When doing a bootstrap or deploy on a quantum enabled security group openstack. juju-core will duplicate the main security group (in my case, juju-precise)
ubuntu@davidpbritton-bastion:~$ nova secgroup-list
+--------------+-------------+
| Name | Description |
+--------------+-------------+
| default | default |
| juju-precise | juju group |
| juju-precise | juju group |
+--------------+-------------+
Since juju operates on security group names, this behavior should be avoided. In pyjuju, the security group is checked explicitly, however in juju-core it appears that the ensure group function in environs/openstack/provider.go around line 1172 should be a bit more intelligent about checking for security groups with the proper name and using those, instead of trying to create a group and relying on errors to determine if the group exists.
Attaching a sample solution to this bug. I'm sure there is a test that also needs to be modified, but this gets around the problem on my openstack deployment.