Fail in Agent initialization if GRE tunnel type is used with IPv6

[antoninbas]

The 'gre' tunnel type does not work for IPv6 overlays. The correct
tunnel type for OVS would be 'ip6gre'. For dual-stack clusters with both
an IPv4 and an IPv6 overlay, we would need 2 default tunnel ports: one
for IPv4 (with type 'gre') and one for IPv6 (with type 'ip6gre'). This
would add complexity (and require testing) as the code currently assumes
a single default tunnel port. Rather than trying to support IPv6 with
the added complexity that it entails, we choose to fail during Agent
initialization for now if the user-provided tunnel type is 'gre' and the
cluster supports IPv6.

Note that this means that the default manifest for IPsec
(antrea-ipsec.yml) cannot be used in an IPv6 cluster as the tunnel type
defaults to GRE in that case. However, this is not new, and it is better
to fail explicitly rather than have a cluster where the Agent appears to
be running fine but there is no connectivity.

See #3150

Signed-off-by: Antonin Bas abas@vmware.com

[codecov-commenter]

Codecov Report

Merging #3156 (584782b) into main (1d27432) will decrease coverage by 19.52%.
The diff coverage is 31.25%.

@@             Coverage Diff             @@
##             main    #3156       +/-   ##
===========================================
- Coverage   65.34%   45.81%   -19.53%     
===========================================
  Files         268      345       +77     
  Lines       26901    38720    +11819     
===========================================
+ Hits        17578    17740      +162     
- Misses       7415    18873    +11458     
- Partials     1908     2107      +199     

Flag	Coverage Δ
integration-tests	35.82% <ø> (?)
kind-e2e-tests	51.83% <31.25%> (-3.94%)	⬇️
unit-tests	?

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/agent/agent.go	45.63% <31.25%> (-7.50%)	⬇️
pkg/controller/networkpolicy/endpoint_querier.go	2.85% <0.00%> (-88.58%)	⬇️
pkg/controller/egress/controller.go	0.00% <0.00%> (-88.45%)	⬇️
...g/agent/apiserver/handlers/featuregates/handler.go	0.00% <0.00%> (-82.36%)	⬇️
pkg/controller/ipam/validate.go	0.00% <0.00%> (-82.26%)	⬇️
pkg/agent/util/iptables/lock.go	0.00% <0.00%> (-81.82%)	⬇️
pkg/controller/ipam/antrea_ipam_controller.go	0.00% <0.00%> (-80.29%)	⬇️
pkg/agent/cniserver/ipam/antrea_ipam_controller.go	0.00% <0.00%> (-79.52%)	⬇️
pkg/agent/cniserver/ipam/antrea_ipam.go	1.04% <0.00%> (-78.13%)	⬇️
.../registry/networkpolicy/clustergroupmember/rest.go	7.84% <0.00%> (-76.48%)	⬇️
... and 252 more

[jianjuns]

The approach works for me.

[tnqn]

LGTM

[antoninbas]

@jianjuns @tnqn I rebased and resolved conflicts, could I get another review so I can merge this for 1.6?

[antoninbas]

/test-all

[jianjuns]

We can merge to 1.6.

[tnqn]

Suggested change

	klog.InfoS("One IPv6 PodCIDR is already configured on this Node, ignore the IPv4 Subnet CIDR", "subnet", localSubnet)
	klog.InfoS("One IPv6 PodCIDR is already configured on this Node, ignore the IPv6 Subnet CIDR", "subnet", localSubnet)

otherwise it would mean dual-stack is not supported.

[antoninbas]

thanks, copy-paste error

[antoninbas]

/test-all

[tnqn]

LGTM