undercloud: increase token expiration time

We did it in the past (3 years ago!) in instack-undercloud:
43e792c684
in the context of: https://bugzilla.redhat.com/show_bug.cgi?id=1235908

This time, we have the same problem when the undercloud is
containeirized.
This patch is actually setting parity with keystone config from
instack-undercloud, but also raising an actual issue that will be
addressed this cycle.

In the meantime, let's increase the token expiration so we can move
forward with testing the containerized undercloud.

Change-Id: Iceaaf53fae44b5bcda9f6517f163939ba6be3d49
Related-Bug: #1761050

environments/undercloud.yaml

@@ -11,6 +11,9 @@ parameter_defaults:
   # ensure we enable ip_forward before docker gets run
   KernelIpForward: 1
   KeystoneCorsAllowedOrigin: '*'
+  # Increase the Token expiration time until we fix the actual session bug:
+  # https://bugs.launchpad.net/tripleo/+bug/1761050
+  TokenExpiration: 14400
   EnablePackageInstall: true
   StackAction: CREATE
   SoftwareConfigTransport: POLL_SERVER_HEAT

puppet/services/keystone.yaml

@@ -109,6 +109,10 @@ parameters:
     default: 5672
     description: Set rabbit subscriber port, change this if using SSL
     type: number
+  TokenExpiration:
+    default: 3600
+    description: Set a token expiration time in seconds.
+    type: number
   KeystoneWorkers:
     type: string
     description: Set the number of workers for keystone::wsgi::apache
@@ -349,6 +353,7 @@ outputs:
                 query:
                   read_default_file: /etc/my.cnf.d/tripleo.cnf
                   read_default_group: tripleo
+            keystone::token_expiration: {get_param: TokenExpiration}
             keystone::admin_token: {get_param: AdminToken}
             keystone::admin_password: {get_param: AdminPassword}
             keystone::roles::admin::password: {get_param: AdminPassword}