Separate rabbitmq creds for controllers and vm-agents

As noted in https://bugs.launchpad.net/murano/+bug/1230574 there are several security risks with the current VM agent implementation. An end goal likely involves Marconi and/or separate credentials/SSL certs per VM, with appropriate ACLs.

As an interim step, I propose a small set of changes to give admins the option to restrict access to a degree with ACLs and/or a separate rabbitMQ server for VM agent communication:

1) two rabbitMQ configuration settings in murano; one for communication between api and engine(and which could probably use oslo), and one that will be used for communication with vm agents. This allows an admin to run the controller off a cloud-wide rabbitMQ (perhaps shared with other stack services) and a separate one for agents if desired

2) a separate setting for the user/password to be installed on VM agents (now injected in manifests). This allows an administrator to set up one ACL for the engine and a separate, more restrictive one for VMs (consume only)

A third step would evolve 2) into marconi and/or per-VM credentials once the initial separation is done; I suggest that as a separate step to reduce the scope of this since a decision needs to be made about user/pass versus SSL, and is likely a bigger piece of work. In particular it requires that the controller have administrative access over the rabbitMQ that VMs will be using.

Serg and I spoke about this, and it is supported already (but not documented); the config has the rabbitmq_ variables for the api<->engine comms, and a [rabbitmq] section for the non-oslo engine<->VM comms. Marking obsolete.