diff --git a/lib/cinder b/lib/cinder
index b3e1904de0..7688ad9903 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -53,6 +53,11 @@ fi
 # Support for multi lvm backend configuration (default is no support)
 CINDER_MULTI_LVM_BACKEND=$(trueorfalse False $CINDER_MULTI_LVM_BACKEND)
 
+# Should cinder perform secure deletion of volumes?
+# Defaults to true, can be set to False to avoid this bug when testing:
+# https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1023755
+CINDER_SECURE_DELETE=`trueorfalse True $CINDER_SECURE_DELETE`
+
 # Name of the lvm volume groups to use/create for iscsi volumes
 # VOLUME_GROUP2 is used only if CINDER_MULTI_LVM_BACKEND = True
 VOLUME_GROUP=${VOLUME_GROUP:-stack-volumes}
diff --git a/lib/keystone b/lib/keystone
index 17e0866fec..805cb6f045 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -59,6 +59,9 @@ KEYSTONE_SERVICE_PORT=${KEYSTONE_SERVICE_PORT:-5000}
 KEYSTONE_SERVICE_PORT_INT=${KEYSTONE_SERVICE_PORT_INT:-5001}
 KEYSTONE_SERVICE_PROTOCOL=${KEYSTONE_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
 
+# Set the tenant for service accounts in Keystone
+SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
+
 
 # Entry Points
 # ------------
diff --git a/lib/nova b/lib/nova
index f0c83157d6..d96ed4f2dd 100644
--- a/lib/nova
+++ b/lib/nova
@@ -65,6 +65,9 @@ SCHEDULER=${SCHEDULER:-nova.scheduler.filter_scheduler.FilterScheduler}
 
 QEMU_CONF=/etc/libvirt/qemu.conf
 
+NOVNC_DIR=$DEST/noVNC
+SPICE_DIR=$DEST/spice-html5
+
 
 # Nova Network Configuration
 # --------------------------
diff --git a/lib/swift b/lib/swift
index 2c87d21f6a..d50b554169 100644
--- a/lib/swift
+++ b/lib/swift
@@ -28,6 +28,7 @@ set +o xtrace
 SWIFT_DIR=$DEST/swift
 SWIFTCLIENT_DIR=$DEST/python-swiftclient
 SWIFT_AUTH_CACHE_DIR=${SWIFT_AUTH_CACHE_DIR:-/var/cache/swift}
+SWIFT3_DIR=$DEST/swift3
 
 # TODO: add logging to different location.
 
@@ -40,6 +41,12 @@ SWIFT_DATA_DIR=${SWIFT_DATA_DIR:-${DATA_DIR}/swift}
 # TODO(dtroyer): remove SWIFT_CONFIG_DIR after cutting stable/grizzly
 SWIFT_CONF_DIR=${SWIFT_CONF_DIR:-${SWIFT_CONFIG_DIR:-/etc/swift}}
 
+if is_service_enabled s-proxy && is_service_enabled swift3; then
+    # If we are using swift3, we can default the s3 port to swift instead
+    # of nova-objectstore
+    S3_SERVICE_PORT=${S3_SERVICE_PORT:-8080}
+fi
+
 # DevStack will create a loop-back disk formatted as XFS to store the
 # swift data. Set ``SWIFT_LOOPBACK_DISK_SIZE`` to the disk size in
 # kilobytes.
diff --git a/stack.sh b/stack.sh
index 9a87a5f16c..cfce6be121 100755
--- a/stack.sh
+++ b/stack.sh
@@ -269,14 +269,12 @@ source $TOP_DIR/lib/ldap
 # Set the destination directories for OpenStack projects
 HORIZON_DIR=$DEST/horizon
 OPENSTACKCLIENT_DIR=$DEST/python-openstackclient
-NOVNC_DIR=$DEST/noVNC
-SPICE_DIR=$DEST/spice-html5
-SWIFT3_DIR=$DEST/swift3
 
