Upgrade the Keystone library to use v3

In order to enable and deploy federated Keystone, we need to use version
3 of the Keystone API and the v3 Keystone Client. This work begins that
transition by having a set of backwards compatible library commands.

Specifically, this commit updates the keystone library to use v3
Keystone Client and the usage of ensure_tenant in the os_keystone tasks
to use the v3 admin url.

In version 3 of Keystone's Endpoints (Catalog) API each endpoint only
has one URL and has separate interface types (public, internal, admin).
This change updates all uses of ensure_endpoint to structure the
endpoint data in a better way for the ensure_endpoint command in the
keystone module. As a result, some incidents where internalurl and
adminurl were swapped have been fixed.

Note:
In new deployments the endpoints will be created using the v3 API and
will therefore not be available via the v2 API. This will be a breaking
change to legacy CLI clients. The openstack CLI should be used instead.

DocImpact
Related-Bug: #1470635
Partially-implements: blueprint keystone-federation
Change-Id: I2cd4f505e850b4b113452abc25ee00d486b1637d

tasks/neutron_service_add.yml

@@ -79,10 +79,14 @@
     region_name: "{{ service_region }}"
     service_name: "{{ service_name }}"
     service_type: "{{ service_type }}"
-    publicurl: "{{ service_publicurl }}"
-    adminurl: "{{ service_internalurl }}"
-    internalurl: "{{ service_adminurl }}"
     insecure: "{{ keystone_service_adminuri_insecure }}"
+    endpoint_list:
+      - url: "{{ service_publicurl }}"
+        interface: "public"
+      - url: "{{ service_internalurl }}"
+        interface: "internal"
+      - url: "{{ service_adminurl }}"
+        interface: "admin"
   register: add_service
   until: add_service|success
   retries: 5