Enhanced subnet discovery should use configurable tags

[dougbyrne]

What would you like to be added: The enhanced subnet discovery should use configurable tags. Currently the CNI will use any subnet in a matching VPC and AZ with the tag kubernetes.io/role/cni: 1. The CNI should have additional configurable tag filters.

Why is this needed: If multiple EKS clusters share a VPC, they will all share subnets. It is desirable to specify additional tags unique to each cluster to limit the discovery scope. An example filter might be kubernetes.io/cluster/my-example-cluster: shared.

Subnet ID	tag kubernetes.io/role/cni	tag kubernetes.io/cluster/my-example-cluster	tag kubernetes.io/cluster/some-other-cluster	Selected by my example cluster	Selected by some other cluster
subnet-123	1	shared	untagged	✅ Yes	❌ No
subnet-456	1	untagged	shared	❌ No	✅ Yes
subnet-789	1	shared	shared	✅ Yes	✅ Yes
subnet-abc	untagged	shared	untagged	❌ No	❌ No
subnet-def	untagged	untagged	untagged	❌ No	❌ No

[github-actions]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days

[dougbyrne]

Unstale