diff --git a/test/e2e/node/mount_propagation.go b/test/e2e/node/mount_propagation.go
index 44487c758ac..b1fa8fc4e37 100644
--- a/test/e2e/node/mount_propagation.go
+++ b/test/e2e/node/mount_propagation.go
@@ -18,6 +18,7 @@ package node
 
 import (
 	"fmt"
+	"strings"
 
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -79,7 +80,7 @@ func preparePod(name string, node *v1.Node, propagation *v1.MountPropagationMode
 var _ = SIGDescribe("Mount propagation", func() {
 	f := framework.NewDefaultFramework("mount-propagation")
 
-	ginkgo.It("should propagate mounts to the host", func() {
+	ginkgo.It("should propagate mounts within defined scopes", func() {
 		// This test runs two pods: master and slave with respective mount
 		// propagation on common /var/lib/kubelet/XXXX directory. Both mount a
 		// tmpfs to a subdirectory there. We check that these mounts are
@@ -180,15 +181,29 @@ var _ = SIGDescribe("Mount propagation", func() {
 				}
 			}
 		}
-		// Check that the mounts are/are not propagated to the host.
-		// Host can see mount from master
-		cmd = fmt.Sprintf("test `cat %q/master/file` = master", hostDir)
-		err = hostExec.IssueCommand(cmd, node)
-		framework.ExpectNoError(err, "host should see mount from master")
 
-		// Host can't see mount from slave
-		cmd = fmt.Sprintf("test ! -e %q/slave/file", hostDir)
-		err = hostExec.IssueCommand(cmd, node)
-		framework.ExpectNoError(err, "host shouldn't see mount from slave")
+		// Find the kubelet PID to ensure we're working with the kubelet's mount namespace
+		cmd = "pidof kubelet"
+		kubeletPid, err := hostExec.IssueCommandWithResult(cmd, node)
+		framework.ExpectNoError(err, "Checking kubelet pid")
+		kubeletPid = strings.TrimSuffix(kubeletPid, "\n")
+		framework.ExpectEqual(strings.Count(kubeletPid, " "), 0, "kubelet should only have a single PID in the system (pidof returned %q)", kubeletPid)
+		enterKubeletMountNS := fmt.Sprintf("nsenter -t %s -m", kubeletPid)
+
+		// Check that the master and host mounts are propagated to the container runtime's mount namespace
+		for _, mountName := range []string{"host", master.Name} {
+			cmd := fmt.Sprintf("%s cat \"%s/%s/file\"", enterKubeletMountNS, hostDir, mountName)
+			output, err := hostExec.IssueCommandWithResult(cmd, node)
+			framework.ExpectNoError(err, "host container namespace should see mount from %s: %s", mountName, output)
+			output = strings.TrimSuffix(output, "\n")
+			framework.ExpectEqual(output, mountName, "host container namespace should see mount contents from %s", mountName)
+		}
+
+		// Check that the slave, private, and default mounts are not propagated to the container runtime's mount namespace
+		for _, podName := range []string{slave.Name, private.Name, defaultPropagation.Name} {
+			cmd := fmt.Sprintf("%s test ! -e \"%s/%s/file\"", enterKubeletMountNS, hostDir, podName)
+			output, err := hostExec.IssueCommandWithResult(cmd, node)
+			framework.ExpectNoError(err, "host container namespace shouldn't see mount from %s: %s", podName, output)
+		}
 	})
 })