Merge pull request #12439 from rifelpet/nth-truncate

Truncate cluster name in NTH EventBridgeRules

cmd/kops/integration_test.go

@@ -47,6 +47,7 @@ import (
 	"k8s.io/kops/pkg/testutils/golden"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup"
+	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
 	"k8s.io/kops/upup/pkg/fi/cloudup/gce"
 	"sigs.k8s.io/yaml"
 )
@@ -639,11 +640,11 @@ func TestAPIServerNodes(t *testing.T) {
 
 // TestNTHQueueProcessor tests the output for resources required by NTH Queue Processor mode
 func TestNTHQueueProcessor(t *testing.T) {
-	newIntegrationTest("nthsqsresources.example.com", "nth_sqs_resources").
+	newIntegrationTest("nthsqsresources.longclustername.example.com", "nth_sqs_resources").
 		withNTH().
 		withAddons(dnsControllerAddon).
 		runTestTerraformAWS(t)
-	newIntegrationTest("nthsqsresources.example.com", "nth_sqs_resources").
+	newIntegrationTest("nthsqsresources.longclustername.example.com", "nth_sqs_resources").
 		runTestCloudformation(t)
 }
 
@@ -1028,10 +1029,10 @@ func (i *integrationTest) runTestTerraformAWS(t *testing.T) {
 		if i.nth {
 			expectedFilenames = append(expectedFilenames, []string{
 				"aws_s3_bucket_object_" + i.clusterName + "-addons-node-termination-handler.aws-k8s-1.11_content",
-				"aws_cloudwatch_event_rule_" + i.clusterName + "-ASGLifecycle_event_pattern",
+				"aws_cloudwatch_event_rule_" + awsup.GetClusterName40(i.clusterName) + "-ASGLifecycle_event_pattern",
-				"aws_cloudwatch_event_rule_" + i.clusterName + "-RebalanceRecommendation_event_pattern",
+				"aws_cloudwatch_event_rule_" + awsup.GetClusterName40(i.clusterName) + "-RebalanceRecommendation_event_pattern",
-				"aws_cloudwatch_event_rule_" + i.clusterName + "-SpotInterruption_event_pattern",
+				"aws_cloudwatch_event_rule_" + awsup.GetClusterName40(i.clusterName) + "-SpotInterruption_event_pattern",
-				"aws_cloudwatch_event_rule_" + i.clusterName + "-InstanceStateChange_event_pattern",
+				"aws_cloudwatch_event_rule_" + awsup.GetClusterName40(i.clusterName) + "-InstanceStateChange_event_pattern",
 				"aws_sqs_queue_" + strings.Replace(i.clusterName, ".", "-", -1) + "-nth_policy",
 			}...)
 		}

cmd/kops/lifecycle_integration_test.go

@@ -174,8 +174,9 @@ func TestLifecyclePrivateSharedIP(t *testing.T) {
 // TestLifecycleNodeTerminationHandlerQueueProcessor runs the test on a cluster with requisite resources for NTH Queue Processor
 func TestLifecycleNodeTerminationHandlerQueueProcessor(t *testing.T) {
 	runLifecycleTestAWS(&LifecycleTestOptions{
-		t:      t,
+		t:           t,
-		SrcDir: "nth_sqs_resources",
+		SrcDir:      "nth_sqs_resources",
+		ClusterName: "nthsqsresources.longclustername.example.com",
 	})
 }
 

pkg/model/awsmodel/nodeterminationhandler.go

@@ -22,6 +22,7 @@ import (
 	"k8s.io/kops/pkg/model"
 
 	"k8s.io/kops/upup/pkg/fi/cloudup/awstasks"
+	"k8s.io/kops/upup/pkg/fi/cloudup/awsup"
 
 	"github.com/aws/aws-sdk-go/aws"
 	"k8s.io/kops/pkg/apis/kops"
@@ -143,9 +144,10 @@ func (b *NodeTerminationHandlerBuilder) buildEventBridgeRules(c *fi.ModelBuilder
 	accountID := b.AWSAccountID
 	targetArn := "arn:aws:sqs:" + region + ":" + accountID + ":" + queueName
 
