[cilium] fix rbac and upgrade hubble v0.11.0 (#3) (#9959)

* [cilium] fix rbac and upgrade hubble v0.11.0 (#3)

* [cilium] fix rbac for LB bgp ipam

* [cilium] Upgrade Hubble to v0.11.0 and add mTLS between Hubble UI and Hubble Relay

* fix dns domain hubble for tls

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>

* Fix blank line

---------

Co-authored-by: Thuon Jeremy <d107869@olinfra1.infra.bdm.outscale.c1.dav.fr>

roles/network_plugin/cilium/templates/hubble/cronjob.yml.j2

@@ -29,19 +29,10 @@ spec:
               # line args instead of via config map. This allows users to inspect
               # the values used in past runs by inspecting the completed pod.
               args:
-                - "--cilium-namespace=kube-system"
-                - "--ca-reuse-secret=true"
-                - "--ca-secret-name=hubble-ca-secret"
-                - "--ca-generate=true"
-                - "--ca-validity-duration=94608000s"
-                - "--hubble-server-cert-generate=true"
-                - "--hubble-server-cert-common-name=*.{{ cilium_cluster_name }}.hubble-grpc.cilium.io"
-                - "--hubble-server-cert-validity-duration=94608000s"
-                - "--hubble-server-cert-secret-name=hubble-server-certs"
-                - "--hubble-relay-client-cert-generate=true"
-                - "--hubble-relay-client-cert-validity-duration=94608000s"
-                - "--hubble-relay-client-cert-secret-name=hubble-relay-client-certs"
-                - "--hubble-relay-server-cert-generate=false"
+              {% for key, value in cilium_certgen_args.items() -%}
+                - "--{{ key }}={{ value }}"
+              {% endfor %}
+
           hostNetwork: true
           restartPolicy: OnFailure
       ttlSecondsAfterFinished: 1800