fix(cilium): disable clustermesh, native routing

LoadBalancer services not responding
Minecraft server specifically gets denied from egressing to world
Not sure if Minecraft server issue related to `k8s:` matchLabels prefix

kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml

@@ -16,31 +16,34 @@ cluster:
   id: "1"
 
 ## NOTE: ClusterMesh, for connecting multiple clusters
-clustermesh:
-  useAPIServer: true
-  apiserver:
-    replicas: 3
-    service:
-      type: "NodePort"
-      nodePort: 32371
-  config:
-    enabled: true
-    clusters:
-      - name: "hercules"
-        port: 32372
-        ips: ["${IP_HERCULES}"]
+# clustermesh:
+#   useAPIServer: true
+#   apiserver:
+#     replicas: 1
+#     service:
+#       type: "NodePort"
+#       nodePort: 32371
+#       # type: "LoadBalancer"
+#       # annotations:
+#       #   "io.cilium/lb-ipam-ips": "${IP_CILIUM_CLUSTERMESH_BIOHAZARD}"
+#   config:
+#     enabled: true
+#     clusters:
+#       - name: "hercules"
+#         port: 32372
+#         ips: ["${IP_HERCULES}"]
 
 ## NOTE: Cilium's routing modes for inter-nodes pod traffic
-# tunnel: "disabled"
-# autoDirectNodeRoutes: true
-# ipv4NativeRoutingCIDR: "${IP_POD_CIDR_V4}"
+tunnel: "disabled"
+autoDirectNodeRoutes: true
+ipv4NativeRoutingCIDR: "${IP_POD_CIDR_V4}"
 ### using Geneve tunnel for simpler routing and easier ClusterMesh across WireGuard
-routingMode: tunnel
-tunnelProtocol: geneve
+# routingMode: tunnel
+# tunnelProtocol: geneve
 loadBalancer:
   algorithm: maglev
   mode: dsr
-  dsrDispatch: geneve
+  # dsrDispatch: geneve
   # acceleration: best-effort
 
 ## NOTE: Cilium's networking internals