Expose CNI net directory in Helm chart?

[arichtman]

Hi - thanks for all the work so far on Calico!

I'm using an immutable distribution that disallows writes to /etc/cni/net.d and was wondering if you'd be open to exposing that in the Helm chart values. I can write up a PR for it but thought I should ask first.

Expected Behavior

Current Behavior

Volumes for calico-node hard-coded to /etc/cni/net.d.

Possible Solution

Add property node.cni.netDir to values and default the mountPath in the Calico Helm chart to /etc/cni/net.d

Your Environment

• Calico version: 3.72.2
• Orchestrator version (e.g. kubernetes, mesos, rkt): Kubernetes 1.28.4
• Operating System and version: NixOS 23.11
• Link to your project (optional):

[caseydavenport]

I think the first thing we'd need to do is add support for this in the tigera/operator repository.

We already have support for configuring this on Windows: https://github.com/tigera/operator/blob/master/api/v1/installation_types.go#L831-L845

We would need to add equivalent configuration options to the operator for Linux, and then these options will show up in the helm chart "for free" as a result (since we embed the Installation directly into values.yaml)