Move auth_token configurations to quantum.conf

keystone auth_token middleware now allows quantum to have auth_token
configuration in quantum.conf. This commit moves the example of
auth_token configuration from api-paste.ini to quantum.conf.
This simplifies user configuations and users is no longer required
to edit api-paste.ini.

This change does not break backward compatibility. auth_token first
tries the configurations in /etc/quantum/api-paste.ini and then the
above configurations. Thus a user who already use api-paste.ini
does not need to change it.

DocImpact

Change-Id: I5a4c48b14428e29ea2a331880e1de0afd69c97b5

etc/api-paste.ini

@@ -13,13 +13,6 @@ paste.filter_factory = quantum.auth:QuantumKeystoneContext.factory
 
 [filter:authtoken]
 paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
-auth_host = 127.0.0.1
-auth_port = 35357
-auth_protocol = http
-admin_tenant_name = %SERVICE_TENANT_NAME%
-admin_user = %SERVICE_USER%
-admin_password = %SERVICE_PASSWORD%
-signing_dir = /var/lib/quantum/keystone-signing
 
 [filter:extensions]
 paste.filter_factory = quantum.api.extensions:plugin_aware_extension_middleware_factory

etc/quantum.conf

@@ -207,3 +207,12 @@ notification_topics = notifications
 # root filter facility.
 # Change to "sudo" to skip the filtering and just run the comand directly
 # root_helper = sudo
+
+[keystone_authtoken]
+auth_host = 127.0.0.1
+auth_port = 35357
+auth_protocol = http
+admin_tenant_name = %SERVICE_TENANT_NAME%
+admin_user = %SERVICE_USER%
+admin_password = %SERVICE_PASSWORD%
+signing_dir = /var/lib/quantum/keystone-signing