Spikes NETOBSERV-25 and NETOBSERV-54 were done to investigate on our potential use of eBPF. This is a follow-up.

Currently, the network-observability-operator configures OVS to export net flows in IPFIX format. This is dependent on the CNI (here OVN-kubernetes) and has a non-negligible resource overhead.

Switching this model to eBPF should make it CNI independent, and with less overhead. The goal of this epic is to generate similar data, ie. network flow logs, still kube-enriched, still stored in Loki, that can be used as a replacement of the OVS export + goflow collector setup.

The network-observability-operator will be updated to enable the ebpf-based collection pipeline.

Note: we'll split up the work and address performance optimization in a second epic: NETOBSERV-189

As a reference, there is some previous research in this document:  https://docs.google.com/document/d/1xxh7Lnhd-yHsjgHllb231AouW4_dnBSEq8MA7L01bv4/edit#

(In case of any inconsistency between the previous research document and the Jira issues in this EPIC, the Jira issues would prevail).