Comment 6 for bug 1587777

I added the controller into /etc/hosts right from the start, DNS works, too. My keystone.conf:

---cut here---
[DEFAULT]
log_dir = /var/log/keystone
debug = true
[assignment]
driver = sql
[catalog]
driver = sql
[database]
connection = mysql+pymysql://keystone:password@control/keystone
[fernet_tokens]
key_repository = /etc/keystone/fernet-keys/
max_active_keys = 3
[identity]
domain_specific_drivers_enabled = true
domain_configurations_from_database = true
driver = sql
[memcache]
servers = localhost:11211
[resource]
driver = sql
[revoke]
driver = sql
[role]
driver = sql
[token]
expiration = 14400
provider = fernet
---cut here---

Please note that I use multi-domains, "real users" are included via LDAP, the openstack services are in the sql databases. But we had the performance issue right from the start when switching to Mitaka, at that point we didn't use LDAP and we used UUID tokens, not fernet. Basically, I upgraded the working Liberty environment to Mitaka and then started changing the configuration for keystone etc.

Please let me know if you need any other information.