keystone default deploy test uses http not https

A fresh pull of the master branch using a minimal deployment strategy (no ceph etc) configures keystone to use https interface via haproxy. When you run setup-openstack.yml, it eventually fails, because the task: [os_keystone : Wait for services to be up]

Seems to be configured to test http only.

I can confirm that I can get to the https://x.x.x.x:5000 endpoint both via haproxy and via container network. But http://x.x.x.x:5000 does not re-direct, and does not respond, causing the task to fail.

This issue is still confirmed despite setting the following lines too http or https in user_variables.yml:

keystone_service_publicuri_proto
openstack_service_publicuri_proto

debug output:

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_SBjExX/ansible_modlib.zip/ansible/module_utils/urls.py", line 1017, in fetch_url
    client_key=client_key, cookies=cookies)
  File "/tmp/ansible_SBjExX/ansible_modlib.zip/ansible/module_utils/urls.py", line 920, in open_url
    r = urllib_request.urlopen(*urlopen_args)
  File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python2.7/urllib2.py", line 429, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 447, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1228, in http_open
    return self.do_open(httplib.HTTPConnection, req)
  File "/usr/lib/python2.7/urllib2.py", line 1201, in do_open
    r = h.getresponse(buffering=True)
  File "/usr/lib/python2.7/httplib.py", line 1136, in getresponse
    response.begin()
  File "/usr/lib/python2.7/httplib.py", line 453, in begin
    version, status, reason = self._read_status()
  File "/usr/lib/python2.7/httplib.py", line 417, in _read_status
    raise BadStatusLine(line)
BadStatusLine: ''

failed: [infra1_keystone_container-8ee6d910 -> localhost] (item={u'url': u'http://x.x.x.x:5000', u'validate_certs': True}) => {
    "attempts": 12,
    "changed": false,
    "content": "",
    "invocation": {
        "module_args": {
            "attributes": null,
            "backup": null,
            "body": null,
            "body_format": "raw",
            "client_cert": null,
            "client_key": null,
            "content": null,
            "creates": null,
            "delimiter": null,
            "dest": null,
            "directory_mode": null,
            "follow": false,
            "follow_redirects": "safe",
            "force": false,
            "force_basic_auth": false,
            "group": null,
            "headers": {},
            "http_agent": "ansible-httpget",
            "method": "HEAD",
            "mode": null,
            "owner": null,
            "regexp": null,
            "remote_src": null,
            "removes": null,
            "return_content": false,
            "selevel": null,
            "serole": null,
            "setype": null,
            "seuser": null,
            "src": null,
            "status_code": [
                "300"
            ],
            "timeout": 30,
            "unsafe_writes": null,
            "url": "http://x.x.x.x:5000",
            "url_password": null,
            "url_username": null,
            "use_proxy": true,
            "validate_certs": true
        }
    },
    "item": {
        "url": "http://x.x.x.x:5000",
        "validate_certs": true
    },
    "msg": "Status code was -1 and not [300]: An unknown error occurred: ''",
    "redirected": false,
    "status": -1,
    "url": "http://x.x.x.x:5000"
}