when run command "kolla-ansible -i multinode certificates",
the certificates file will generated in all nodes, it is
unnecessary, this ps to make it in deploy node.

Change-Id: I3e98ab498eeec3e6b8f170dd29c95f7ff9dbd6c0

Change-Id: I44c2668a8ebb6dd3201a6eb4e47284871380e6d7

Working towards the blueprint that will add TLS protection
for the external endpoints, kolla needs certificates.

When kolla deploys OpenStack, the external VIP will need
a server side certifcate.  Clients that access those endpoints will
need the public CA certificate that signed that certificate.

This ansible script will create these two certificates to make
it easy to use TLS in a test environment.  The generated
certificate files are:

/etc/kolla/certificates/haproxy.pem  (server side certificate)
/etc/kolla/certificates/haproxy-ca.pem (CA certificate)

The generated certificates are not suitable for use in a
production environment, but will be useful for testing and
verifying operations.

Partially-implements: blueprint ssl-kolla

Change-Id: I208777f9e5eee3bfb06810c7b18a2727beda234d

Throughout the project overtime some of these file permissions have
changed to have an executable bit. They should not have this bit set.

TrivialFix

Change-Id: I1748b5bde813a0fcac36aeecdfd83245b8ee5be3

This playbook runs on hosts before deployment to be sure we don't
have any conflicting services running and systems are in expected
state.

DocImpact

Change-Id: If5f288b7fbdf269697ca834da4eb969b61683ca0
Partially-implements: blueprint precheck-tasks