Make cilium dnsProxy transparent mode configure

When Cilium is configured to replace kube-proxy, it automatically
enables dnsProxy, which can conflict with nodelocaldns.

Author: tico88612

roles/network_plugin/cilium/defaults/main.yml

@@ -58,6 +58,12 @@ cilium_monitor_aggregation: medium
 # Kube Proxy Replacement mode (true/false)
 cilium_kube_proxy_replacement: false
 
+# If not defined `cilium_dns_proxy_enable_transparent_mode`, it will following the Cilium behavior.
+# When Cilium is configured to replace kube-proxy, it automatically enables dnsProxy, which will conflict with nodelocaldns.
+# You can set `false` avoid conflict with nodelocaldns.
+# https://github.com/cilium/cilium/issues/33144
+# cilium_dns_proxy_enable_transparent_mode:
+
 # If upgrading from Cilium < 1.5, you may want to override some of these options
 # to prevent service disruptions. See also:
 # http://docs.cilium.io/en/stable/install/upgrade/#changes-that-may-require-action

roles/network_plugin/cilium/templates/values.yaml.j2

@@ -28,6 +28,11 @@ loadbalancer:
 
 kubeProxyReplacement: {{ cilium_kube_proxy_replacement }}
 
+{% if cilium_dns_proxy_enable_transparent_mode is defined %}
+dnsProxy:
+  enableTransparentMode: {{ cilium_dns_proxy_enable_transparent_mode }}
+{% endif %}
+
 extraVolumes:
   {{ cilium_agent_extra_volumes | to_nice_yaml(indent=2) | indent(2) }}