make kubelet sysctl constants private

pkg/kubelet/sysctl/namespace.go

@@ -25,28 +25,28 @@ type Namespace string
 
 const (
 	// the Linux IPC namespace
-	IpcNamespace = Namespace("ipc")
+	ipcNamespace = Namespace("ipc")
 
 	// the network namespace
-	NetNamespace = Namespace("net")
+	netNamespace = Namespace("net")
 
 	// the zero value if no namespace is known
-	UnknownNamespace = Namespace("")
+	unknownNamespace = Namespace("")
 )
 
 var namespaces = map[string]Namespace{
-	"kernel.sem": IpcNamespace,
+	"kernel.sem": ipcNamespace,
 }
 
 var prefixNamespaces = map[string]Namespace{
-	"kernel.shm": IpcNamespace,
-	"kernel.msg": IpcNamespace,
-	"fs.mqueue.": IpcNamespace,
-	"net.":       NetNamespace,
+	"kernel.shm": ipcNamespace,
+	"kernel.msg": ipcNamespace,
+	"fs.mqueue.": ipcNamespace,
+	"net.":       netNamespace,
 }
 
 // NamespacedBy returns the namespace of the Linux kernel for a sysctl, or
-// UnknownNamespace if the sysctl is not known to be namespaced.
+// unknownNamespace if the sysctl is not known to be namespaced.
 func NamespacedBy(val string) Namespace {
 	if ns, found := namespaces[val]; found {
 		return ns
@@ -56,5 +56,5 @@ func NamespacedBy(val string) Namespace {
 			return ns
 		}
 	}
-	return UnknownNamespace
+	return unknownNamespace
 }

pkg/kubelet/sysctl/namespace_test.go

@@ -22,10 +22,10 @@ import (
 
 func TestNamespacedBy(t *testing.T) {
 	tests := map[string]Namespace{
-		"kernel.shm_rmid_forced": IpcNamespace,
-		"net.a.b.c":              NetNamespace,
-		"fs.mqueue.a.b.c":        IpcNamespace,
-		"foo":                    UnknownNamespace,
+		"kernel.shm_rmid_forced": ipcNamespace,
+		"net.a.b.c":              netNamespace,
+		"fs.mqueue.a.b.c":        ipcNamespace,
+		"foo":                    unknownNamespace,
 	}
 
 	for sysctl, ns := range tests {

pkg/kubelet/sysctl/whitelist.go

@@ -58,13 +58,13 @@ func NewWhitelist(patterns []string) (*patternWhitelist, error) {
 		if strings.HasSuffix(s, "*") {
 			prefix := s[:len(s)-1]
 			ns := NamespacedBy(prefix)
-			if ns == UnknownNamespace {
+			if ns == unknownNamespace {
 				return nil, fmt.Errorf("the sysctls %q are not known to be namespaced", s)
 			}
 			w.prefixes[prefix] = ns
 		} else {
 			ns := NamespacedBy(s)
-			if ns == UnknownNamespace {
+			if ns == unknownNamespace {
 				return nil, fmt.Errorf("the sysctl %q are not known to be namespaced", s)
 			}
 			w.sysctls[s] = ns
@@ -83,20 +83,20 @@ func NewWhitelist(patterns []string) (*patternWhitelist, error) {
 func (w *patternWhitelist) validateSysctl(sysctl string, hostNet, hostIPC bool) error {
 	nsErrorFmt := "%q not allowed with host %s enabled"
 	if ns, found := w.sysctls[sysctl]; found {
-		if ns == IpcNamespace && hostIPC {
+		if ns == ipcNamespace && hostIPC {
 			return fmt.Errorf(nsErrorFmt, sysctl, ns)
 		}
-		if ns == NetNamespace && hostNet {
+		if ns == netNamespace && hostNet {
 			return fmt.Errorf(nsErrorFmt, sysctl, ns)
 		}
 		return nil
 	}
 	for p, ns := range w.prefixes {
 		if strings.HasPrefix(sysctl, p) {
-			if ns == IpcNamespace && hostIPC {
+			if ns == ipcNamespace && hostIPC {
 				return fmt.Errorf(nsErrorFmt, sysctl, ns)
 			}
-			if ns == NetNamespace && hostNet {
+			if ns == netNamespace && hostNet {
 				return fmt.Errorf(nsErrorFmt, sysctl, ns)
 			}
 			return nil