Add Cilium CNI option (#435)

* Add Cilium CNI option

* Tweak version checks and add BGP resource verify

* Update metallb detection for kube-vip feat compat

roles/k3s_server_post/templates/calico.crs.j2

@@ -10,7 +10,7 @@ spec:
     # Note: The ipPools section cannot be modified post-install.
     ipPools:
     - blockSize: {{ calico_blockSize | default('26') }}
-      cidr: {{ calico_cidr | default('10.52.0.0/16') }}
+      cidr: {{ cluster_cidr | default('10.52.0.0/16') }}
       encapsulation: {{ calico_encapsulation | default('VXLANCrossSubnet') }}
       natOutgoing: {{ calico_natOutgoing | default('Enabled') }}
       nodeSelector: {{ calico_nodeSelector | default('all()') }}

roles/k3s_server_post/templates/cilium.crs.j2

@@ -0,0 +1,29 @@
+apiVersion: "cilium.io/v2alpha1"
+kind: CiliumBGPPeeringPolicy
+metadata:
+ name: 01-bgp-peering-policy
+spec: # CiliumBGPPeeringPolicySpec
+ virtualRouters: # []CiliumBGPVirtualRouter
+ - localASN: {{ cilium_bgp_my_asn }}
+   exportPodCIDR: {{ cilium_exportPodCIDR | default('true') }}
+   neighbors: # []CiliumBGPNeighbor
+    - peerAddress: '{{ cilium_bgp_peer_address + "/32"}}'
+      peerASN: {{ cilium_bgp_peer_asn }}
+      eBGPMultihopTTL: 10
+      connectRetryTimeSeconds: 120
+      holdTimeSeconds: 90
+      keepAliveTimeSeconds: 30
+      gracefulRestart:
+        enabled: true
+        restartTimeSeconds: 120
+   serviceSelector:
+      matchExpressions:
+         - {key: somekey, operator: NotIn, values: ['never-used-value']}
+---
+apiVersion: "cilium.io/v2alpha1"
+kind: CiliumLoadBalancerIPPool
+metadata:
+  name: "01-lb-pool"
+spec:
+  cidrs:
+  - cidr: "{{ cilium_bgp_lb_cidr }}"