Merge pull request kubernetes#122016 from carlory/ref-pr-80043

removed the dependency on `k8s.io/util/nsenter`

Author: k8s-ci-robot

pkg/volume/util/hostutil/hostutil_linux.go

@@ -66,7 +66,7 @@ func (hu *HostUtil) PathIsDevice(pathname string) (bool, error) {
 	return isDevice, err
 }
 
-// ExclusiveOpenFailsOnDevice is shared with NsEnterMounter
+// ExclusiveOpenFailsOnDevice checks if block device in use by calling Open with O_EXCL flag.
 func ExclusiveOpenFailsOnDevice(pathname string) (bool, error) {
 	var isDevice bool
 	finfo, err := os.Stat(pathname)
@@ -154,8 +154,6 @@ func (hu *HostUtil) PathExists(pathname string) (bool, error) {
 }
 
 // EvalHostSymlinks returns the path name after evaluating symlinks.
-// TODO once the nsenter implementation is removed, this method can be removed
-// from the interface and filepath.EvalSymlinks used directly
 func (hu *HostUtil) EvalHostSymlinks(pathname string) (string, error) {
 	return filepath.EvalSymlinks(pathname)
 }
@@ -280,8 +278,8 @@ func (hu *HostUtil) GetMode(pathname string) (os.FileMode, error) {
 	return GetModeLinux(pathname)
 }
 
-// GetOwnerLinux is shared between Linux and NsEnterMounter
-// pathname must already be evaluated for symlinks
+// pathname must already be evaluated for symlinks.
+// GetOwnerLinux returns the integer ID for the user and group of the given path.
 func GetOwnerLinux(pathname string) (int64, int64, error) {
 	info, err := os.Stat(pathname)
 	if err != nil {
@@ -291,7 +289,7 @@ func GetOwnerLinux(pathname string) (int64, int64, error) {
 	return int64(stat.Uid), int64(stat.Gid), nil
 }
 
-// GetModeLinux is shared between Linux and NsEnterMounter
+// GetModeLinux returns permissions of the pathname.
 func GetModeLinux(pathname string) (os.FileMode, error) {
 	info, err := os.Stat(pathname)
 	if err != nil {

pkg/volume/util/subpath/subpath_linux.go

@@ -78,7 +78,7 @@ func (sp *subpath) PrepareSafeSubpath(subPath Subpath) (newHostPath string, clea
 	return newHostPath, cleanupAction, err
 }
 
-// This implementation is shared between Linux and NsEnter
+// safeOpenSubPath opens subpath and returns its fd.
 func safeOpenSubPath(mounter mount.Interface, subpath Subpath) (int, error) {
 	if !mount.PathWithinBase(subpath.Path, subpath.VolumePath) {
 		return -1, fmt.Errorf("subpath %q not within volume path %q", subpath.Path, subpath.VolumePath)
@@ -92,11 +92,6 @@ func safeOpenSubPath(mounter mount.Interface, subpath Subpath) (int, error) {
 
 // prepareSubpathTarget creates target for bind-mount of subpath. It returns
 // "true" when the target already exists and something is mounted there.
-// Given Subpath must have all paths with already resolved symlinks and with
-// paths relevant to kubelet (when it runs in a container).
-// This function is called also by NsEnterMounter. It works because
-// /var/lib/kubelet is mounted from the host into the container with Kubelet as
-// /var/lib/kubelet too.
 func prepareSubpathTarget(mounter mount.Interface, subpath Subpath) (bool, string, error) {
 	// Early check for already bind-mounted subpath.
 	bindPathTarget := getSubpathBindTarget(subpath)
@@ -237,7 +232,7 @@ func doBindSubPath(mounter mount.Interface, subpath Subpath) (hostPath string, e
 	return bindPathTarget, nil
 }
 
-// This implementation is shared between Linux and NsEnter
+// doCleanSubPaths tears down the subpath bind mounts for a pod
 func doCleanSubPaths(mounter mount.Interface, podDir string, volumeName string) error {
 	// scan /var/lib/kubelet/pods/<uid>/volume-subpaths/<volume>/*
 	subPathDir := filepath.Join(podDir, containerSubPathDirectoryName, volumeName)
@@ -372,9 +367,7 @@ func removeEmptyDirs(baseDir, endDir string) error {
 	return nil
 }
 
