iPXE in Amazon EC2

You can use iPXE to boot Amazon (AWS) EC2 instances using a public iPXE AMI. You can use an iPXE script to direct the EC2 instance to boot via any means supported by iPXE. For example, you could boot a set of diskless EC2 instances using HTTPS or iSCSI from a single server hosted in the same AWS region.


The EC2 iPXE images are published outside of the AWS Marketplace and are shared directly from account 833372943033.

Launch the latest iPXE AMI for your AWS region and CPU architecture from the table below:

AWS region CPU architecture AMI ID
af-south-1 x86_64 ami-0445755edad780c35
af-south-1 arm64 ami-0161f939926b9bda1
ap-east-1 x86_64 ami-0e0e9b93f74e7d0d7
ap-east-1 arm64 ami-055191829983a1cc9
ap-northeast-1 x86_64 ami-0f548319914e6aa11
ap-northeast-1 arm64 ami-07422cde6a81a112f
ap-northeast-2 x86_64 ami-0adbf3f15106b74c8
ap-northeast-2 arm64 ami-09f312e43cf63be0b
ap-northeast-3 x86_64 ami-0a3b228f13ab84966
ap-northeast-3 arm64 ami-01d5bfaf91aa9c49a
ap-south-1 x86_64 ami-0c68aa86a32c1734a
ap-south-1 arm64 ami-03d476e5a15f787c3
ap-south-2 x86_64 ami-01fe2e77e781ebdc9
ap-south-2 arm64 ami-0f4d3b7e3da9c3695
ap-southeast-1 x86_64 ami-02cc038c9523facf4
ap-southeast-1 arm64 ami-0b3d9774ee894f331
ap-southeast-2 x86_64 ami-038499b3e5697e3f2
ap-southeast-2 arm64 ami-075141bd05001cc20
ap-southeast-3 x86_64 ami-0e299c187ee58ac4d
ap-southeast-3 arm64 ami-0e8f76a223d1cccda
ap-southeast-4 x86_64 ami-098ad84522268c77e
ap-southeast-4 arm64 ami-02da4b48a4e109e57
ca-central-1 x86_64 ami-0dd67a0706d95b624
ca-central-1 arm64 ami-0ac9985b4692d513e
eu-central-1 x86_64 ami-004dc9d24858e7bf3
eu-central-1 arm64 ami-062baa24ecbdab2b6
eu-central-2 x86_64 ami-01b7d24e1336991a3
eu-central-2 arm64 ami-0498c8f1bf3e30c4b
eu-north-1 x86_64 ami-011eeb7693a23d6ec
eu-north-1 arm64 ami-04a6680e22564cea9
eu-south-1 x86_64 ami-084ea1f9ea78b4bae
eu-south-1 arm64 ami-05b3a3c6823787ca7
eu-south-2 x86_64 ami-0afd04c82195cac25
eu-south-2 arm64 ami-0afd3fcd7aad18f4f
eu-west-1 x86_64 ami-01a430f080ab3c98e
eu-west-1 arm64 ami-01ee161d2d7731bb4
eu-west-2 x86_64 ami-08c78ce651ec49834
eu-west-2 arm64 ami-0e0c9fac873f343f1
eu-west-3 x86_64 ami-0a977364994e5bc49
eu-west-3 arm64 ami-09e8b0612f5a0bc7f
il-central-1 x86_64 ami-0ed2840ef7e672d54
il-central-1 arm64 ami-057707ad58f4ee042
me-central-1 x86_64 ami-04d3ca313c451ff2f
me-central-1 arm64 ami-0fd711a4cffc5f608
me-south-1 x86_64 ami-0914504ddad6e626b
me-south-1 arm64 ami-0de18177c3819aa56
sa-east-1 x86_64 ami-0a2816bc17e08adef
sa-east-1 arm64 ami-05fb11444f55cc8f5
us-east-1 x86_64 ami-05fe7b818935cc733
us-east-1 arm64 ami-0b0ca047963cd15f6
us-east-2 x86_64 ami-0e8874be873a59fc7
us-east-2 arm64 ami-0f6654bb9a2a7d80c
us-west-1 x86_64 ami-0b97ccca2919d86f5
us-west-1 arm64 ami-02366d3782831d8db
us-west-2 x86_64 ami-0f8a455274bf3f7a2
us-west-2 arm64 ami-0d689fa182139ab73

You can use any compatible EC2 instance type (including instance types with Enhanced or SR-IOV networking).


iPXE EC2 instances are controlled via an iPXE script stored as the instance user-data. The iPXE AMI includes an embedded script that will automatically obtain an IP address via DHCP, print out some useful diagnostic information, and then download and execute

You can use this user-data iPXE script to direct the remainder of the network boot process. For example, to download and boot Tiny Core Linux, you could set your instance's user data to contain:

  set base http://tinycorelinux.net/12.x/x86/release/distribution_files/
  kernel ${base}/vmlinuz64 initrd=rootfs.gz initrd=modules64.gz
  initrd ${base}/rootfs.gz
  initrd ${base}/modules64.gz

EC2 iPXE boot

Congratulations on successfully booting an EC2 instance using iPXE!



You can use your user-data script to direct iPXE to boot from an iSCSI target. For example: to boot from an iSCSI target hosted on another EC2 instance within the same VPC, you could set your instance's user data to contain:

  sanboot iscsi:

Note that the operating system on the iSCSI target disk will need to include the appropriate software and configuration to allow it to identify its own iSCSI root disk. You can install software such as sanbootable to help set up the required configuration.


The iPXE AMI will include support for both IPv4 and IPv6. You should enable IPv6 in your VPC to speed up the boot, since otherwise iPXE will spend several seconds attempting to obtain an IPv6 address.


You can view the iPXE output via the EC2 system log or instance screenshot. For example:

  aws ec2 get-console-output --query Output --output text \
          --instance-id i-04549ed5e420eae6e

You should see output similar to:

  iPXE 1.21.1+ (gfa012) -- Open Source Network Boot Firmware -- http://ipxe.org
  Amazon EC2 - iPXE boot via user-data
  CPU: GenuineIntel Intel(R) Xeon(R) CPU E5-2676 v3 @ 2.40GHz
  net0: 06:ee:8d:98:cc:67 using netfront on vif/0 (Ethernet) [closed]
    [Link:up TX:0 TXE:0 RX:0 RXE:0]
  Configuring (net0 06:ee:8d:98:cc:67)...... ok
  net0: gw
  net0: fe80::4ee:8dff:fe98:cc67/64 ok


Note that there is often a time delay of several minutes in obtaining system logs or instance screenshots from EC2 - this is a longstanding problem with EC2 itself and is not related to iPXE. You may need to retry the command several times (or possibly stop the instance) in order to obtain any output.

Building from source

You can build your own version of the public iPXE AMIs using:

  make CONFIG=cloud EMBED=config/cloud/aws.ipxe bin-x86_64-pcbios/ipxe.usb
  make CONFIG=cloud EMBED=config/cloud/aws.ipxe \
       CROSS=aarch64-linux-gnu- bin-arm64-efi/ipxe.usb

and import them using the aws-import tool (found in the contrib directory in the iPXE source tree).

howto/ec2.txt ยท Last modified: 2023/11/07 16:19 by mcb30
Recent changes RSS feed CC Attribution-Share Alike 4.0 International Driven by DokuWiki
All uses of this content must include an attribution to the iPXE project and the URL https://ipxe.org
References to "iPXE" may not be altered or removed.