Disable default IPv4 IPPool creation when ipv4_stack=false in pure IPv6 deployments (Calico) and ip assignment to the PODs

[kanyahal06]

What would you like to be added

• In a pure IPv6 Kubernetes deployment using Kubespray v2.29.1, setting:

k8s-cluster.yml
ipv6_stack: true ipv4_stack: false

• To correctly disable IPv4 address autodetection in the calico-node DaemonSet. The following environment variables are rendered as expected:
  File: extra_playbooks/roles/network_plugin/calico/templates/calico-node.yml.j2

`
- name: IP
  value: none
- name: IP6
  value: autodetect
- name: IP_AUTODETECTION_METHOD
  value: can-reach=$(NODE_IP)
`

• However, despite disabling the IPv4 stack, Calico still creates a default IPv4 IPPool (dummy pool), which is visible via:

calicoctl get ippools

• From reviewing Calico behavior (startup logic), the IPv4 IPPool is automatically created unless explicitly disabled. https://github.com/projectcalico/calico/blob/ad8eb20c55e7f79ad4a98ebaec6ba1fc055b7c7c/node/pkg/lifecycle/startup/startup.go#L742

This can be controlled via:

`- name: CALICO_IPV4POOL_CIDR
  value: "none"
`

• Kubespray currently does not set this variable when ipv4_stack=false.

• When ipv4_stack: false is configured, Kubespray should explicitly disable IPv4 pool creation by adding the following environment variable to the calico-node DaemonSet:

`{% if not ipv4_stack %}
- name: CALICO_IPV4POOL_CIDR
  value: "none"
{% endif %}
`

• Also, by default the calico-ipam has only
  File: roles/network_plugin/calico/templates/calico-config.yml.j2
  assign_ipv6: true
  this results in assigning the IP from the dummy ipv4 pool created by calico. As per the tigera documentation (https://docs.tigera.io/calico/latest/networking/ipam/ipv6#enable-ipv6-only) for pure ipv6, this should look something like

assign_ipv6: true, 
assign_ipv4: false

Why is this needed

• The presence of an IPv4 IPPool contradicts the intent of a pure IPv6 cluster.

• Although this IPv4 pool does not currently impact functionality, it introduces:

• Configuration inconsistency
  Potential confusion for operators
  Deviation from expected "IPv6-only" behavior