+	clusterNamePrefix := awsup.GetClusterName40(clusterName)
 	for _, event := range events {
 		// build rule
-		ruleName := aws.String(clusterName + "-" + event.name)
+		ruleName := aws.String(clusterNamePrefix + "-" + event.name)
 		pattern := event.pattern
 
 		ruleTask := &awstasks.EventBridgeRule{

pkg/resources/aws/eventbridge.go

@@ -78,12 +78,13 @@ func ListEventBridgeRules(cloud fi.Cloud, clusterName string) ([]*resources.Reso
 	c := cloud.(awsup.AWSCloud)
 
 	klog.V(2).Infof("Listing EventBridge rules")
+	clusterNamePrefix := awsup.GetClusterName40(clusterName)
 
 	// rule names start with the cluster name so that we can search for them
 	request := &eventbridge.ListRulesInput{
 		EventBusName: nil,
 		Limit:        nil,
-		NamePrefix:   aws.String(clusterName),
+		NamePrefix:   aws.String(clusterNamePrefix),
 	}
 	response, err := c.EventBridge().ListRules(request)
 	if err != nil {

tests/integration/update_cluster/nth_sqs_resources/cloudformation.json.extracted.yaml

@@ -1,4 +1,5 @@
-Resources.AWSEC2LaunchTemplatemasterustest1amastersnthsqsresourcesexamplecom.Properties.LaunchTemplateData.UserData: |
+? Resources.AWSEC2LaunchTemplatemasterustest1amastersnthsqsresourceslongclusternameexamplecom.Properties.LaunchTemplateData.UserData
+: |
   #!/bin/bash
   set -o errexit
   set -o nounset
@@ -179,8 +180,8 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersnthsqsresourcesexamplecom.Pro
     requestheaderUsernameHeaders:
     - X-Remote-User
     securePort: 443
-    serviceAccountIssuer: https://api.internal.nthsqsresources.example.com
+    serviceAccountIssuer: https://api.internal.nthsqsresources.longclustername.example.com
-    serviceAccountJWKSURI: https://api.internal.nthsqsresources.example.com/openid/v1/jwks
+    serviceAccountJWKSURI: https://api.internal.nthsqsresources.longclustername.example.com/openid/v1/jwks
     serviceClusterIPRange: 100.64.0.0/13
     storageBackend: etcd3
   kubeControllerManager:
@@ -188,7 +189,7 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersnthsqsresourcesexamplecom.Pro
     attachDetachReconcileSyncPeriod: 1m0s
     cloudProvider: aws
     clusterCIDR: 100.96.0.0/11
-    clusterName: nthsqsresources.example.com
+    clusterName: nthsqsresources.longclustername.example.com
     configureCloudRoutes: false
     image: k8s.gcr.io/kube-controller-manager:v1.20.0
     leaderElection:
@@ -242,16 +243,16 @@ Resources.AWSEC2LaunchTemplatemasterustest1amastersnthsqsresourcesexamplecom.Pro
 
   cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
   CloudProvider: aws
-  ConfigBase: memfs://clusters.example.com/nthsqsresources.example.com
+  ConfigBase: memfs://clusters.example.com/nthsqsresources.longclustername.example.com
   InstanceGroupName: master-us-test-1a
   InstanceGroupRole: Master
-  NodeupConfigHash: CQPZFIY4im/2GcHbUCIbx6Stn6kfDXPqRsy1xkyjSL0=
+  NodeupConfigHash: sGrshxpFidkBKocZgsdNwpRH3cwwL2f5KPGr751qKmg=
 
   __EOF_KUBE_ENV
 
   download-release
   echo "== nodeup node config done =="
-Resources.AWSEC2LaunchTemplatenodesnthsqsresourcesexamplecom.Properties.LaunchTemplateData.UserData: |
+Resources.AWSEC2LaunchTemplatenodesnthsqsresourceslongclusternameexamplecom.Properties.LaunchTemplateData.UserData: |
   #!/bin/bash
   set -o errexit
   set -o nounset
@@ -413,10 +414,10 @@ Resources.AWSEC2LaunchTemplatenodesnthsqsresourcesexamplecom.Properties.LaunchTe
 
   cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
   CloudProvider: aws
-  ConfigBase: memfs://clusters.example.com/nthsqsresources.example.com
+  ConfigBase: memfs://clusters.example.com/nthsqsresources.longclustername.example.com
   InstanceGroupName: nodes
   InstanceGroupRole: Node
-  NodeupConfigHash: 5KnqQJ045S8OADWs9ZyNvtubFIYrD55hh4OiqPcn3z8=
+  NodeupConfigHash: JDdsIp2tzHSnDmPELOQk6uvokC81/DO5ElOEu3937GY=
 
