This change allows to define two cluster CIDRs for compatibility with
Kubernetes dual-stack, with an assumption that two CIDRs are usually
IPv4 and IPv6.
Signed-off-by: Michal Rostecki <vadorovsky@gmail.com>
On Linux kernels >5.10 there is was a new option added to ipset where a
hexadecimal value was persisted from the kernel to the userspace so that
ipsets could be restored exactly as they were by referencing the same
randomized set string.
However, kube-router is not able to benefit from that as it often
changes the ipset between "ipset save" and "ipset restore" actions.
Additionally, it utilizes the options that it gets from the save
verbatim in both a temp set and the final set that it swaps into to
prevent data path disruptions.
Finally, it bases the number of temporary sets it has to create based on
unique sets of options. Since initval is intentionally unique between
each set, it causes us to execute many more options than we actually
need to and reduces performance considerably on newer kernels that
support this option.
* ipset restore: use temporary sets and swap them into the real ones
* move const
* switch to shared tmp ipsets
* preemptively flush tmp set in case it already existed
