Comment 3 for bug 1581133

We have
1) Alexandr Makarov believed MOS uses "fernet" as token backend.
2) I see "uuid" provider (with "sql" driver) in "[token]" section in puppets.
3) Also "uuid|sql" are default values in keystone code (current master): https://github.com/openstack/keystone/blob/3456a9e8a8ecfb74d4bb814a625c19b161306b8f/keystone/common/config.py#L304-L315
4) Current "documentation" in keystone.conf says ("cache" section, "backend" setting): "It is recommended that Memcache with pooling (oslo_cache.memcache_pool) or Redis (dogpile.cache.redis) be used in production deployments".
5) Proposed fix is to change "cache/backend" (and all other occurrences of "memcache_pool") from "keystone.cache.memcache_pool" to "keystone.cache.memcache".
6) For fernet: Alexandr suggested to use "provider = keystone.token.providers.fernet.Provider" to prevent token reading attempts from memcache.
7) from chat conversation: "when they extracted memcache_pool from keystone to oslo they've forgotten the fix" - there may be an error in keystone/oslo refactoring process (as I guess)

I suggest for the first stage
a) find the real problem (I am not sure it is "puppet issue")
b) if it is puppet problem
  b.1) fix puppet
  b.2) fix docs (because I see conflict here)
c) if the problem is in code, but we can't solve it in the near future - we can temporary hack puppet

After that in stage 2 we can discuss fernet in fuel.

Colleagues, your thoughts?