apiserver identity : use SHA256 hash in lease names

Signed-off-by: Andrew Sy Kim <andrewsy@google.com>

staging/src/k8s.io/apiserver/pkg/server/config.go

@@ -18,8 +18,9 @@ package server
 
 import (
 	"context"
+	"crypto/sha256"
+	"encoding/base32"
 	"fmt"
-	"hash/fnv"
 	"net"
 	"net/http"
 	"os"
@@ -335,9 +336,8 @@ func NewConfig(codecs serializer.CodecFactory) *Config {
 			klog.Fatalf("error getting hostname for apiserver identity: %v", err)
 		}
 
-		h := fnv.New32a()
+		hash := sha256.Sum256([]byte(hostname))
-		h.Write([]byte(hostname))
+		id = "kube-apiserver-" + strings.ToLower(base32.StdEncoding.WithPadding(base32.NoPadding).EncodeToString(hash[:16]))
-		id = "kube-apiserver-" + fmt.Sprint(h.Sum32())
 	}
 	lifecycleSignals := newLifecycleSignals()
 

test/integration/controlplane/apiserver_identity_test.go

@@ -18,9 +18,11 @@ package controlplane
 
 import (
 	"context"
+	"crypto/sha256"
+	"encoding/base32"
 	"fmt"
-	"hash/fnv"
 	"os"
+	"strings"
 	"testing"
 	"time"
 
@@ -44,9 +46,8 @@ const (
 )
 
 func expectedAPIServerIdentity(hostname string) string {
-	h := fnv.New32a()
+	hash := sha256.Sum256([]byte(hostname))
-	h.Write([]byte(hostname))
+	return "kube-apiserver-" + strings.ToLower(base32.StdEncoding.WithPadding(base32.NoPadding).EncodeToString(hash[:16]))
-	return "kube-apiserver-" + fmt.Sprint(h.Sum32())
 }
 
 func TestCreateLeaseOnStart(t *testing.T) {