-// This implementation is shared between Linux and NsEnterMounter. Both pathname
-// and base must be either already resolved symlinks or thet will be resolved in
-// kubelet's mount namespace (in case it runs containerized).
+// doSafeMakeDir creates a directory at pathname, but only if it is within base.
 func doSafeMakeDir(pathname string, base string, perm os.FileMode) error {
 	klog.V(4).Infof("Creating directory %q within base %q", pathname, base)
 
@@ -523,7 +516,6 @@ func findExistingPrefix(base, pathname string) (string, []string, error) {
 	return pathname, []string{}, nil
 }
 
-// This implementation is shared between Linux and NsEnterMounter
 // Open path and return its fd.
 // Symlinks are disallowed (pathname must already resolve symlinks),
 // and the path must be within the base directory.

pkg/volume/util/subpath/subpath_unsupported.go

@@ -24,7 +24,6 @@ import (
 	"os"
 
 	"k8s.io/mount-utils"
-	"k8s.io/utils/nsenter"
 )
 
 type subpath struct{}
@@ -36,12 +35,6 @@ func New(mount.Interface) Interface {
 	return &subpath{}
 }
 
-// NewNSEnter is to satisfy the compiler for having NewSubpathNSEnter exist for all
-// OS choices. however, NSEnter is only valid on Linux
-func NewNSEnter(mounter mount.Interface, ne *nsenter.Nsenter, rootDir string) Interface {
-	return nil
-}
-
 func (sp *subpath) PrepareSafeSubpath(subPath Subpath) (newHostPath string, cleanupAction func(), err error) {
 	return subPath.Path, nil, errUnsupported
 }

pkg/volume/util/subpath/subpath_windows.go

@@ -29,7 +29,6 @@ import (
 
 	"k8s.io/klog/v2"
 	"k8s.io/mount-utils"
-	"k8s.io/utils/nsenter"
 )
 
 // MaxPathLength is the maximum length of Windows path. Normally, it is 260, but if long path is enable,
@@ -43,12 +42,6 @@ func New(mount.Interface) Interface {
 	return &subpath{}
 }
 
-// NewNSEnter is to satisfy the compiler for having NewSubpathNSEnter exist for all
-// OS choices. however, NSEnter is only valid on Linux
-func NewNSEnter(mounter mount.Interface, ne *nsenter.Nsenter, rootDir string) Interface {
-	return nil
-}
-
 // isDriveLetterPath returns true if the given path is empty or it ends with ":" or ":\" or ":\\"
 func isDriveLetterorEmptyPath(path string) bool {
 	if path == "" || strings.HasSuffix(path, ":\\\\") || strings.HasSuffix(path, ":") || strings.HasSuffix(path, ":\\") {

staging/src/k8s.io/mount-utils/mount_linux.go

@@ -722,7 +722,7 @@ func (mounter *SafeFormatAndMount) GetDiskFormat(disk string) (string, error) {
 	return getDiskFormat(mounter.Exec, disk)
 }
 
-// ListProcMounts is shared with NsEnterMounter
+// ListProcMounts returns a list of all mounted filesystems.
 func ListProcMounts(mountFilePath string) ([]MountPoint, error) {
 	content, err := readMountInfo(mountFilePath)
 	if err != nil {
@@ -776,7 +776,6 @@ func parseProcMounts(content []byte) ([]MountPoint, error) {
 // Some filesystems may share a source name, e.g. tmpfs. And for bind mounting,
 // it's possible to mount a non-root path of a filesystem, so we need to use
 // root path and major:minor to represent mount source uniquely.
-// This implementation is shared between Linux and NsEnterMounter
 func SearchMountPoints(hostSource, mountInfoPath string) ([]string, error) {
 	mis, err := ParseMountInfo(mountInfoPath)
 	if err != nil {