grizzly: new scheduler filter for Multi-tenancy isolation with aggregates

If https://review.openstack.org/#/c/20565 is merged, it will introduce a new scheduler filter in nova

A new scheduler filter that allows the creation of instances from
specific tenants in selected aggregates.
With this filter is possible to isolate tenants in a specific set
of compute nodes (aggregates).

If a host is in an aggregate that has the metadata key
"filter_tenant_id" it can only create instances from that tenant(s).
A host can be in different aggregates.
If a host doesn't belong to an aggregate with the metadata key
"filter_tenant_id" it can create instances from all tenants.

The scheduler documentation should be updated to include this new filter

https://blueprints.launchpad.net/nova/+spec/multi-tenancy-aggregates:

The goal is to schedule instances from specific tenants to selected aggregate(s).

In different cases is necessary to isolate instances from specific tenant(s). This means that they can only be created in a set of hosts. To define the set of hosts we can use "aggregates".

The idea is to create a new scheduler filter "AggregateMultiTenancyIsolation" that handles this use-case:

If an aggregate has the metadata filter_tenant_id=<TENANT_ID> all hosts that are in the aggregate can only create instances from that tenant_id.
An host can belong to different aggregates. So, a host can create instances from different tenants if the different aggregates have defined the metadata filter_tenant_id=<TENANT_ID>.

If a host doesn't belongs to any aggregate it can create instances from all tenants. Also, if a host belongs to aggregates that don't define the metadata filter_tenant_id it can create instances from all tenants.

Using Availability Zones can't solve this problem because a host can only be in one availability zone, also the filter "AggregateInstanceExtraSpecsFilter" doesn't help because it requires creating new and exclusive flavors for each tenant that needs isolation.