Add ability to specify list of ignored Nomad meta labels

[kyern]

Feature or Problem

We are actively using Nomad for developments and testing apps and push various deployment info to Nomad's meta such as time of deployment, author, pipeline id and other similar things that help to identify exact revision.
This leads to huge amount of unique labels on Cilium that creates new Identity for them exhausting free identities very fast.
New option provides ability to ignore specified metadata keys when Netreap labeling Cilium endpoints.

Related Issues

Consumer Impact

Can reduce amount of identities created by Cilium.
Without specifying any values Netreap behaviour won't change.

Testing

Built on platform(s)

• x86_64-linux

Tested on platform(s)

• x86_64-linux

Unit Test(s)

Manual Verification

Built changed version without new parameter/env var, deployed to Nomad. Behaviour didn't change.
Specified some values for env var, that label absent from Cilium.

[kyern]

@protochron hi!
Can you review please?

[deverton]

You can do this from the Cilium side by using the --labels flag to the Cilium agent to control what labels it uses for identity. See https://docs.cilium.io/en/stable/operations/performance/scalability/identity-relevant-labels/ for more details. For example, we have this set to

--labels "netreap:.*,nomad:some_metadata"

Which means only Netreap sourced labels and the some_metadata label from Nomad are use by Cilium. It'll ignore anything else.