Add SSL to HAProxy and Keystone

Add ability to terminate SSL on HAProxy public IPs and
add ability to use SSL on keystone endpoints list.

Services that added to haproxy SSL termination and keystone
publicURL endpoints:

* keystone public port (5000)
* nova-api public ports (8773,8774)
* cinder-api public port (8776)
* glance-api public port (9292)
* neutron public port (9696)
* swift public port (8080). Swift S3 also added to SSL endpoint list
* heat-api public ports (8000,8003,8004)
* nova-novncproxy public port (6080)
* ceph radosgw public port (8080)
* ceilometer public port (8777)
* sahara public port (8386)
* murano public port (8082). BTW, murano rabbitMQ port not wrapped
    by SSL, cause SSL scope include only keystone endpoints, not
    HAProxy's. It can be easily done in future

Implements: blueprint ssl-endpoints

Depends-On: Ie6be3d2ed4e1864e5898d1c7d12ec761af01a041
Change-Id: If37173f75da51625631f630d6404abb006282ae5

deployment/puppet/openstack/manifests/ha/ceilometer.pp

@@ -2,12 +2,14 @@
 class openstack::ha::ceilometer (
   $server_names,
   $ipaddresses,
+  $public_ssl = false,
 ) {
 
   openstack::ha::haproxy_service { 'ceilometer':
     order           => '140',
     listen_port     => 8777,
     public          => true,
+    public_ssl      => $public_ssl,
     require_service => 'ceilometer-api',
     server_names    => $server_names,
     ipaddresses     => $ipaddresses,