Comment 3 for bug 1287658

Yeah, it's related. In most of our environments, we lock down various services such as NRPE, rsync, HAProxy stats (and others) to a specific source. Every time jujud on machine 0 runs, it resets those rules as per (LP:1420996).

So something like:

juju add-secgroup-access --service haproxy 91.189.90.111/32 tcp 873
juju add-secgroup-access --service haproxy 91.189.90.111/32 tcp 10000
juju add-secgroup-access --service haproxy 91.189.90.111/32 icmp 0

Or:

juju add-secgroup-access --machine 0 91.189.90.111/32 tcp 22