Override DNS and NTP on the worker from NetworkIsolation if given

[majst01]

add this into webhook/controlplane/ensurer.go

Implement the EnsureAdditionalFiles Interface.

Related: https://github.com/fi-ts/proxy-services/issues/4

[vknabel]

During implementation a few questions came up:

1. Do we want to support things like DNSSEC or DNSOverTLS?
2. timesyncd does not support non-standard ports. How should we handle wrong port configs? a. fail generation of files completely b. generate everything, skip wrong port, only fail if no port is valid c. just use port 123 and log that the port was misconfigured (preferred) d. always use port 123 without logging
3. Do we want to support FallbackNTP?

[majst01]

During implementation a few questions came up:

1. Do we want to support things like DNSSEC or DNSOverTLS? should be possible to define
2. timesyncd does not support non-standard ports. How should we handle wrong port configs? a. fail generation of files completely b. generate everything, skip wrong port, only fail if no port is valid c. just use port 123 and log that the port was misconfigured (preferred) d. always use port 123 without logging

Then port must not be specified for DNS in my opinion, use the same struct for all 3 types (DNS, NTP and Registry) is probably not a good idea

3. Do we want to support FallbackNTP?

dont think so, if 2 or more ntp servers are defined, this should be enough

[mwennrich]

Looking at other cloudprofiles, they do simply add only the addresses to the cloudprofile:

• https://github.com/gardener/gardener-extension-provider-vsphere/blob/main/pkg/apis/vsphere/types_cloudprofile.go#L38

• https://github.com/gardener/gardener-extension-provider-openstack/blob/master/pkg/apis/openstack/types_cloudprofile.go#L34

[Gerrit91]

Can this be closed?