-# Should cinder perform secure deletion of volumes?
-# Defaults to true, can be set to False to avoid this bug when testing:
-# https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1023755
-CINDER_SECURE_DELETE=`trueorfalse True $CINDER_SECURE_DELETE`
+
+# Interactive Configuration
+# -------------------------
+
+# Do all interactive config up front before the logging spew begins
 
 # Generic helper to configure passwords
 function read_password {
@@ -322,7 +320,6 @@ function read_password {
 
 
 # Database Configuration
-# ----------------------
 
 # To select between database backends, add the following to ``localrc``:
 #
@@ -335,8 +332,7 @@ function read_password {
 initialize_database_backends && echo "Using $DATABASE_TYPE database backend" || echo "No database enabled"
 
 
-# RabbitMQ or Qpid
-# --------------------------
+# Queue Configuration
 
 # Rabbit connection info
 if is_service_enabled rabbit; then
@@ -344,53 +340,45 @@ if is_service_enabled rabbit; then
     read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."
 fi
 
-if is_service_enabled s-proxy; then
-    # If we are using swift3, we can default the s3 port to swift instead
-    # of nova-objectstore
-    if is_service_enabled swift3;then
-        S3_SERVICE_PORT=${S3_SERVICE_PORT:-8080}
+
+# Keystone
+
+if is_service_enabled key; then
+    # The ``SERVICE_TOKEN`` is used to bootstrap the Keystone database.  It is
+    # just a string and is not a 'real' Keystone token.
+    read_password SERVICE_TOKEN "ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN."
+    # Services authenticate to Identity with servicename/``SERVICE_PASSWORD``
+    read_password SERVICE_PASSWORD "ENTER A SERVICE_PASSWORD TO USE FOR THE SERVICE AUTHENTICATION."
+    # Horizon currently truncates usernames and passwords at 20 characters
+    read_password ADMIN_PASSWORD "ENTER A PASSWORD TO USE FOR HORIZON AND KEYSTONE (20 CHARS OR LESS)."
+
+    # Keystone can now optionally install OpenLDAP by enabling the ``ldap``
+    # service in ``localrc`` (e.g. ``enable_service ldap``).
+    # To clean out the Keystone contents in OpenLDAP set ``KEYSTONE_CLEAR_LDAP``
+    # to ``yes`` (e.g. ``KEYSTONE_CLEAR_LDAP=yes``) in ``localrc``.  To enable the
+    # Keystone Identity Driver (``keystone.identity.backends.ldap.Identity``)
+    # set ``KEYSTONE_IDENTITY_BACKEND`` to ``ldap`` (e.g.
+    # ``KEYSTONE_IDENTITY_BACKEND=ldap``) in ``localrc``.
+
+    # only request ldap password if the service is enabled
+    if is_service_enabled ldap; then
+        read_password LDAP_PASSWORD "ENTER A PASSWORD TO USE FOR LDAP"
     fi
+fi
+
+
+# Swift
+
+if is_service_enabled s-proxy; then
     # We only ask for Swift Hash if we have enabled swift service.
     # ``SWIFT_HASH`` is a random unique string for a swift cluster that
     # can never change.
     read_password SWIFT_HASH "ENTER A RANDOM SWIFT HASH."
 fi
 
-# Set default port for nova-objectstore
-S3_SERVICE_PORT=${S3_SERVICE_PORT:-3333}
 
