CAPM3 (capm3-system namespace pods) should not be running among workloads

[tuminoid]

What steps did you take and what happened:
As discussed in metal3-sec group related to metal3-io/baremetal-operator#1241 CAPM3/IPAM (capm3-system namespace) should not be running among user workloads, but with k8s controlplane or infra nodes.

What did you expect to happen:
CAPM3/IPAM (capm3-system) is running on controlplane or in infra nodes, not among regular workload. These should be sensible default value, and documentation should be available to explain the options.

Environment:

• CAPM3 version: any/latest
• Environment (metal3-dev-env or other): any

/kind bug
/kind documentation
/assign @lentzi90

[Rozzii]

/triage accepted
/help

[metal3-io-bot]

@Rozzii:
This request has been marked as needing help from a contributor.

Please ensure the request meets the requirements listed here.

If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help command.

In response to this:

/triage accepted
/help

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[metal3-io-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues will close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[Rozzii]

Would be welcomed I will move this to frozen, no need to always remove the stale
/lifecycle frozen