+++ This bug was initially created as a clone of Bug #975050 +++ Description of problem: in Grizzly the default token_format changed from UUID to PKI. While in the RHOS 3.0 release, we primarily worked with UUID, we would like to follow upstream in the future. For RHOS 4.0, we would like to use PKI by default from packstack. Perhaps as a 3.0.z release of packstack, it would be ideal to have the option to turn on PKI tokens but not affect existing answer files. That is, prompt the user for a token type, and the default should be 'UUID', but allow 'PKI'. Version-Release number of selected component (if applicable): openstack-packstack-2013.1.1-0.17.dev631.el6ost.noarch
Specifically, we should not force the token format to be UUID tokens. This was done by a puppet module chance in 3.0 but has been changed in upstream puppet to align with upstream Keystone.
Verified NVR: openstack-packstack-2013.2.1-0.6.dev763.el6ost.noarch 1. Verified that the packstack default Keystone token format set to PKI # grep PKI packstack-answers-20131006-144322.txt | grep -v "#" CONFIG_KEYSTONE_TOKEN_FORMAT=PKI 2. Installed openstack via packstack # packstack --allinone 3. Verified Kestone configuration file # grep PKI /etc/keystone/keystone.conf | grep -v "#" token_format =PKI
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2013-1859.html