disable unnecessary Ubuntu services during node bootstrap

Mask and stop services that compete with apt operations or are not
needed for Kubernetes nodes:

- apt-news.service/timer: fetches APT news, holds apt lock
- esm-cache.service: Ubuntu Pro cache updates
- snapd.service/socket: Snap package manager
- lxd-installer.socket: LXD container helper
- ubuntu-advantage.service: Ubuntu Pro auto-attach
- unattended-upgrades.service: automatic security updates
- motd-news.timer: MOTD news fetching
- update-notifier-motd.timer: "new Ubuntu version" checks
- update-notifier-download.timer: failed package retry

This addresses CI timeouts where apt-news.service running concurrently
with apt-get update caused the master node to take ~5 minutes for
package index downloads (vs ~5-9 seconds on worker nodes).

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

cluster/gce/gci/master.yaml

@@ -129,6 +129,8 @@ write_files:
       WantedBy=multi-user.target
 
 runcmd:
+ - systemctl mask apt-news.service apt-news.timer esm-cache.service snapd.service snapd.socket lxd-installer.socket ubuntu-advantage.service unattended-upgrades.service motd-news.timer update-notifier-motd.timer update-notifier-download.timer || true
+ - systemctl stop unattended-upgrades.service || true
  - systemctl daemon-reload
  - systemctl enable kube-bootstrap-logs-forwarder.service
  - systemctl enable kube-master-installation.service

cluster/gce/gci/node.yaml

@@ -87,6 +87,8 @@ write_files:
       options sunrpc max_resvport=986
 
 runcmd:
+ - systemctl mask apt-news.service apt-news.timer esm-cache.service snapd.service snapd.socket lxd-installer.socket ubuntu-advantage.service unattended-upgrades.service motd-news.timer update-notifier-motd.timer update-notifier-download.timer || true
+ - systemctl stop unattended-upgrades.service || true
  - systemctl daemon-reload
  - systemctl enable kube-node-installation.service
  - systemctl enable kube-node-configuration.service