Use best practices to run external CCM

[dims]

This list is from @andrewsykim

• use hostnetwork: true so you don't depend on CNI to initialize nodes
• use dnsPolicy: Default since kube-dns likely doesn't tolerate the node.cloudprovider.kubernetes.io/uninitialized taint
• tolerate node-role.kubernetes.io/master since you probably want it running on master nodes
• use --leader-elect if you want HA