[13->16.2 FFU] bootstrap controller failing on "Check Keystone project status" task

Issue

• In this environment, the first controller upgrade is failing on the following upgrade task: Check Keystone project status during the step: "openstack overcloud upgrade run --stack overcloud --limit overcloud-controller-0":

2022-06-22 16:38:16.031613 | 525400c7-f74c-d785-76ad-000000000328 |    WAITING | Check Keystone project status | controller-0 | 1 retries left                            │·······················································
│·······················································
2022-06-22 16:38:21.537352 | 525400c7-f74c-d785-76ad-000000000328 |      FATAL | Check Keystone project status | controller-0 -> localhost | item=service | error={"ansibl│·······················································
e_job_id": "714173508577.43144", "ansible_loop_var": "tripleo_keystone_resources_project_async_result_item", "attempts": 30, "changed": false, "finished": 0, "started": 1,│·······················································
 "tripleo_keystone_resources_project_async_result_item": {"ansible_job_id": "714173508577.43144", "ansible_loop_var": "tripleo_keystone_resources_project", "changed": true│·······················································
, "failed": false, "finished": 0, "results_file": "/root/.ansible_async/714173508577.43144", "started": 1, "tripleo_keystone_resources_project": "service"}}               │·······················································                                  
2022-06-22 16:38:21.660422 | 525400c7-f74c-d785-76ad-0000000000d2 |    SUMMARY | controller-0 | Manage Keystone domains from LDAP config | 0.06s                          │·······················································
2022-06-22 16:38:21.660488 | 525400c7-f74c-d785-76ad-0000000000d0 |    SUMMARY | controller-0 | is Keystone LDAP enabled | 0.06s                                          │·······················································
2022-06-22 16:38:21.660555 | 525400c7-f74c-d785-76ad-00000000009c |    SUMMARY | controller-0 | include_tasks | 0.06s                                                     │·······················································

This environment has a LDAP domain and some signs of an unused federated auth config.

Initially, this failure seemed to be related to a SSL (LDAP/ssl) crypto incompatibility with rhel8; however, after disabling SSL for LDAP and ensuring successful LDAP communication the upgrade continued to fail at this step with no related keystone error.