   __EOF_KUBE_ENV
 

tests/integration/update_cluster/nth_sqs_resources/data/aws_iam_role_policy_masters.nthsqsresources.longclustername.example.com_policy

@@ -4,7 +4,7 @@
       "Action": "ec2:AttachVolume",
       "Condition": {
         "StringEquals": {
-          "aws:ResourceTag/KubernetesCluster": "nthsqsresources.example.com",
+          "aws:ResourceTag/KubernetesCluster": "nthsqsresources.longclustername.example.com",
           "aws:ResourceTag/k8s.io/role/master": "1"
         }
       },
@@ -18,7 +18,7 @@
         "s3:Get*"
       ],
       "Effect": "Allow",
-      "Resource": "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.example.com/*"
+      "Resource": "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.longclustername.example.com/*"
     },
     {
       "Action": [
@@ -28,7 +28,7 @@
         "s3:PutObject"
       ],
       "Effect": "Allow",
-      "Resource": "arn:aws:s3:::placeholder-write-bucket/clusters.example.com/nthsqsresources.example.com/backups/etcd/main/*"
+      "Resource": "arn:aws:s3:::placeholder-write-bucket/clusters.example.com/nthsqsresources.longclustername.example.com/backups/etcd/main/*"
     },
     {
       "Action": [
@@ -38,7 +38,7 @@
         "s3:PutObject"
       ],
       "Effect": "Allow",
-      "Resource": "arn:aws:s3:::placeholder-write-bucket/clusters.example.com/nthsqsresources.example.com/backups/etcd/events/*"
+      "Resource": "arn:aws:s3:::placeholder-write-bucket/clusters.example.com/nthsqsresources.longclustername.example.com/backups/etcd/events/*"
     },
     {
       "Action": [
@@ -130,7 +130,7 @@
       "Action": "ec2:DeleteTags",
       "Condition": {
         "StringEquals": {
-          "aws:ResourceTag/KubernetesCluster": "nthsqsresources.example.com"
+          "aws:ResourceTag/KubernetesCluster": "nthsqsresources.longclustername.example.com"
         }
       },
       "Effect": "Allow",
@@ -209,7 +209,7 @@
       ],
       "Condition": {
         "StringEquals": {
-          "aws:ResourceTag/KubernetesCluster": "nthsqsresources.example.com"
+          "aws:ResourceTag/KubernetesCluster": "nthsqsresources.longclustername.example.com"
         }
       },
       "Effect": "Allow",
@@ -227,7 +227,7 @@
       ],
       "Condition": {
         "StringEquals": {
-          "aws:RequestTag/KubernetesCluster": "nthsqsresources.example.com"
+          "aws:RequestTag/KubernetesCluster": "nthsqsresources.longclustername.example.com"
         }
       },
       "Effect": "Allow",

tests/integration/update_cluster/nth_sqs_resources/data/aws_iam_role_policy_nodes.nthsqsresources.longclustername.example.com_policy

@@ -6,10 +6,10 @@
       ],
       "Effect": "Allow",
       "Resource": [
-        "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.example.com/addons/*",
+        "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.longclustername.example.com/addons/*",
-        "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.example.com/cluster-completed.spec",
+        "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.longclustername.example.com/cluster-completed.spec",
-        "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.example.com/igconfig/node/*",
+        "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.longclustername.example.com/igconfig/node/*",
-        "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.example.com/secrets/dockerconfig"
+        "arn:aws:s3:::placeholder-read-bucket/clusters.example.com/nthsqsresources.longclustername.example.com/secrets/dockerconfig"
       ]
     },
     {

tests/integration/update_cluster/nth_sqs_resources/data/aws_launch_template_master-us-test-1a.masters.nthsqsresources.longclustername.example.com_user_data

