Switch fernet to be the default token provider

Use the fernet token provider as the default for keystone.

 The Keystone token provider of choice is changing from UUID to Fernet.
 However, due the the need for multi-site keystone deploys to have keys
 kept in sync, we cannot change the default in upstream Keystone
 without  breaking existing deployments.  Fernet requires a deliberate
 setup step like what is done in devstack.  Making the change in
 devstack documents the expected setup.

Change-Id: I8c0db244634b0861b0eb3c48fe6ede153f7f04f2

lib/keystone

@@ -89,7 +89,7 @@ KEYSTONE_RESOURCE_BACKEND=${KEYSTONE_RESOURCE_BACKEND:-sql}
 
 # Select Keystone's token provider (and format)
 # Choose from 'uuid', 'pki', 'pkiz', or 'fernet'
-KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-}
+KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-fernet}
 KEYSTONE_TOKEN_FORMAT=$(echo ${KEYSTONE_TOKEN_FORMAT} | tr '[:upper:]' '[:lower:]')
 
 # Set Keystone interface configuration