This adds a `nomad alloc restart` command and api that allows a job operator
with the alloc-lifecycle acl to perform an in-place restart of a Nomad
allocation, or a given subtask.

This capability will gate access to features that allow interacting with
a running allocation, for example, signalling, stopping, and rescheduling
specific allocations.

Use specific url prefix for metrics test

Also changed the output to show client node IP addresses

Fixup mixed tabs in script for Vagrantfile demo

This commit replaces a hard tab with two spaces to match the intendation
of the rest of the defined script

minor fixes to spread stanza documentation

tests: port pre-0.9 task env tests

I chose to make them more of integration tests since there's a lot more
plumbing involved. The internal implementation details of how we craft
task envs can now change and these tests will still properly assert the
task runtime environment is setup properly.

test: properly skip client state in beforeall

release: skip check step when cutting release

Now `prerelease` no longer requires linters

`make check` runs very intensive linters that slow and seem to behave
differently on different machines.

Linting is still a part of our CI and we shouldn't be cutting a release
when CI isn't green anyway.

client/logmon: restart log collection correctly when a task is restarted

Prometheus metrics for the e2e environment

Test state corruption

The e2e test code is absolutely hideous and leaks processes and files
on disk. NomadAgent seems useful, but the clientstate e2e tests are very
messy and slow. The last test "Corrupt" is probably the most useful as
it explicitly corrupts the state file whereas the other tests attempt to
reproduce steps thought to cause corruption in earlier releases of
Nomad.

docs: sync systemd unit files; update deploy guide

Point users to security doc instead. Right now it takes a lot of
explaining to describe to users exactly how to validate the binary and
what the output of the tools used means.

For example, this is the output when validating according to the
instructions in this guide and the linked doc:

```
vagrant@linux:/tmp$ gpg --verify nomad_0.8.7_SHA256SUMS.sig
nomad_0.8.7_SHA256SUMS
gpg: Signature made Fri 11 Jan 2019 09:47:56 PM UTC using RSA key ID
348FFC4C
gpg: Good signature from "HashiCorp Security <security@hashicorp.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the
owner.
Primary key fingerprint: 91A6 E7F8 5D05 C656 30BE  F189 5185 2D87 348F
FC4C
vagrant@linux:/tmp$ shasum -a 256 -c nomad_0.8.7_SHA256SUMS
shasum: ./nomad_0.8.7_darwin_amd64.zip:
./nomad_0.8.7_darwin_amd64.zip: FAILED open or read
shasum: ./nomad_0.8.7_linux_386.zip: No such file or directory
./nomad_0.8.7_linux_386.zip: FAILED open or read
shasum: ./nomad_0.8.7_linux_amd64-lxc.zip: No such file or directory
./nomad_0.8.7_linux_amd64-lxc.zip: FAILED open or read
./nomad_0.8.7_linux_amd64.zip: OK
shasum: ./nomad_0.8.7_linux_arm64.zip: No such file or directory
./nomad_0.8.7_linux_arm64.zip: FAILED open or read
shasum: ./nomad_0.8.7_linux_arm.zip: No such file or directory
./nomad_0.8.7_linux_arm.zip: FAILED open or read
shasum: ./nomad_0.8.7_windows_386.zip: No such file or directory
./nomad_0.8.7_windows_386.zip: FAILED open or read
shasum: ./nomad_0.8.7_windows_amd64.zip: No such file or directory
./nomad_0.8.7_windows_amd64.zip: FAILED open or read
shasum: WARNING: 7 listed files could not be read
```

There are only two lines that matter in all of that output:

```
...
gpg: Good signature from "HashiCorp Security <security@hashicorp.com>"
...
./nomad_0.8.7_linux_amd64.zip: OK
...
```

I feel like trying to teach users how to use and interpret these tools
in our deployment guide may be as likely to reduce confidence as
increase it.

tls_cipher_suites only accept a comma-separated string, as evident in:

https://github.com/hashicorp/nomad/blob/0535dfd414214efd14183bf23d1447f679b57af8/nomad/structs/config/tls.go#L61
https://github.com/hashicorp/nomad/blob/d37ed5c193ac8237666b92bd3f3b0b7e0a8ebfd5/helper/tlsutil/config.go#L405

Co-Authored-By: schmichael <michael.schurter@gmail.com>

docs: add #5381 to changelog

server: inconsistent receiver notation corrected