@@ -178,8 +178,8 @@ kubeAPIServer:
   requestheaderUsernameHeaders:
   - X-Remote-User
   securePort: 443
-  serviceAccountIssuer: https://api.internal.nthsqsresources.example.com
+  serviceAccountIssuer: https://api.internal.nthsqsresources.longclustername.example.com
-  serviceAccountJWKSURI: https://api.internal.nthsqsresources.example.com/openid/v1/jwks
+  serviceAccountJWKSURI: https://api.internal.nthsqsresources.longclustername.example.com/openid/v1/jwks
   serviceClusterIPRange: 100.64.0.0/13
   storageBackend: etcd3
 kubeControllerManager:
@@ -187,7 +187,7 @@ kubeControllerManager:
   attachDetachReconcileSyncPeriod: 1m0s
   cloudProvider: aws
   clusterCIDR: 100.96.0.0/11
-  clusterName: nthsqsresources.example.com
+  clusterName: nthsqsresources.longclustername.example.com
   configureCloudRoutes: false
   image: k8s.gcr.io/kube-controller-manager:v1.20.0
   leaderElection:
@@ -241,10 +241,10 @@ __EOF_CLUSTER_SPEC
 
 cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
 CloudProvider: aws
-ConfigBase: memfs://clusters.example.com/nthsqsresources.example.com
+ConfigBase: memfs://clusters.example.com/nthsqsresources.longclustername.example.com
 InstanceGroupName: master-us-test-1a
 InstanceGroupRole: Master
-NodeupConfigHash: CQPZFIY4im/2GcHbUCIbx6Stn6kfDXPqRsy1xkyjSL0=
+NodeupConfigHash: sGrshxpFidkBKocZgsdNwpRH3cwwL2f5KPGr751qKmg=
 
 __EOF_KUBE_ENV
 

tests/integration/update_cluster/nth_sqs_resources/data/aws_launch_template_nodes.nthsqsresources.longclustername.example.com_user_data

@@ -159,10 +159,10 @@ __EOF_CLUSTER_SPEC
 
 cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
 CloudProvider: aws
-ConfigBase: memfs://clusters.example.com/nthsqsresources.example.com
+ConfigBase: memfs://clusters.example.com/nthsqsresources.longclustername.example.com
 InstanceGroupName: nodes
 InstanceGroupRole: Node
-NodeupConfigHash: 5KnqQJ045S8OADWs9ZyNvtubFIYrD55hh4OiqPcn3z8=
+NodeupConfigHash: JDdsIp2tzHSnDmPELOQk6uvokC81/DO5ElOEu3937GY=
 
 __EOF_KUBE_ENV
 

tests/integration/update_cluster/nth_sqs_resources/data/aws_s3_bucket_object_cluster-completed.spec_content

