const containerSubPathDirectoryName … const nofollowFlags … const openFDFlags … type subpath … // New returns a subpath.Interface for the current system func New(mounter mount.Interface) Interface { … } func (sp *subpath) CleanSubPaths(podDir string, volumeName string) error { … } func (sp *subpath) SafeMakeDir(subdir string, base string, perm os.FileMode) error { … } func (sp *subpath) PrepareSafeSubpath(subPath Subpath) (newHostPath string, cleanupAction func(), err error) { … } // This implementation is shared between Linux and NsEnter func safeOpenSubPath(mounter mount.Interface, subpath Subpath) (int, error) { … } // prepareSubpathTarget creates target for bind-mount of subpath. It returns // "true" when the target already exists and something is mounted there. // Given Subpath must have all paths with already resolved symlinks and with // paths relevant to kubelet (when it runs in a container). // This function is called also by NsEnterMounter. It works because // /var/lib/kubelet is mounted from the host into the container with Kubelet as // /var/lib/kubelet too. func prepareSubpathTarget(mounter mount.Interface, subpath Subpath) (bool, string, error) { … } func checkSubPathFileEqual(subpath Subpath, bindMountTarget string) (bool, error) { … } func getSubpathBindTarget(subpath Subpath) string { … } func doBindSubPath(mounter mount.Interface, subpath Subpath) (hostPath string, err error) { … } // This implementation is shared between Linux and NsEnter func doCleanSubPaths(mounter mount.Interface, podDir string, volumeName string) error { … } // doCleanSubPath tears down the single subpath bind mount func doCleanSubPath(mounter mount.Interface, fullContainerDirPath, subPathIndex string) error { … } // cleanSubPath will teardown the subpath bind mount and any remove any directories if empty func cleanSubPath(mounter mount.Interface, subpath Subpath) error { … } // removeEmptyDirs works backwards from endDir to baseDir and removes each directory // if it is empty. It stops once it encounters a directory that has content func removeEmptyDirs(baseDir, endDir string) error { … } // This implementation is shared between Linux and NsEnterMounter. Both pathname // and base must be either already resolved symlinks or thet will be resolved in // kubelet's mount namespace (in case it runs containerized). func doSafeMakeDir(pathname string, base string, perm os.FileMode) error { … } // findExistingPrefix finds prefix of pathname that exists. In addition, it // returns list of remaining directories that don't exist yet. func findExistingPrefix(base, pathname string) (string, []string, error) { … } // This implementation is shared between Linux and NsEnterMounter // Open path and return its fd. // Symlinks are disallowed (pathname must already resolve symlinks), // and the path must be within the base directory. func doSafeOpen(pathname string, base string) (int, error) { … }