As some of the nodes can lag behind, the system can be in state, that those
nodes will send inactive (also destroyed) slave publish information. Before
publishing it to master, check if each of slaves is really present on master.

Tasks:

 - [x] prove it really works on simulated environment
 - [x] check impact on massive simulated environment
 - [x] cover with a test (optionally)
 - [ ] check test results with this change

/reviewed-on nexedi/slapos!519

/cc @tomo @jm

/reviewed-on nexedi/slapos!520

OPENSSL_BINARY is not needed in the test case, only SQLBENCH_PATH has to be
provided, and perl shall be available in the PATH.

Notes

stack/erp5

 * The service-auto-approve-amount to default is set to 1, in order that the
   only needed service is automatically approved.  As caucase is accessed
   internally (on local IPv4) only partitions on the same server will access
   caucase.

/reviewed-on !518

  This commit add srsLTE into slapos. More informations about
  srsLTE at: https://github.com/srsLTE/srsLTE

  This still a proof of concept because:

   - Not all dependencies are ported into slapos
   - The configuration files are not turned into parameters
   - enb and epc are running on the same partitions
   - Usage of sudo is a code crime, but it is the only way currently**

** This would require patch the srsLTE, to allow external tools pre-configure
  the environment. ie.: Create network interface.

Use json.dumps/.loads to generate promise plugin code. This is safe as it will correctly escape sring and prevent code injection from untrustable parameters.

Add 'import' parameter to simplify parameters used to generate the script instead of passing full import code. When import parameter is set, promise will be loaded from that import path and parameter `content` is ignored.

/reviewed-on nexedi/slapos!515

Close the NBD socket when testing it so it won't mess up qemu.

/reviewed-on nexedi/slapos!516

- Add `buildout.hash.cfg` file so this way we can use the useful `update-hash` script
- Refactor a bit the `software.cfg` file sections as it was repeating itself

/reviewed-on nexedi/slapos!512

Extend the backend with Timeout configuration via headers and use it
to prove, that request taking more than try_duration is correctly served.

Also prove that try_duration and try_interval are correct passed to the slave
configuration.

try_duration and try_interval are Caddy proxy's switches which allow to deal
with non working backend (https://caddyserver.com/docs/proxy)

The non working backend is the one, to which connection is lost or was not
possible to make, without sending any data.

The default try_duration=5s and try_interval=250ms are chosen, so that in
normal network conditions (with all possible problems in the network, like
lost packets) the browser will have to wait up to 5 seconds to be informed
that backend is inaccessible or for the request to start being processed,
but only a bit more than 250ms if Caddy would have to reestablish connection
to faulty backend.

In order to check it out it is advisable to setup a system, with real backend,
like apache one, and configure iptables to randomly reject packets to it:

  iptables -A INPUT -m statistic --mode random -p tcp --dport <backend_port> \
  --probability 0.05 -j REJECT --reject-with tcp-reset

Using ab or any other tool will results with lot of 502 EOF in the Caddy error
log and also reported by ab. With this configuration there are no more
errors visible to the client, which come from the problems on the network
between Caddy and the backend.