Full background: https://review.openstack.org/#/c/234704
puppet keystone_endpoint provider is using service name to create the endpoints.
If the service already exists but is not managed by puppet, the catalog will fail to create the endpoint because the endpoint will fail to be created. This is an issue in openstackclient:
[stack@instack-centos7 ~]$ /bin/openstack endpoint create --format shell nova --region regionOne --publicurl "http://192.0.2.1:8774/v2/%(tenant_id)s" --internalurl "http://192.0.2.1:8774/v2/%(tenant_id)s" --adminurl "http://192.0.2.1:8774/v2/%(tenant_id)s"
No service with a type, name or ID of 'nova' exists.
while the service already exists:
[stack@instack-centos7 ~]$ openstack service list
+----------------------------------+------------+---------------+
| ID | Name | Type |
+----------------------------------+------------+---------------+
| 07639ddebe7a4b249f3aaf90aa271295 | glance | image |
| 1fbb6aa0bcd14f2c8789dd7c695940c8 | neutron | network |
| 2a0c1642b4e643f9a64cda7300e2e2bf | nova | compute |
| 2b73fd25f4864333b16a251cae81ba75 | novav3 | computev3 |
| 36fdfd3211db4c5fa5f0b340def962c9 | ceilometer | metering |
| 3b4189b88f584f50a42acda353d94c07 | heat | orchestration |
| 48a0ec444d8843f48f1dd0fe45058647 | tuskar | management |
| 512b28d0ffc1402a8a40cf64ee615c0f | nova | compute |
| 55dd87d8f8b64f0a88debe028aeeaa43 | ironic | baremetal |
| 5d421e4aad534dc883a5f7c4b023d6f2 | keystone | identity |
| d043ff13fc9d4469b3f30fbf19e90602 | swift | object-store |
+----------------------------------+------------+---------------+
While the bug is reported & fixed in openstackclient, we can fix it in puppet by using service ID in keystone_endpoint provider code, when creating the endpoint, instead of using the service name.
The problem here is that the endpoint resource lacks the "type" parameter. As such it's impossible for the keystone_endpoint to get the correct id of the service only with the name as the same name can appear multiple times in the db.