-
-# Keystone
-# --------
-
-# The ``SERVICE_TOKEN`` is used to bootstrap the Keystone database.  It is
-# just a string and is not a 'real' Keystone token.
-read_password SERVICE_TOKEN "ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN."
-# Services authenticate to Identity with servicename/``SERVICE_PASSWORD``
-read_password SERVICE_PASSWORD "ENTER A SERVICE_PASSWORD TO USE FOR THE SERVICE AUTHENTICATION."
-# Horizon currently truncates usernames and passwords at 20 characters
-read_password ADMIN_PASSWORD "ENTER A PASSWORD TO USE FOR HORIZON AND KEYSTONE (20 CHARS OR LESS)."
-# Keystone can now optionally install OpenLDAP by adding ldap to the list
-# of enabled services in the localrc file (e.g. ENABLED_SERVICES=key,ldap).
-# If OpenLDAP has already been installed but you need to clear out
-# the Keystone contents of LDAP set KEYSTONE_CLEAR_LDAP to yes
-# (e.g. KEYSTONE_CLEAR_LDAP=yes ) in the localrc file.  To enable the
-# Keystone Identity Driver (keystone.identity.backends.ldap.Identity)
-# set KEYSTONE_IDENTITY_BACKEND to ldap (e.g. KEYSTONE_IDENTITY_BACKEND=ldap)
-# in the localrc file.
-
-
-# only request ldap password if the service is enabled
-if is_service_enabled ldap; then
-    read_password LDAP_PASSWORD "ENTER A PASSWORD TO USE FOR LDAP"
-fi
-
-# Set the tenant for service accounts in Keystone
-SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
-
-
-# Log files
-# ---------
+# Configure logging
+# -----------------
 
 # Draw a spinner so the user knows something is happening
 function spinner() {
@@ -638,14 +626,15 @@ fi
 
 echo_summary "Configuring OpenStack projects"
 
-# Set up our checkouts so they are installed into python path
-# allowing ``import nova`` or ``import glance.client``
+# Set up our checkouts so they are installed in the python path
 configure_keystoneclient
 configure_novaclient
 setup_develop $OPENSTACKCLIENT_DIR
+
 if is_service_enabled key g-api n-api s-proxy; then
     configure_keystone
 fi
+
 if is_service_enabled s-proxy; then
     configure_swift
     configure_swiftclient
@@ -653,6 +642,7 @@ if is_service_enabled s-proxy; then
         setup_develop $SWIFT3_DIR
     fi
 fi
+
 if is_service_enabled g-api n-api; then
     configure_glance
 fi
@@ -666,17 +656,21 @@ if is_service_enabled nova; then
     cleanup_nova
     configure_nova
 fi
+
 if is_service_enabled horizon; then
     configure_horizon
 fi
+
 if is_service_enabled quantum; then
     setup_quantumclient
     setup_quantum
 fi
+
 if is_service_enabled heat; then
     configure_heat
     configure_heatclient
 fi
+
 if is_service_enabled cinder; then
     configure_cinder
 fi
@@ -698,6 +692,7 @@ if is_service_enabled tls-proxy; then
     # don't be naive and add to existing line!
 fi
 
+
 # Syslog
 # ------
 
@@ -992,6 +987,7 @@ if is_service_enabled nova && is_baremetal; then
     fi
 fi
 
+
 # Launch Services
 # ===============
 
@@ -1081,6 +1077,7 @@ if is_service_enabled heat; then
     start_heat
 fi
 
+
 # Create account rc files
 # =======================
 
@@ -1191,6 +1188,7 @@ fi
 # Check the status of running services
 service_check
 
+
 # Fin
 # ===
 
diff --git a/stackrc b/stackrc
index 19674edf10..34ccfa2169 100644
--- a/stackrc
+++ b/stackrc
@@ -201,6 +201,10 @@ VOLUME_GROUP=${VOLUME_GROUP:-stack-volumes}
 VOLUME_NAME_PREFIX=${VOLUME_NAME_PREFIX:-volume-}
 INSTANCE_NAME_PREFIX=${INSTANCE_NAME_PREFIX:-instance-}
 
+# Set default port for nova-objectstore
+S3_SERVICE_PORT=${S3_SERVICE_PORT:-3333}
+
+# Common network names
 PRIVATE_NETWORK_NAME=${PRIVATE_NETWORK_NAME:-"private"}
 PUBLIC_NETWORK_NAME=${PUBLIC_NETWORK_NAME:-"nova"}