Via header for response and request is fully stabilized and present according
to the RFC now.

Important information, like protocol and protocol version are exposed.

Hops which were present in the request are stored and descriptively named.

Versions of components are exposed in hidden way and in the same time the
frontend administrator and frontend user are able to analyze the versions,
and the version history present on the node is transmitted back.

Additionally each node can be identified by frontend admins and users for
request and response headers, allowing more debugging.

Improve the tests by extending assertSlaveBase and reuse it instead of
duplicating the code everywhere.

Accessing headers.dict results with dropping headers sent in more then one
line, which is accepted by RFC.

So in case if many lines for given header arrived, expose them as a list,
otherwise simply show exactly arrived header.

Rapid.CDN has strong requirements regarding Via header passing by, so strip
down unnecessary parts of the original implementation.

See merge request nexedi/slapos!1130

The test name (and shared instance name) was misleading.

The test have incorrect leftover of old limited implementation, now the system
shall update images by itself.

Also the typical scenario - image on first request - was not covered.

Adapt the test to code without needed linking.

image-download-controller raises error state during download process, to
inform other components that download is not ready yet.

template-kvm-run.in asserts presence of all images and otherwise refuses to
start, so that it gives chance for the image to being downloaded.

Sorting images happen by proper key instead of needless links.

Fix race condition, as the hash parameter shall depend on boot image url
configuration, and not it's failure state.

Cleanups:

 * simplify nginx management with real template
 * rename sections to provide explanation in their name so it's less cryptic

Instead of trusting CSR id published by the node which tries to join the
cluster add a tool which is able to compare exposed CSR with one in caucase
and then decide to accept node in the cluster. This tool does what usual user
would do, and it's logic implemented as a script leads to much simpler profiles.

For sake of clean profiles csr_id has been removed, except when it's used for
self joining of the user to the cluster.

Adjust paths.
Cleanup.

Use relative paths. Cleanup.

CSR id shall be requested only when it's not available yet, as otherwise it
contacts caucase server needlessly, and in some circumstances it can result
with bogus new CSR.

Fixes a build error with recent gawk versions.

As refernce to the network-config-ipv4 part has been removed from the
publish-connection-information the part was not installed anymore, so the
netconfig.sh file was not added.

Fixed it by simply adding this part to the installed ones.

This fixes commit 3f7d8965

Server header might be changed by client facing caddy, for which caddy code
has been fixed to not transmit the Server header at all by default.
In ATS Server header has been disabled by configuration.
haproxy does not add Server header at all.
Thanks to improvement in the test backend, it's asserted that Server header
send by the backend is left intact.