@@ -2,7 +2,7 @@ apiVersion: kops.k8s.io/v1alpha2
 kind: Cluster
 metadata:
   creationTimestamp: "2016-12-10T22:42:27Z"
-  name: nthsqsresources.example.com
+  name: nthsqsresources.longclustername.example.com
 spec:
   api:
     dns: {}
@@ -15,8 +15,8 @@ spec:
     manageStorageClasses: true
   cloudProvider: aws
   clusterDNSDomain: cluster.local
-  configBase: memfs://clusters.example.com/nthsqsresources.example.com
+  configBase: memfs://clusters.example.com/nthsqsresources.longclustername.example.com
-  configStore: memfs://clusters.example.com/nthsqsresources.example.com
+  configStore: memfs://clusters.example.com/nthsqsresources.longclustername.example.com
   containerRuntime: containerd
   containerd:
     logLevel: info
@@ -26,7 +26,7 @@ spec:
     skipInstall: true
   etcdClusters:
   - backups:
-      backupStore: memfs://clusters.example.com/nthsqsresources.example.com/backups/etcd/main
+      backupStore: memfs://clusters.example.com/nthsqsresources.longclustername.example.com/backups/etcd/main
     enableEtcdTLS: true
     enableTLSAuth: true
     etcdMembers:
@@ -36,7 +36,7 @@ spec:
     provider: Manager
     version: 3.4.13
   - backups:
-      backupStore: memfs://clusters.example.com/nthsqsresources.example.com/backups/etcd/events
+      backupStore: memfs://clusters.example.com/nthsqsresources.longclustername.example.com/backups/etcd/events
     enableEtcdTLS: true
     enableTLSAuth: true
     etcdMembers:
@@ -49,7 +49,7 @@ spec:
     provider: dns-controller
   iam:
     legacy: false
-  keyStore: memfs://clusters.example.com/nthsqsresources.example.com/pki
+  keyStore: memfs://clusters.example.com/nthsqsresources.longclustername.example.com/pki
   kubeAPIServer:
     allowPrivileged: true
     anonymousAuth: false
@@ -89,8 +89,8 @@ spec:
     requestheaderUsernameHeaders:
     - X-Remote-User
     securePort: 443
-    serviceAccountIssuer: https://api.internal.nthsqsresources.example.com
+    serviceAccountIssuer: https://api.internal.nthsqsresources.longclustername.example.com
-    serviceAccountJWKSURI: https://api.internal.nthsqsresources.example.com/openid/v1/jwks
+    serviceAccountJWKSURI: https://api.internal.nthsqsresources.longclustername.example.com/openid/v1/jwks
     serviceClusterIPRange: 100.64.0.0/13
     storageBackend: etcd3
   kubeControllerManager:
@@ -98,7 +98,7 @@ spec:
     attachDetachReconcileSyncPeriod: 1m0s
     cloudProvider: aws
     clusterCIDR: 100.96.0.0/11
-    clusterName: nthsqsresources.example.com
+    clusterName: nthsqsresources.longclustername.example.com
     configureCloudRoutes: false
     image: k8s.gcr.io/kube-controller-manager:v1.20.0
     leaderElection:
@@ -149,7 +149,7 @@ spec:
   kubernetesApiAccess:
   - 0.0.0.0/0
   kubernetesVersion: 1.20.0
-  masterInternalName: api.internal.nthsqsresources.example.com
+  masterInternalName: api.internal.nthsqsresources.longclustername.example.com
   masterKubelet:
     anonymousAuth: false
     cgroupDriver: systemd
@@ -166,7 +166,7 @@ spec:
     nonMasqueradeCIDR: 100.64.0.0/10
     podManifestPath: /etc/kubernetes/manifests
     registerSchedulable: false
-  masterPublicName: api.nthsqsresources.example.com
+  masterPublicName: api.nthsqsresources.longclustername.example.com
   networkCIDR: 172.20.0.0/16
   networking:
     cni: {}
@@ -183,7 +183,7 @@ spec:
     prometheusEnable: false
   nonMasqueradeCIDR: 100.64.0.0/10
   podCIDR: 100.96.0.0/11
-  secretStore: memfs://clusters.example.com/nthsqsresources.example.com/secrets
+  secretStore: memfs://clusters.example.com/nthsqsresources.longclustername.example.com/secrets
   serviceClusterIPRange: 100.64.0.0/13
   sshAccess:
   - 0.0.0.0/0

tests/integration/update_cluster/nth_sqs_resources/data/aws_s3_bucket_object_manifests-etcdmanager-events_content

@@ -12,13 +12,13 @@ spec:
     - /bin/sh
     - -c
     - mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager
-      --backup-store=memfs://clusters.example.com/nthsqsresources.example.com/backups/etcd/events
+      --backup-store=memfs://clusters.example.com/nthsqsresources.longclustername.example.com/backups/etcd/events
       --client-urls=https://__name__:4002 --cluster-name=etcd-events --containerized=true
-      --dns-suffix=.internal.nthsqsresources.example.com --grpc-port=3997 --peer-urls=https://__name__:2381
+      --dns-suffix=.internal.nthsqsresources.longclustername.example.com --grpc-port=3997
-      --quarantine-client-urls=https://__name__:3995 --v=6 --volume-name-tag=k8s.io/etcd/events
+      --peer-urls=https://__name__:2381 --quarantine-client-urls=https://__name__:3995
-      --volume-provider=aws --volume-tag=k8s.io/etcd/events --volume-tag=k8s.io/role/master=1
+      --v=6 --volume-name-tag=k8s.io/etcd/events --volume-provider=aws --volume-tag=k8s.io/etcd/events
-      --volume-tag=kubernetes.io/cluster/nthsqsresources.example.com=owned > /tmp/pipe
+      --volume-tag=k8s.io/role/master=1 --volume-tag=kubernetes.io/cluster/nthsqsresources.longclustername.example.com=owned
-      2>&1
+      > /tmp/pipe 2>&1
     image: k8s.gcr.io/etcdadm/etcd-manager:3.0.20210707
     name: etcd-manager
     resources:

tests/integration/update_cluster/nth_sqs_resources/data/aws_s3_bucket_object_manifests-etcdmanager-main_content

@@ -12,13 +12,13 @@ spec:
     - /bin/sh
     - -c
     - mkfifo /tmp/pipe; (tee -a /var/log/etcd.log < /tmp/pipe & ) ; exec /etcd-manager
-      --backup-store=memfs://clusters.example.com/nthsqsresources.example.com/backups/etcd/main
+      --backup-store=memfs://clusters.example.com/nthsqsresources.longclustername.example.com/backups/etcd/main
       --client-urls=https://__name__:4001 --cluster-name=etcd --containerized=true
-      --dns-suffix=.internal.nthsqsresources.example.com --grpc-port=3996 --peer-urls=https://__name__:2380
+      --dns-suffix=.internal.nthsqsresources.longclustername.example.com --grpc-port=3996
-      --quarantine-client-urls=https://__name__:3994 --v=6 --volume-name-tag=k8s.io/etcd/main
+      --peer-urls=https://__name__:2380 --quarantine-client-urls=https://__name__:3994
-      --volume-provider=aws --volume-tag=k8s.io/etcd/main --volume-tag=k8s.io/role/master=1
+      --v=6 --volume-name-tag=k8s.io/etcd/main --volume-provider=aws --volume-tag=k8s.io/etcd/main
-      --volume-tag=kubernetes.io/cluster/nthsqsresources.example.com=owned > /tmp/pipe
+      --volume-tag=k8s.io/role/master=1 --volume-tag=kubernetes.io/cluster/nthsqsresources.longclustername.example.com=owned
-      2>&1
+      > /tmp/pipe 2>&1
     image: k8s.gcr.io/etcdadm/etcd-manager:3.0.20210707
     name: etcd-manager
     resources:

tests/integration/update_cluster/nth_sqs_resources/data/aws_s3_bucket_object_nodeupconfig-master-us-test-1a_content

@@ -38,8 +38,8 @@ APIServerConfig:
     requestheaderUsernameHeaders:
     - X-Remote-User
     securePort: 443
-    serviceAccountIssuer: https://api.internal.nthsqsresources.example.com
+    serviceAccountIssuer: https://api.internal.nthsqsresources.longclustername.example.com
-    serviceAccountJWKSURI: https://api.internal.nthsqsresources.example.com/openid/v1/jwks
+    serviceAccountJWKSURI: https://api.internal.nthsqsresources.longclustername.example.com/openid/v1/jwks
     serviceClusterIPRange: 100.64.0.0/13
     storageBackend: etcd3
   ServiceAccountPublicKeys: |
@@ -218,7 +218,7 @@ CAs:
     MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA
     9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw==
     -----END CERTIFICATE-----
-ClusterName: nthsqsresources.example.com
+ClusterName: nthsqsresources.longclustername.example.com
 Hooks:
 - null
 - null
@@ -255,13 +255,13 @@ KubeletConfig:
   registerSchedulable: false
 UpdatePolicy: automatic
 channels:
-- memfs://clusters.example.com/nthsqsresources.example.com/addons/bootstrap-channel.yaml
+- memfs://clusters.example.com/nthsqsresources.longclustername.example.com/addons/bootstrap-channel.yaml
 containerdConfig:
   logLevel: info
   version: 1.4.9
 etcdManifests:
-- memfs://clusters.example.com/nthsqsresources.example.com/manifests/etcd/main.yaml
+- memfs://clusters.example.com/nthsqsresources.longclustername.example.com/manifests/etcd/main.yaml
-- memfs://clusters.example.com/nthsqsresources.example.com/manifests/etcd/events.yaml
+- memfs://clusters.example.com/nthsqsresources.longclustername.example.com/manifests/etcd/events.yaml
 staticManifests:
 - key: kube-apiserver-healthcheck
   path: manifests/static/kube-apiserver-healthcheck.yaml

