HTTP API¶
iPXE script¶
Serves a static iPXE boot script which gathers client machine attributes and chainloads to the iPXE endpoint. Use DHCP/TFTP to point iPXE clients to this endpoint as the next-server.
GET http://matchbox.foo/boot.ipxe
GET http://matchbox.foo/boot.ipxe.0 // for dnsmasq
Response
#!ipxe
chain ipxe?uuid=${uuid}&mac=${mac:hexhyp}&domain=${domain}&hostname=${hostname}&serial=${serial}
Client's booted with the /ipxe.boot
endpoint will introspect and make a request to /ipxe
with the uuid
, mac
, hostname
, and serial
value as query arguments.
iPXE¶
Finds the profile for the machine and renders the network boot config (kernel, options, initrd) as an iPXE script.
GET http://matchbox.foo/ipxe?label=value
Query parameters
Name | Type | Description |
---|---|---|
uuid | string | Hardware UUID |
mac | string | MAC address |
* | string | Arbitrary label |
Response
#!ipxe
kernel /assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz coreos.config.url=http://matchbox.foo:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp} coreos.first_boot=1 coreos.autologin
initrd /assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz
boot
GRUB2¶
Finds the profile for the machine and renders the network boot config as a GRUB config. Use DHCP/TFTP to point GRUB clients to this endpoint as the next-server.
GET http://matchbox.foo/grub?label=value
Query parameters
Name | Type | Description |
---|---|---|
uuid | string | Hardware UUID |
mac | string | MAC address |
* | string | Arbitrary label |
Response
default=0
timeout=1
menuentry "CoreOS" {
echo "Loading kernel"
linuxefi "(http;matchbox.foo:8080)/assets/coreos/1967.3.0/coreos_production_pxe.vmlinuz" "coreos.autologin" "coreos.config.url=http://matchbox.foo:8080/ignition" "coreos.first_boot"
echo "Loading initrd"
initrdefi "(http;matchbox.foo:8080)/assets/coreos/1967.3.0/coreos_production_pxe_image.cpio.gz"
}
Cloud config¶
DEPRECATED: Finds the profile matching the machine and renders the corresponding Cloud-Config with group metadata, selectors, and query params.
GET http://matchbox.foo/cloud?label=value
Query Parameters
Name | Type | Description |
---|---|---|
uuid | string | Hardware UUID |
mac | string | MAC address |
* | string | Arbitrary label |
Response
#cloud-config
coreos:
units:
- name: etcd2.service
command: start
- name: fleet.service
command: start
Ignition Config¶
Finds the profile matching the machine and renders the corresponding Ignition for machine consumption.
GET http://matchbox.foo/ignition?label=value
Query parameters
Name | Type | Description |
---|---|---|
uuid | string | Hardware UUID |
mac | string | MAC address |
* | string | Arbitrary label |
Response
{
"ignition": { "version": "3.3.0" },
"systemd": {
"units": [{
"name": "example.service",
"enabled": true,
"contents": "[Service]\nType=oneshot\nExecStart=/usr/bin/echo Hello World\n\n[Install]\nWantedBy=multi-user.target"
}]
}
}
Generic config¶
Finds the profile matching the machine and renders the corresponding generic config with group metadata, selectors, and query params.
GET http://matchbox.foo/generic?label=value
Query parameters
Name | Type | Description |
---|---|---|
uuid | string | Hardware UUID |
mac | string | MAC address |
* | string | Arbitrary label |
Response
{
“uuid”: “”,
“mac”: “52:54:00:a1:9c:ae”,
“osInstalled”: true,
“rawQuery”: “mac=52:54:00:a1:9c:ae&os=installed”
}
Metadata¶
Finds the matching machine group and renders the group metadata, selectors, and query params in an "env file" style response.
GET http://matchbox.foo/metadata?mac=52-54-00-a1-9c-ae&foo=bar&count=3&gate=true
Query Parameters
Name | Type | Description |
---|---|---|
uuid | string | Hardware UUID |
mac | string | MAC address |
* | string | Arbitrary label |
Response
META=data
ETCD_NAME=node1
SOME_NESTED_DATA=some-value
MAC=52:54:00:a1:9c:ae
REQUEST_QUERY_MAC=52:54:00:a1:9c:ae
REQUEST_QUERY_FOO=bar
REQUEST_QUERY_COUNT=3
REQUEST_QUERY_GATE=true
REQUEST_RAW_QUERY=mac=52-54-00-a1-9c-ae&foo=bar&count=3&gate=true
OpenPGP signatures¶
OpenPGP signature endpoints serve detached binary and ASCII armored signatures of rendered configs, if enabled. See OpenPGP Signing.
Endpoint | Signature Endpoint | ASCII Signature Endpoint |
---|---|---|
iPXE | http://matchbox.foo/ipxe.sig |
http://matchbox.foo/ipxe.asc |
GRUB2 | http://bootcf.foo/grub.sig |
http://matchbox.foo/grub.asc |
Ignition | http://matchbox.foo/ignition.sig |
http://matchbox.foo/ignition.asc |
Cloud-Config | http://matchbox.foo/cloud.sig |
http://matchbox.foo/cloud.asc |
Generic | http://matchbox.foo/generic.sig |
http://matchbox.foo/generic.asc |
Metadata | http://matchbox.foo/metadata.sig |
http://matchbox.foo/metadata.asc |
Get a config and its detached ASCII armored signature.
GET http://matchbox.foo/ipxe?label=value
GET http://matchbox.foo/ipxe.asc?label=value
Response
-----BEGIN PGP SIGNATURE-----
wsBcBAEBCAAQBQJWoDHyCRCzUpbPLRRcKAAAqQ8IAGD+eC9kzc/U7h9tgwvvWwm9
suTmVSGlzC5RwTRXg6CKuW31m3WAin2b5zWRPa7MxxanYMhhBbOfrqg/4xi1tfdE
w7ipmmgftl3re0np75Jt9K1rwGXUHTCs3yooz/zvqSvNSobG13FL5tp+Jl7a22wE
+W7x9BukTytVgNLt3IDIxsJ/rAEYUm4zySftooDbFVKj/SK5w8xg4zLmE6Jxz6wp
eaMlL1TEXy3NaFR0+hgbqM/tgeV2j6pmho8yaPF63iPnksH+gdmPiwasCfpSaJyr
NO+p24BL3PHZyKw0nsrm275C913OxEVgnNZX7TQltaweW23Cd1YBNjcfb3zv+Zo=
=mqZK
-----END PGP SIGNATURE-----
Assets¶
If you need to serve static assets (e.g. kernel, initrd), matchbox
can serve arbitrary assets from the -assets-path
.
matchbox.foo/assets/
└── coreos
└── 1967.3.0
├── coreos_production_pxe.vmlinuz
└── coreos_production_pxe_image.cpio.gz
└── 1153.0.0
├── coreos_production_pxe.vmlinuz
└── coreos_production_pxe_image.cpio.gz