daemon: Ignore cilium_* interfaces when deriving NodePort device

[eyanulis]

Any Cilium-created interface (cilium_host, etc) will never be a valid
interface for kube-proxy-replacement NodePort (or direct routing). In
certain cases, it is possible for the NodePort auto-derivation code to
select one of these interfaces. This notably happens when the k8s node
IP is an IPv6 address: the node IP is cloned to cilium_host, and the IP
(sans netmask) is used as a map key - so cilium_host may be viewed as
the only interface with an address matching the node IP.

Add a check bypassing any interface whose name is prefixed with
cilium_ during NodePort device detection.

Add a test mimicking the IPv6 cilium_host case: node IP assigned to a
"real" interface and a cilium_foo interface, we should ignore
cilium_foo.

Fixes: #16019

Please ensure your pull request adheres to the following guidelines:

• For first time contributors, read Submitting a pull request
• All code is covered by unit and/or runtime tests where feasible.
• All commits contain a well written commit description including a title,
  description and a Fixes: #XXX line if the commit addresses a particular
  GitHub issue.
• All commits are signed off. See the section Developer’s Certificate of Origin
• Provide a title or release-note blurb suitable for the release notes.
• Thanks for contributing!

[maintainer-s-little-helper]

Commit 102d4515a6b8c84d8aca5f947e568c42ca1b0953 does not contain "Signed-off-by".

Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin

[brb]

Thanks for the contribution! Looks good, just two nits.

[brb]

Nit: s/skipping interface/skipping interface for device detection/.

[eyanulis]

Updated, thanks.

[brb]

Nit: s/NodePort device/device/ (it's not only used for NodePort).

[eyanulis]

Updated, thanks. Also s/in/for/ to be consistent with various messages around it.

[jibi]

nit: no need for these continues

[eyanulis]

Thanks for catching that, I've removed them. I had gone back and forth between having an "implicit" and "explicit" else condition and the continues would have been required for the implicit condition, but I forgot to remove them after settling on an explicit else.

[eyanulis]

@brb @jibi Thank you both for the review. Most recent force-push addresses the comments.

[brb]

Thanks!

[jibi]

test-me-please

[eyanulis]

It looks like most(/all?) of the failing tests are Github flakes from the first run (HTTP 500 during checkout, etc).

Is there any way to rerun them? I'm not terribly familiar with how this repo is wired up to Github Actions but it doesn't seem like they re-ran after the test-me-please comment above from @jibi.

[jibi]

It looks like most(/all?) of the failing tests are Github flakes from the first run (HTTP 500 during checkout, etc).

Is there any way to rerun them? I'm not terribly familiar with how this repo is wired up to Github Actions but it doesn't seem like they re-ran after the test-me-please comment above from @jibi.

I think GH was having some issues yesterday with actions. Closing and reopening the PR should have restarted them

[joamaki]

test-1.16-netnext

[joamaki]

The tests relevant to this PR are passing, so marking this ready for merge.