tests/integration/update_cluster/nth_sqs_resources/data/aws_s3_bucket_object_nodeupconfig-nodes_content

@@ -31,7 +31,7 @@ CAs:
     MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA
     9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw==
     -----END CERTIFICATE-----
-ClusterName: nthsqsresources.example.com
+ClusterName: nthsqsresources.longclustername.example.com
 Hooks:
 - null
 - null
@@ -57,7 +57,7 @@ KubeletConfig:
   podManifestPath: /etc/kubernetes/manifests
 UpdatePolicy: automatic
 channels:
-- memfs://clusters.example.com/nthsqsresources.example.com/addons/bootstrap-channel.yaml
+- memfs://clusters.example.com/nthsqsresources.longclustername.example.com/addons/bootstrap-channel.yaml
 containerdConfig:
   logLevel: info
   version: 1.4.9

tests/integration/update_cluster/nth_sqs_resources/data/aws_s3_bucket_object_nthsqsresources.longclustername.example.com-addons-bootstrap_content

@@ -6,7 +6,7 @@ spec:
   addons:
   - id: k8s-1.16
     manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml
-    manifestHash: 8656b419fca43a10d6dde2c752a4807dad2ad1864da5a5fec0271b76e9c867ff
+    manifestHash: 18c72d62b12d7360b45e9d8e858e62e0f74be2f546427bdd05aad65958a3c443
     name: kops-controller.addons.k8s.io
     needsRollingUpdate: control-plane
     selector:
@@ -41,7 +41,7 @@ spec:
       k8s-addon: dns-controller.addons.k8s.io
   - id: k8s-1.11
     manifest: node-termination-handler.aws/k8s-1.11.yaml
-    manifestHash: c03c13e87cb8c6a7731fdbc08c9f99e1c960a9da71696fd33b781eca51de22dc
+    manifestHash: 424354959edcf24bcc3e1a3099b5b0a4525d59e2336a36940995ae51ead4ab08
     name: node-termination-handler.aws
     selector:
       k8s-addon: node-termination-handler.aws

tests/integration/update_cluster/nth_sqs_resources/data/aws_s3_bucket_object_nthsqsresources.longclustername.example.com-addons-kops-controller.addons.k8s.io-k8s-1.16_content

@@ -1,7 +1,7 @@
 apiVersion: v1
 data:
   config.yaml: |
-    {"cloud":"aws","configBase":"memfs://clusters.example.com/nthsqsresources.example.com","server":{"Listen":":3988","provider":{"aws":{"nodesRoles":["nodes.nthsqsresources.example.com"],"Region":"us-test-1"}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}}
+    {"cloud":"aws","configBase":"memfs://clusters.example.com/nthsqsresources.longclustername.example.com","server":{"Listen":":3988","provider":{"aws":{"nodesRoles":["nodes.nthsqsresources.longclustername.example.com"],"Region":"us-test-1"}},"serverKeyPath":"/etc/kubernetes/kops-controller/pki/kops-controller.key","serverCertificatePath":"/etc/kubernetes/kops-controller/pki/kops-controller.crt","caBasePath":"/etc/kubernetes/kops-controller/pki","signingCAs":["kubernetes-ca"],"certNames":["kubelet","kubelet-server","kube-proxy"]}}
 kind: ConfigMap
 metadata:
   creationTimestamp: null
@@ -33,7 +33,7 @@ spec:
   template:
     metadata:
       annotations:
-        dns.alpha.kubernetes.io/internal: kops-controller.internal.nthsqsresources.example.com
+        dns.alpha.kubernetes.io/internal: kops-controller.internal.nthsqsresources.longclustername.example.com
       labels:
         k8s-addon: kops-controller.addons.k8s.io
         k8s-app: kops-controller

tests/integration/update_cluster/nth_sqs_resources/data/aws_s3_bucket_object_nthsqsresources.longclustername.example.com-addons-node-termination-handler.aws-k8s-1.11_content

