Omit NSX Operator VPC CRs from Backup

[ihgann]

What this PR does / why we need it:

This change supports addition of NSX Operator v1alpha1 APIs to be omitted from Velero backups. These resources are being introduced into Supervisor, and must be omitted in order to support an accurate restore, as networking resources are generated dynamically and these networking resources and rules associated with them (such as securitypolicies) might not accurately reflect the original backup anymore.

Additionally, removes a few annotations from being backed up on vSphere pods related to NSX VPC networking.

Which issue(s) this PR fixes:

n/a

Special notes for your reviewer:

n/a

Does this PR introduce a user-facing change?:

For Supervisor's using NSX Operator with VPC Networking, Velero backups will omit all NSX Operator v1alpha1 VPC APIs. vSphere Pods, Services, and any other resource's networking-related properties will need to be re-created by NSX Operator upon restore.

Testing Done:

• Performed a backup of a Supervisor namespace, supporting these CRs, with a few vSphere Pods, Services, as well as a few custom Subnet(s), SubnetSet(s), SubnetPorts, etc.
• Inspected the backup JSON schema and validated none of these Custom Resource names are referenced in the backup.
• Applied a restore to a new namespace and verified that no networking resources were restored - rather, they were dynamically created. Additionally, validated that the vSphere Pods and Services were able to generate fresh IPs for consumption. All custom-generated networking resources in the original backup were not applied.
• Validated pods were given unique nsx.vmware.com/mac and nsx.vmware.com/attachment annotations.
• Validated the same restore to a new namespace with differing CIDR ranges applicable to ensure no overlap of IPs applied would occur.

--

I also performed a manual negative test by testing main, in which the above backup did retain the NSX VPC CRs, which caused issue on restore as vSphere Pods and services were not able to successfully retain their previous networking and NSX Operator was not able to fully apply networking resources to the existing Pods.

[deepakkinni]

Can we get the DCO to pass?

[xing-yang]

Can you add a release note? When you run backup and restore, do you have to "exclude" any resources?

[ihgann]

Can you add a release note? When you run backup and restore, do you have to "exclude" any resources?

No additional exclusion is required to support backup/restore with these changes.