apiserver identity: use persistent identity format based on hostname

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
2025-07-21 10:51:29 +00:00 · 2022-10-24 11:24:26 -04:00 · 2022-10-24 11:24:26 -04:00 · 21507902ba
commit 21507902ba
parent 208b2b7ca9
2 changed files with 19 additions and 1 deletions
--- a/pkg/controlplane/instance.go
+++ b/pkg/controlplane/instance.go
@ -21,6 +21,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"os"
 	"reflect"
 	"strconv"
 	"time"
@ -515,6 +516,14 @@ func labelAPIServerHeartbeat(lease *coordinationapiv1.Lease) error {
 	}
 	// This label indicates that kube-apiserver owns this identity lease object
 	lease.Labels[IdentityLeaseComponentLabelKey] = KubeAPIServer
+
+	hostname, err := os.Hostname()
+	if err != nil {
+		return err
+	}
+
+	// convenience label to easily map a lease object to a specific apiserver
+	lease.Labels[apiv1.LabelHostname] = hostname
 	return nil
 }

--- a/staging/src/k8s.io/apiserver/pkg/server/config.go
+++ b/staging/src/k8s.io/apiserver/pkg/server/config.go
@ -19,8 +19,10 @@ package server
 import (
 	"context"
 	"fmt"
+	"hash/fnv"
 	"net"
 	"net/http"
+	"os"
 	goruntime "runtime"
 	"runtime/debug"
 	"sort"
@ -328,7 +330,14 @@ func NewConfig(codecs serializer.CodecFactory) *Config {
 	defaultHealthChecks := []healthz.HealthChecker{healthz.PingHealthz, healthz.LogHealthz}
 	var id string
 	if utilfeature.DefaultFeatureGate.Enabled(genericfeatures.APIServerIdentity) {
-		id = "kube-apiserver-" + uuid.New().String()
+		hostname, err := os.Hostname()
+		if err != nil {
+			klog.Fatalf("error getting hostname for apiserver identity: %v", err)
+		}
+
+		h := fnv.New32a()
+		h.Write([]byte(hostname))
+		id = "kube-apiserver-" + fmt.Sprint(h.Sum32())
 	}
 	lifecycleSignals := newLifecycleSignals()