mgmt_vrf_namespace_tacacs: Tacacs enhancement on top of namespace sol…

[kannankvs]

- What I did
This enhancement is done along with the PR sonic-net/sonic-utilities#428.
Enhanced the configuration for using --use-mgmt-vrf for tacacs server configuration on top of namespace based solution for management VRF to configure the required rules for namespace solution.

- How I did it
Namespace solution requires DNAT as explained in the design document
https://github.com/kannankvs/mvrf_namespace/blob/master/Management%20VRF%20Design%20Document%20Namespace.md
hostcfgd is enhanced to support maximum of 10 tacacs servers. Mapping between the user configured tacacs server IP/port and internally used local IP/port are maintained in this file for adding and deleting those NAT rules.

- How to verify it

1. First, checkout the namespace solution once if the following two PRs are merged.
   (a) mgmt_vrf_namespace: management vrf using namespace solution #2405
   (b) [submodule]: Update common/swss/sairedis submodules #422.
2. checkout the file aaa.py from the PR mgmt_vrf_namespace_tacacs: Tacacs enhancement on top of namespace sol… sonic-utilities#428
3. Checkout this file hostcfgd.
4. With all these files, enable mgmt vrf using command "config vrf add mgmt" and configure tacacs client using following commands.
   (a) config aaa authentication login tacacs+
   (b) config tacacs authtype login
   (c) config tacacs passkey testing123
   (d) config tacacs add --use-mgmt-vrf serveripaddress
5. Configure the tacacs server accordingly.
6. Then, do SSH to the device and verify that the user is authenticated using tacacs server via the management VRF port eth0.