$ docker search openvpn | head -n 5
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
kylemanna/openvpn OpenVPN server in a Docker container compl... 316 [OK]
haugene/transmission-openvpn Docker container which runs Transmission t... 47 [OK]
dperson/openvpn-client 29 [OK]
martin/openvpn Tiny (12MB) full featured OpenVPN server w... 14 [OK]
//create data volume
$ OVPN_DATA="ovpn-data"
$ hyper volume create --name $OVPN_DATA
ovpn-data
//generate configuration
$ hyper run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://vpn-demo.hyper.sh
Successfully generated config
//generate certificates
$ hyper run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki
...
writing new private key to '/etc/openvpn/pki/private/ca.key.XXXXnnEDaj'
Enter PEM pass phrase: <<<=== (input password)
Verifying - Enter PEM pass phrase: <<<=== (input password again)
...
Common Name (eg: your user, host, or server name) [Easy-RSA CA]: <<<=== (press Enter)
...
Enter pass phrase for /etc/openvpn/pki/private/ca.key: <<<=== (input password again)
...
Write out database with 1 new entries
Data Base Updated
//generate a client certificate without a passphrase(volume can be binded to only one container now)
$ hyper run -v ${OVPN_DATA}:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full jimmy nopass
...
Enter pass phrase for /etc/openvpn/pki/private/ca.key: <<<=== (input password again)
...
Write out database with 1 new entries
Data Base Updated
//retrieve the client configuration with embedded certificates
$ hyper run -v ${OVPN_DATA}:/etc/openvpn --rm kylemanna/openvpn ovpn_getclient jimmy > jimmy.ovpn
$ ls -l jimmy.ovpn
-rw-rw-r-- 1 xjimmy xjimmy 4972 Jul 21 11:38 jimmy.ovpn
//run openvpn container
$ hyper run --name myopenvpn -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp kylemanna/openvpn
//or enable debug output
$ hyper run --name myopenvpn -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp -e DEBUG=1 kylemanna/openvpn
//add public ip to openvpn container
$ hyper fip allocate 1
162.221.195.34
$ hyper fip attach 162.221.195.34 myopenvpn
//view container
$ hyper ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES PUBLIC IP
996592375b28 kylemanna/openvpn "ovpn_run" 3 minutes ago Up 2 minutes 0.0.0.0:1194->1194/udp myopenvpn 162.221.195.34
//test using a client that has openvpn installed correctly
$ yum install -y openvpn
$ sudo sh -c 'echo "162.221.195.34 vpn-demo.hyper.sh" >> /etc/hosts'
$ sudo openvpn --config jimmy.ovpn
Thu Jul 21 13:06:56 2016 OpenVPN 2.3.11 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on May 10 2016
Thu Jul 21 13:06:56 2016 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06
Thu Jul 21 13:06:56 2016 Control Channel Authentication: tls-auth using INLINE static key file
Thu Jul 21 13:06:56 2016 UDPv4 link local: [undef]
Thu Jul 21 13:06:56 2016 UDPv4 link remote: [AF_INET]162.221.195.34:1194
Thu Jul 21 13:06:56 2016 [vpn-demo.hyper.sh] Peer Connection Initiated with [AF_INET]162.221.195.34:1194
Thu Jul 21 13:06:59 2016 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: block-outside-dns (2.3.11)
Thu Jul 21 13:06:59 2016 TUN/TAP device tun0 opened
Thu Jul 21 13:06:59 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Jul 21 13:06:59 2016 /usr/sbin/ip link set dev tun0 up mtu 1500
Thu Jul 21 13:06:59 2016 /usr/sbin/ip addr add dev tun0 local 192.168.255.6 peer 192.168.255.5
Thu Jul 21 13:06:59 2016 Initialization Sequence Completed
