diff options
| author | Michael Brown | 2017-01-23 15:41:22 +0100 |
|---|---|---|
| committer | Michael Brown | 2017-01-23 15:43:20 +0100 |
| commit | de85336abb7861e4ea4df2e296eb33d179c7c9bd (patch) | |
| tree | d155d26521ee1a4ae45e3baeaa099756ffcf43bc /src/config | |
| parent | [virtio] Use separate RX and TX empty header buffers (diff) | |
| download | ipxe-de85336abb7861e4ea4df2e296eb33d179c7c9bd.tar.gz ipxe-de85336abb7861e4ea4df2e296eb33d179c7c9bd.tar.xz ipxe-de85336abb7861e4ea4df2e296eb33d179c7c9bd.zip | |
[cloud] Add ability to retrieve Google Compute Engine metadata
For some unspecified "security" reason, the Google Compute Engine
metadata server will refuse any requests that do not include the
non-standard HTTP header "Metadata-Flavor: Google".
Attempt to autodetect such requests (by comparing the hostname against
"metadata.google.internal"), and add the "Metadata-Flavor: Google"
header if applicable.
Enable this feature in the CONFIG=cloud build, and include a sample
embedded script allowing iPXE to boot from a script configured as
metadata via e.g.
# Create shared boot image
make bin/ipxe.usb CONFIG=cloud EMBED=config/cloud/gce.ipxe
# Configure per-instance boot script
gcloud compute instances add-metadata <instance> \
--metadata-from-file ipxeboot=boot.ipxe
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/cloud/gce.ipxe | 7 | ||||
| -rw-r--r-- | src/config/cloud/general.h | 4 | ||||
| -rw-r--r-- | src/config/config_http.c | 3 | ||||
| -rw-r--r-- | src/config/general.h | 1 |
4 files changed, 15 insertions, 0 deletions
diff --git a/src/config/cloud/gce.ipxe b/src/config/cloud/gce.ipxe new file mode 100644 index 00000000..95330d71 --- /dev/null +++ b/src/config/cloud/gce.ipxe @@ -0,0 +1,7 @@ +#!ipxe + +echo Google Compute Engine - iPXE boot via metadata +ifstat || +dhcp || +route || +chain -ar http://metadata.google.internal/computeMetadata/v1/instance/attributes/ipxeboot diff --git a/src/config/cloud/general.h b/src/config/cloud/general.h index e69de29b..99028c14 100644 --- a/src/config/cloud/general.h +++ b/src/config/cloud/general.h @@ -0,0 +1,4 @@ +/* Allow retrieval of metadata (such as an iPXE boot script) from + * Google Compute Engine metadata server. + */ +#define HTTP_HACK_GCE diff --git a/src/config/config_http.c b/src/config/config_http.c index 3f198d22..3c0e7802 100644 --- a/src/config/config_http.c +++ b/src/config/config_http.c @@ -43,3 +43,6 @@ REQUIRE_OBJECT ( httpdigest ); #ifdef HTTP_ENC_PEERDIST REQUIRE_OBJECT ( peerdist ); #endif +#ifdef HTTP_HACK_GCE +REQUIRE_OBJECT ( httpgce ); +#endif diff --git a/src/config/general.h b/src/config/general.h index be0845f6..fb1ac93f 100644 --- a/src/config/general.h +++ b/src/config/general.h @@ -78,6 +78,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL ); #define HTTP_AUTH_BASIC /* Basic authentication */ #define HTTP_AUTH_DIGEST /* Digest authentication */ //#define HTTP_ENC_PEERDIST /* PeerDist content encoding */ +//#define HTTP_HACK_GCE /* Google Compute Engine hacks */ /* * 802.11 cryptosystems and handshaking protocols |