New AKS Mariner nodes are missing 10-azure.conflist CNI config

[james-bjss]

What happened:
Since updating our AKS nodes to AKSCBLMariner-V2gen2-202405.20.0 we observed that the CNI conflist file /etc/cni/net.d/10-azure.conflist is no longer present on the new nodes.

This breaks other CNIs which chain to this as the file is not present. We suspect that the base image previously created this file and recent updates have changed this behaviour.

What you expected to happen:
New nodes should have the /etc/cni/net.d/10-azure.conflist present on boot.

How to reproduce it:
Updated nodes from AKSCBLMariner-V2gen2-202402.07.0 -> AKSCBLMariner-V2gen2-202405.20.0
Remote into machine and observe /etc/cni/net.d/10-azure.conflist is absent.

Anything else we need to know?:
Previously the file was present on AKSCBLMariner-V2gen2-202312.06.0 so the change occurred between these two versions.
Some examples of the azure-cns deamonset have the dropz initcontainer argument create this file; however this is not present on our clusters (both with and without the new images).

Environment:

• AgentBaker version: AKSCBLMariner-V2gen2-202405.20.0
• Kubernetes version (use kubectl version): 1.27.9

[james-bjss]

Would anyone be able to help track down why the conflist file is missing? It seems there was some process previously which was baking this into the base images and it has since been removed. Diffing the repo shows 1000's of changes between those releases so it's difficult to track down where exactly the change happened.

It's not clear if this is intentional and dropz should be generating this file instead (it doesn't with the current daemonset config). Or if this file is now deprecated for 15-azure-swift.conflist?

will raise a separate issue on azure-container-networking and link this issue incase they can shed any light.