diff --git a/ansible/roles/keystone/tasks/bootstrap.yml b/ansible/roles/keystone/tasks/bootstrap.yml
index 34e0aba6ee..61110f093b 100644
--- a/ansible/roles/keystone/tasks/bootstrap.yml
+++ b/ansible/roles/keystone/tasks/bootstrap.yml
@@ -43,7 +43,7 @@
     insecure_registry: "{{ docker_insecure_registry }}"
     name: bootstrap_keystone
     image: "{{ keystone_image_full }}"
-    volumes: "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro"
+    volumes: "{{ node_config_directory }}/keystone/:/opt/kolla/config_files/:ro"
     env:
       KOLLA_BOOTSTRAP:
       KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
diff --git a/ansible/roles/keystone/tasks/config.yml b/ansible/roles/keystone/tasks/config.yml
index ef832f7e40..f880236121 100644
--- a/ansible/roles/keystone/tasks/config.yml
+++ b/ansible/roles/keystone/tasks/config.yml
@@ -16,6 +16,11 @@
       - "{{ node_templates_directory }}/keystone/keystone.conf_augment"
     config_dest: "{{ node_config_directory }}/keystone/keystone.conf"
 
+- name: Copying over Keystone JSON configuration file
+  template:
+    src: "roles/keystone/templates/keystone.json.j2"
+    dest: "{{ node_config_directory }}/keystone/config.json"
+
 - name: Copying over config(s)
   template:
     src: "wsgi-keystone.conf.j2"
diff --git a/ansible/roles/keystone/tasks/start.yml b/ansible/roles/keystone/tasks/start.yml
index 064e987830..3833ef9ad9 100644
--- a/ansible/roles/keystone/tasks/start.yml
+++ b/ansible/roles/keystone/tasks/start.yml
@@ -13,6 +13,6 @@
     insecure_registry: "{{ docker_insecure_registry }}"
     name: keystone
     image: "{{ keystone_image_full }}"
-    volumes: "{{ node_config_directory }}/keystone/:/opt/kolla/keystone/:ro"
+    volumes: "{{ node_config_directory }}/keystone/:/opt/kolla/config_files/:ro"
     env:
       KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
diff --git a/ansible/roles/keystone/templates/keystone.json.j2 b/ansible/roles/keystone/templates/keystone.json.j2
new file mode 100644
index 0000000000..d5d85fd153
--- /dev/null
+++ b/ansible/roles/keystone/templates/keystone.json.j2
@@ -0,0 +1,19 @@
+{% set keystone_cmd = 'apache2' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd' %}
+{% set keystone_dir = 'apache2/conf-enabled' if kolla_base_distro in ['ubuntu', 'debian'] else 'httpd/conf.d' %}
+{
+    "command": "/usr/sbin/{{ keystone_cmd }}",
+    "config_files": [
+        {
+            "source": "/opt/kolla/config_files/keystone.conf",
+            "dest": "/etc/keystone/keystone.conf",
+            "owner": "keystone",
+            "perm": "0600"
+        },
+        {
+            "source": "/opt/kolla/config_files/wsgi-keystone.conf",
+            "dest": "/etc/{{ keystone_dir }}/wsgi-keystone.conf",
+            "owner": "keystone",
+            "perm": "0644"
+        }
+    ]
+}
diff --git a/docker/keystone/start.sh b/docker/keystone/start.sh
index 0f1dc7db02..91c95517cf 100755
--- a/docker/keystone/start.sh
+++ b/docker/keystone/start.sh
@@ -7,24 +7,18 @@ source /opt/kolla/kolla-common.sh
 
 if [[ "${KOLLA_BASE_DISTRO}" == "ubuntu" || \
         "${KOLLA_BASE_DISTRO}" == "debian" ]]; then
-    CMD="/usr/sbin/apache2"
-    ARGS="-DFOREGROUND"
-
     # Loading Apache2 ENV variables
     source /etc/apache2/envvars
-else
-    CMD="/usr/sbin/httpd"
-    ARGS="-DFOREGROUND"
 fi
 
-# Execute config strategy
-set_configs
+# Generate run command
+python /opt/kolla/set_configs.py
+CMD=$(cat /run_command)
 
 # Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
 # of the KOLLA_BOOTSTRAP variable being set, including empty.
 if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
     su -s /bin/sh -c "keystone-manage db_sync" keystone
-
     # Start the api to set initial endpoint and users with the admin_token
     $CMD
     sleep 5
@@ -42,4 +36,6 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
     exit 0
 fi
 
+ARGS="-DFOREGROUND"
+echo "Running command: ${CMD} ${ARGS}"
 exec $CMD $ARGS