Use the nova cloudpipe feature the
following way :
$ nova cloud-pipe create $tenant_id
Retrive all the tenants :
$ keystone tenant-list
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 071ffb95837e4d509cb7153f21c57c4d | stone | True |
| 520b6689e344456cbb074c83f849914a | service | True |
| d1f5d27ccf594cdbb034c8a4123494e9 | admin | True |
| dfb0ef4ab6d94d5b9e9e0006d0ac6706 | demo | True |
+----------------------------------+---------+---------+
Let's create our cloudpipe project using the tenant"s ID :
$ nova cloudpipe-create d1f5d27ccf594cdbb034c8a4123494e9
We can check the service availability :
$ nova cloudpipe-list
+----------------------------------+------------+-------------+---------------+
| Project Id | Public IP | Public Port | Internal IP |
+----------------------------------+------------+-------------+---------------+
| d1f5d27ccf594cdbb034c8a4123494e9 | 172.17.1.3 | 1000 | 192.168.22.34 |
+----------------------------------+------------+-------------+---------------+
The output basically shows our instance is started. Nova will create the necessary rules for our cloudpipe instance (icmp and OpenVPN port) :
ALLOW 1194:1194 from 0.0.0.0/0
ALLOW -1:-1 from 0.0.0.0/0