@@ -186,7 +186,7 @@ spec:
         - name: ENABLE_SQS_TERMINATION_DRAINING
           value: "true"
         - name: QUEUE_URL
-          value: https://sqs.us-test-1.amazonaws.com/123456789012/nthsqsresources-example-com-nth
+          value: https://sqs.us-test-1.amazonaws.com/123456789012/nthsqsresources-longclustername-example-com-nth
         - name: PROMETHEUS_SERVER_PORT
           value: "9092"
         - name: AWS_REGION

tests/integration/update_cluster/nth_sqs_resources/data/aws_sqs_queue_nthsqsresources-longclustername-example-com-nth_policy

@@ -6,6 +6,6 @@
 				"Service": ["events.amazonaws.com", "sqs.amazonaws.com"]
 			},
 			"Action": "sqs:SendMessage",
-			"Resource": "arn:aws:sqs:us-test-1:123456789012:nthsqsresources-example-com-nth"
+			"Resource": "arn:aws:sqs:us-test-1:123456789012:nthsqsresources-longclustername-example-com-nth"
 		}]
 	}

tests/integration/update_cluster/nth_sqs_resources/in-v1alpha2.yaml

@@ -2,13 +2,13 @@ apiVersion: kops.k8s.io/v1alpha2
 kind: Cluster
 metadata:
   creationTimestamp: "2016-12-10T22:42:27Z"
-  name: nthsqsresources.example.com
+  name: nthsqsresources.longclustername.example.com
 spec:
   kubernetesApiAccess:
     - 0.0.0.0/0
   channel: stable
   cloudProvider: aws
-  configBase: memfs://clusters.example.com/nthsqsresources.example.com
+  configBase: memfs://clusters.example.com/nthsqsresources.longclustername.example.com
   etcdClusters:
     - etcdMembers:
         - instanceGroup: master-us-test-1a
@@ -22,8 +22,8 @@ spec:
   kubelet:
     anonymousAuth: false
   kubernetesVersion: v1.20.0
-  masterInternalName: api.internal.nthsqsresources.example.com
+  masterInternalName: api.internal.nthsqsresources.longclustername.example.com
-  masterPublicName: api.nthsqsresources.example.com
+  masterPublicName: api.nthsqsresources.longclustername.example.com
   networkCIDR: 172.20.0.0/16
   networking:
     cni: {}
@@ -50,7 +50,7 @@ metadata:
   creationTimestamp: "2016-12-10T22:42:28Z"
   name: nodes
   labels:
-    kops.k8s.io/cluster: nthsqsresources.example.com
+    kops.k8s.io/cluster: nthsqsresources.longclustername.example.com
 spec:
   associatePublicIp: true
   image: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2016-10-21
@@ -69,7 +69,7 @@ metadata:
   creationTimestamp: "2016-12-10T22:42:28Z"
   name: master-us-test-1a
   labels:
-    kops.k8s.io/cluster: nthsqsresources.example.com
+    kops.k8s.io/cluster: nthsqsresources.longclustername.example.com
 spec:
   associatePublicIp: true
   image: kope.io/k8s-1.4-debian-jessie-amd64-hvm-ebs-2016-10-21

upup/pkg/fi/cloudup/awsup/aws_utils.go

@@ -221,6 +221,13 @@ func ELBv2Tags(tags map[string]string) []*elbv2.Tag {
 	return elbv2Tags
 }
 
+// GetClusterName40 will attempt to calculate a meaningful cluster name with a max length of 40
+func GetClusterName40(cluster string) string {
+	return TruncateString(cluster, TruncateStringOptions{
+		MaxLength: 40,
+	})
+}
+
 // GetResourceName32 will attempt to calculate a meaningful name for a resource given a prefix
 // Will never return a string longer than 32 chars
 func GetResourceName32(cluster string, prefix string) string {