At the moment, members of the raft cluster can never leave. (It's like Hotel California in here!)

In order to let members leave the raft cluster, we need to:

• Add an /remove (or "evict," but I prefer "remove") endpoint to the raft service
• Add the ability to remove a member from the allowed members list
• As part of removing a member from the allowed members list, also revoke that member's grant, if applicable

This last piece is slightly tricky, because several members may share a single grant; namely, if two members are running on the same host but under different ports (as they often do in development), they will have an identical CN on their x509 certificates and therefore share a single grant. When one of these members is removed from the allowed members list, we need to recalculate the list of grants and recognize that the associated grant cannot be deleted.