Bootstrapper: don't restart healthy tablets

[snaury]

We have a problem with large clusters, where a restart of some nodes causes an unnecessary restart of system tablets. The reason is that it takes a lot of time to fully connect to the rest of the cluster, and bootstrapper often fails to connect to siblings. This makes it decide to start the tablet locally, which succeeds in displacing a perfectly healthy tablet from state storage.

We need to add an additional step that checks for an existing tablet:

1. We need to wait until state storage works and has a quorum. It doesn't make sense to boot a tablet without a working state storage.
2. State storage must have a consistent leader address (tablet will stop when it's inconsistent anyway). We need to connect to that (it may be outdated), and when it succeeds we need to wait until it stops/disconnects and repeat.
3. Only when we are fairly certain that state storage is healthy, but current leader is unreachable, should we initiate a new voting round and restart the tablet.

[snaury]

Feature request from @the-ancient-1: ability to sticky force some node to keep running the tablet unless it's unavailable. We decided it could be possible to skip state storage / pipe checking and start a round where a special non-random value (guaranteed winner) is used. When multiple nodes have selected the same random value then the minimum node id should be a winner.