Rework KAS private API address discovery

Also see #509 (closed)

Binding to localhost only makes sense in very few scenarios. Much more common would be to bind it to an actual interface or let KAS figure out that interface IP address by providing the CIDR.

Proposal

Currently kas figures out and publishes its private API URL in Redis so that other kas instances can find it. The problem is people often don't configure it correctly and this is totally understandable - the default setup works 100% fine as long as kas is a single replica. The ideal solution would be to eliminate the need to configure kas or at least make the default setup work correctly in more/most situations.

• make kas' private API listen on all interfaces (except all loopback addresses) by discovering them at startup
• make kas publish all the (above) IPs it listens on, not just a single address
• change the kas->kas dialer to use a gRPC resolver that provides all those addresses, not just a single address. If there is more than 1 IP, let gRPC try them all and see which one works. gRPC already has all the machinery for this.
• OWN_PRIVATE_API_URL: remove the default in Omnibus and make it optional in kas. Still support the variable. When provided, it should override the default behavior (described above).
• OWN_PRIVATE_API_CIDR: still support explicit configuration via this variable. It should override the default behavior (described above).