Deploy Flannel with unprivileged PSP

Flannel is running in privileged mode, and is using the root user,
therefore if the container is compromised, an attacker will
inherit that level of access. An attacker compromising the flannel
container will have full root access to the host system, and access
to all secrets and containers hosted on the system.

This PR makes sure that flannel runs in unprivileged mode.

This is done by changing the flannel manifests and also adding
a new PSP policy that disables both privilege mode and privilege
escallation.

The new PSP activates 'NET_ADMIN' capability, hostNetwork
and allowedHostPaths.

* Bump K8S_VERSION from 1.7.6 up to 1.13.2 for e2e k8s tests
* Fixes #1090 - /run is mouted r/w by default in kubernetes