Add TrafficControl API

TrafficControl is a feature which allows mirroring or redirecting the
traffic Pods send or receive. It enables users to monitor and analyze
Pod traffic, and to enforce custom network protections for Pods with
fine-grained control over network traffic.

This patch adds types and CRD for TrafficControl API.

Examples:

1. Mirror Pods (web=app) ingress traffic to a VXLAN tunnel
```
apiVersion: crd.antrea.io/v1alpha2
kind: TrafficControl
metadata:
  name: mirror-web-app
spec:
  appliedTo:
    podSelector:
      matchLabels:
        app: web
  direction: Ingress
  action: Mirror
  targetPort:
    name: vxlan0
    type: VXLAN
    tunnelConfig:
      remoteIP: 1.1.1.1
```

2. Redirect Pods (web=app) traffic in both direction to OVS internal
port firewall0 and expect the traffic to re-enter OVS via another OVS
internal port firewall1 if they are not dropped.
```
apiVersion: crd.antrea.io/v1alpha2
kind: TrafficControl
metadata:
  name: redirect
spec:
  appliedTo:
    podSelector:
      matchLabels:
        role: web
  direction: Ingress
  action: Redirect
  targetPort:
    name: firewall0
    type: Internal
  returnPort:
    name: firewall1
    type: Internal
```

For antrea-io#3324

Signed-off-by: Quan Tian <[email protected]>

Author: tnqn

build/yamls/antrea-aks.yml

@@ -2055,6 +2055,210 @@ spec:
     subresources:
       status: {}
 ---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  labels:
+    app: antrea
+  name: trafficcontrols.crd.antrea.io
+spec:
+  group: crd.antrea.io
+  names:
+    kind: TrafficControl
+    plural: trafficcontrols
+    shortNames:
+    - tc
+    singular: trafficcontrol
+  scope: Cluster
+  versions:
+  - additionalPrinterColumns:
+    - description: Specifies the direction of traffic that should be matched.
+      jsonPath: .spec.direction
+      name: Direction
+      type: string
+    - description: Specifies the action that should be taken for the traffic.
+      jsonPath: .spec.action
+      name: Action
+      type: string
+    - description: Specifies the port to which the traffic should be redirected or
+        mirrored.
+      jsonPath: .spec.targetPort.name
+      name: TargetPort
+      type: string
+    - description: Specifies the port from which the the traffic will be sent back
+        to OVS.
+      jsonPath: .spec.returnPort.name
+      name: ReturnPort
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1alpha2
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              action:
+                enum:
+                - Mirror
+                - Redirect
+                type: string
+              appliedTo:
+                properties:
+                  namespaceSelector:
+                    properties:
+                      matchExpressions:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            operator:
+                              enum:
+                              - In
+                              - NotIn
+                              - Exists
+                              - DoesNotExist
+                              type: string
+                            values:
+                              items:
+                                pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$
+                                type: string
+                              type: array
+                          type: object
+                        type: array
+                      matchLabels:
+                        x-kubernetes-preserve-unknown-fields: true
+                    type: object
+                  podSelector:
+                    properties:
+                      matchExpressions:
+                        items:
+                          properties:
+                            key:
+                              type: string
+                            operator:
+                              enum:
+                              - In
+                              - NotIn
+                              - Exists
+                              - DoesNotExist
+                              type: string
+                            values:
+                              items:
+                                pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$
+                                type: string
+                              type: array
+                          type: object
+                        type: array
+                      matchLabels:
+                        x-kubernetes-preserve-unknown-fields: true
+                    type: object
+                type: object
+              direction:
+                enum:
+                - Ingress
+                - Egress
+                - Both
+                type: string
+              returnPort:
+                properties:
+                  name:
+                    type: string
+                  tunnelConfig:
+                    properties:
+                      remoteIP:
+                        oneOf:
+                        - format: ipv4
+                        - format: ipv6
+                        type: string
+                      tunnelID:
+                        type: integer
+                    required:
+                    - remoteIP
+                    type: object
+                  type:
+                    enum:
+                    - Internal
+                    - Device
+                    - VXLAN
+                    - GENEVE
+                    - GRE
+                    type: string
+                required:
+                - name
+                - type
+                type: object
+              targetPort:
+                properties:
+                  erspanConfig:
+                    properties:
+                      dir:
+                        enum:
+                        - 0
+                        - 1
+                        type: integer
+                      hardwareID:
+                        type: integer
+                      index:
+                        type: integer
+                      remoteIP:
+                        oneOf:
+                        - format: ipv4
+                        - format: ipv6
+                        type: string
+                      tunnelID:
+                        type: integer
+                      version:
+                        enum:
+                        - 1
+                        - 2
+                        type: integer
+                    required:
+                    - remoteIP
+                    - version
+                    type: object
+                  name:
+                    type: string
+                  tunnelConfig:
+                    properties:
+                      remoteIP:
+                        oneOf:
+                        - format: ipv4
+                        - format: ipv6
+                        type: string
+                      tunnelID:
+                        type: integer
+                    required:
+                    - remoteIP
+                    type: object
+                  type:
+                    enum:
+                    - Internal
+                    - Device
+                    - VXLAN
+                    - GENEVE
+                    - GRE
+                    - ERSPAN
+                    type: string
+                required:
+                - name
+                - type
+                type: object
+            required:
+            - appliedTo
+            - direction
+            - action
+            - targetPort
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata: