agent: revert CNI result addresses inclusion; document k8s limit

Kubernetes limits pod.status.podIPs to one IPv4 + one IPv6 per pod.
Additional IPs in the CNI result are silently dropped by kubelet, making
the resultFromAllocation change in 4a60c00 a no-op. Revert it and add
a comment documenting the constraint so the intent is clear.

Addresses IPs remain fully functional: bound to eth0, advertised via
BGP, visible inside the pod — just not reflected in pod status.

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>

pkg/agent/handlers.go

@@ -254,25 +254,11 @@ func resultFromAllocation(ifName string, a Allocation) *current.Result {
 			Address:   net.IPNet{IP: ip4, Mask: net.CIDRMask(32, 32)},
 		})
 	}
-	// Addresses are assigned to eth0 and should appear in pod.status.podIPs
+	// Addresses IPs are intentionally excluded from the CNI result.
-	// so Kubernetes and workloads that inspect pod metadata see them.
+	// Kubernetes limits pod.status.podIPs to one IPv4 + one IPv6; any
-	for _, s := range a.Addresses {
+	// additional IPs returned here are silently dropped by kubelet. The
-		ip := net.ParseIP(s)
+	// addresses IPs are visible inside the pod on eth0 and advertised via
-		if ip == nil {
+	// BGP — that is sufficient for workload use.
-			continue
-		}
-		if v4 := ip.To4(); v4 != nil {
-			r.IPs = append(r.IPs, &current.IPConfig{
-				Interface: intPtr(0),
-				Address:   net.IPNet{IP: v4, Mask: net.CIDRMask(32, 32)},
-			})
-		} else {
-			r.IPs = append(r.IPs, &current.IPConfig{
-				Interface: intPtr(0),
-				Address:   net.IPNet{IP: ip.To16(), Mask: net.CIDRMask(128, 128)},
-			})
-		}
-	}
 	return r
 }