Comment 3 for bug 1246258

This trap is really easy to fall into, because neutron net-create doesn't seem to validate the --tenant-id argument:

# neutron net-create --tenant-id admin demo-net
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 427d4260-b246-4789-b543-58ce1e86b51c |
| name | demo-net |
| provider:network_type | gre |
| provider:physical_network | |
| provider:segmentation_id | 1 |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | admin |
+---------------------------+--------------------------------------+

So you end up with a poison network that breaks the metadata service. Recovery isn't an obvious process. You have to start by deleting the ports that connect affected instances into the poison network. Then you can delete the subnet and finally the network.