Ignore node taints when scheduling Cilium preflight daemonset

[abhay-krishna]

The Cilium preflight DaemonSet is a part of Cilium Helm charts and is installed to act as helper during Cilium upgrades. Since it's a DaemonSet, it will target all nodes to schedule pods on, and tolerates some well-known taints defined here (this list is a modified version of upstream's list that includes the toleration to the node-role.kubernetes.io/control-plane taint). However if a user configures taints in their EKS-A cluster config, then this preflight DaemonSet will not be able to schedule pods on those nodes since it only tolerates the static list of taints above. Thus cluster upgrades will fail during the preflight validation phase when trying to upgrade a cluster with taints.

This PR sets the tolerations such that the preflight DaemonSet gets scheduled on all nodes regardless of the taints on that node.

From Kubernetes docs:

An empty key with operator Exists matches all keys, values and effects which means this will tolerate everything.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[codecov]

Codecov Report

Patch coverage has no change and project coverage change: -0.02% ⚠️

Comparison is base (176cacc) 75.61% compared to head (c6fe289) 75.60%.
Report is 3 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #6697      +/-   ##
==========================================
- Coverage   75.61%   75.60%   -0.02%     
==========================================
  Files         474      474              
  Lines       38268    38250      -18     
==========================================
- Hits        28937    28919      -18     
  Misses       7724     7724              
  Partials     1607     1607              

Files Changed	Coverage Δ
pkg/networking/cilium/templater.go	96.42% <ø> (-0.35%)	⬇️

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[g-gaston]

/lgtm

[abhay-krishna]

/approve
/cherrypick release-0.17

[eks-distro-pr-bot]

@abhay-krishna: once the present PR merges, I will cherry-pick it on top of release-0.17 in a new PR and assign it to you.

In response to this:

/approve
/cherrypick release-0.17

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[eks-distro-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abhay-krishna

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [abhay-krishna]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[g-gaston]

/lgtm

[eks-distro-pr-bot]

@abhay-krishna: new pull request created: #6698

In response to this:

/approve
/cherrypick release-0.17

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.