Using sql as default driver for tokens

kvs driver for tokens is not a production quality storage method.
The shortcomings of using kvs as storage driver for tokens:
    1. It requires load balancer to persist connections to a single
keystone server by token.
    2. The memory will grow out of control until token_flush is run.
    3. At some point kvs lookups get very slow because there are millions
of keys in the dict.
    4. Process restart invalidates all tokens.

Fixes: bug #1188370
Change-Id: Ic726e12d798b843412158a7b92f5e3e3a654811f

etc/keystone.conf.sample

@@ -119,7 +119,7 @@
 # template_file = default_catalog.templates
 
 [token]
-# driver = keystone.token.backends.kvs.Token
+# driver = keystone.token.backends.sql.Token
 
 # Amount of time a token should remain valid (in seconds)
 # expiration = 86400

keystone/common/config.py

@@ -273,7 +273,7 @@ def configure():
         group='policy',
         default='keystone.policy.backends.sql.Policy')
     register_str(
-        'driver', group='token', default='keystone.token.backends.kvs.Token')
+        'driver', group='token', default='keystone.token.backends.sql.Token')
     register_str(
         'driver', group='trust', default='keystone.trust.backends.sql.Trust')
     register_str(

tests/test_overrides.conf

@@ -11,6 +11,9 @@ template_file = default_catalog.templates
 [trust]
 driver = keystone.trust.backends.kvs.Trust
 
+[token]
+driver = keystone.token.backends.kvs.Token
+
 [signing]
 certfile = ../examples/pki/certs/signing_cert.pem
 keyfile = ../examples/pki/private/signing_key.pem