There are issues with doing this though. Juju de-couples the machine creation from the purposing of the machine. One can remove a service from a machine, and add another to any machine right now.
Bug #833064 suggests doing the firewall inside the machine using iptables. I think that may be a more flexible approach.
Either way, the bug here is not a "should" but rather juju runs into HPCloud's security group quotas.
I think this is a great idea.
There are issues with doing this though. Juju de-couples the machine creation from the purposing of the machine. One can remove a service from a machine, and add another to any machine right now.
Bug #833064 suggests doing the firewall inside the machine using iptables. I think that may be a more flexible approach.
Either way, the bug here is not a "should" but rather juju runs into HPCloud's security group quotas.