCSI from a single server hosted in the same AWS region.


The EC2 iPXE images are published outside of the AWS Marketplace and are shared directly from account 833372943033.

Launch the latest iPXE AMI for your AWS region and CPU architecture from the table below:

AWS region CPU architecture AMI ID
af-south-1 x86_64 ami-07b9de8b9c8ee08cb
af-south-1 arm64 ami-0870cecbe5310961e
ap-east-1 x86_64 ami-008843a81e2f4511f
ap-east-1 arm64 ami-0ceee7faf2d5bbe1e
ap-northeast-1 x86_64 ami-00627a1c6f31f851a
ap-northeast-1 arm64 ami-086fb5edee6377e26
ap-northeast-2 x86_64 ami-0113271c654eb5ac8
ap-northeast-2 arm64 ami-0533cdd59750fc085
ap-northeast-3 x86_64 ami-099d15942b1c6eea2
ap-northeast-3 arm64 ami-0ffb3b1037c20e965
ap-south-1 x86_64 ami-09de836255f9c3f34
ap-south-1 arm64 ami-06d4619fca9f1373c
ap-south-2 x86_64 ami-014ed9c22872e9b9c
ap-south-2 arm64 ami-0de94df46a4fc1548
ap-southeast-1 x86_64 ami-03ef639dcc63b67e6
ap-southeast-1 arm64 ami-0f9cb1283e9110bd9
ap-southeast-2 x86_64 ami-03f07ba1c52346bf9
ap-southeast-2 arm64 ami-0d9ab35cc0e3d52be
ap-southeast-3 x86_64 ami-0037dc635716a1d78
ap-southeast-3 arm64 ami-0eabfceba608ee810
ca-central-1 x86_64 ami-03276a311a58c0d62
ca-central-1 arm64 ami-03a0de8c0126ab7c8
eu-central-1 x86_64 ami-0079459c0fa725ce4
eu-central-1 arm64 ami-0080582d4cf3f9586
eu-central-2 x86_64 ami-0f0b77f15174fbd72
eu-central-2 arm64 ami-010ae242d0f8ceaf1
eu-north-1 x86_64 ami-0f72ef2be8c125a38
eu-north-1 arm64 ami-0c36735ef30c1d8d9
eu-south-1 x86_64 ami-0d44f3d20100d8a1f
eu-south-1 arm64 ami-0c02d6933eabbabe3
eu-south-2 x86_64 ami-0e2c22e842657a351
eu-south-2 arm64 ami-005567482419ff035
eu-west-1 x86_64 ami-0c82b112c38395aed
eu-west-1 arm64 ami-08f742266d63738bf
eu-west-2 x86_64 ami-01de894e39d3518cc
eu-west-2 arm64 ami-047e9191cf1322714
eu-west-3 x86_64 ami-0e4bc4b4d6a3df508
eu-west-3 arm64 ami-0f37d318c8ca1d034
me-central-1 x86_64 ami-022a968fbb5c6fea4
me-central-1 arm64 ami-0e6f85cade634a818
me-south-1 x86_64 ami-0cc85ffb8d6e29a37
me-south-1 arm64 ami-0f3a95a48e0e1692e
sa-east-1 x86_64 ami-0f2291088c18c59f0
sa-east-1 arm64 ami-0aa459ea797b44792
us-east-1 x86_64 ami-0a7465f11d12180de
us-east-1 arm64 ami-01713f784880bf247
us-east-2 x86_64 ami-04cab9a3f5758e15d
us-east-2 arm64 ami-02b23c22f052f9e8d
us-west-1 x86_64 ami-0bdd105cad1c1e908
us-west-1 arm64 ami-0aa1c4d6704edea7e
us-west-2 x86_64 ami-061aa40cc0fbc6f22
us-west-2 arm64 ami-0416e1104c1b2f233

You can use any compatible EC2 instance type (including instance types with Enhanced or SR-IOV networking).


iPXE EC2 instances are controlled via an iPXE script stored as the instance user-data. The iPXE AMI includes an embedded script that will automatically obtain an IP address via DHCP, print out some useful diagnostic information, and then download and execute

You can use this user-data iPXE script to direct the remainder of the network boot process. For example, to download and boot Tiny Core Linux, you could set your instance's user data to contain:

  set base http://tinycorelinux.net/12.x/x86/release/distribution_files/
  kernel ${base}/vmlinuz64 initrd=rootfs.gz initrd=modules64.gz
  initrd ${base}/rootfs.gz
  initrd ${base}/modules64.gz

EC2 iPXE boot

Congratulations on successfully booting an EC2 instance using iPXE!



You can use your user-data script to direct iPXE to boot from an iSCSI target. For example: to boot from an iSCSI target hosted on another EC2 instance within the same VPC, you could set your instance's user data to contain:

  sanboot iscsi:

Note that the operating system on the iSCSI target disk will need to include the appropriate software and configuration to allow it to identify its own iSCSI root disk. You can install software such as sanbootable to help set up the required configuration.


The iPXE AMI will include support for both IPv4 and IPv6. You should enable IPv6 in your VPC to speed up the boot, since otherwise iPXE will spend several seconds attempting to obtain an IPv6 address.


You can view the iPXE output via the EC2 system log or instance screenshot. For example:

  aws ec2 get-console-output --query Output --output text \
          --instance-id i-04549ed5e420eae6e

You should see output similar to:

  iPXE 1.21.1+ (gfa012) -- Open Source Network Boot Firmware -- http://ipxe.org
  Amazon EC2 - iPXE boot via user-data
  CPU: GenuineIntel Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz
  net0: 06:ee:8d:98:cc:67 using netfront on vif/0 (Ethernet) [closed]
    [Link:up TX:0 TXE:0 RX:0 RXE:0]
  Configuring (net0 06:ee:8d:98:cc:67)...... ok
  net0: gw
  net0: fe80::4ee:8dff:fe98:cc67/64 ok


Note that there is often a time delay of several minutes in obtaining system logs or instance screenshots from EC2 - this is a longstanding problem with EC2 itself and is not related to iPXE. You may need to retry the command several times (or possibly stop the instance) in order to obtain any output.

Building from source

You can build your own version of the public iPXE AMIs using:

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe bin/ipxe.usb
  make CONFIG=cloud EMBED=config/cloud/aws.ipxe \
       CROSS=aarch64-linux-gnu- bin-arm64-efi/ipxe.usb

and import them using the aws-import tool (found in the contrib directory in the iPXE source tree).

howto/ec2.txt ยท Last modified: 2021/05/19 09:11 by mcb30
Recent changes RSS feed CC Attribution-Share Alike 4.0 International Driven by DokuWiki
All uses of this content must include an attribution to the iPXE project and the URL https://ipxe.org
References to "iPXE" may not be altered or removed.