Neutron chart: add OVS firewall

Add openvswitch based firewall, which is better than hybrid iptables one.
It does not interfere with k8s iptables rules on compute nodes.
The advantage is that VMs have access to the OpenStack API.

Change-Id: Ic6baef5867db962b3cb4709d7e6dce8a9a13584f
Closes-Bug: #1686371

neutron/values.yaml

@@ -389,6 +389,12 @@ conf:
             agent:
               tunnel_types: vxlan
               ovsdb_connection: unix:/var/run/openvswitch/db.sock
+    securitygroup:
+      neutron:
+        ml2:
+          ovs:
+            agent:
+              firewall_driver: openvswitch
   metering_agent:
     override:
     append: