- name: hanging-cgroup-release.sh
  copy:
    dest: '/opt/hanging-cgroup-release.sh'
    content: |
      #!/bin/bash
      set -ex
      set -o pipefail

      cgroup_count() {
        echo "Current cgroup count: $(find /sys/fs/cgroup/*/system.slice -name tasks | wc -l)"
      }

      DATE=$(date)
      echo "$(cgroup_count)"
      echo   # Stop systemd mount unit that isn't actually mounted
      echo "Stopping Kubernetes systemd mount units that are not mounted to the system."
      echo "sed extracts systemd output to just be the unit ($1) and the mountpoint ($2)."
      echo "1st xargs filters it by test -d $2 || echo $1."
      echo "2nd xargs removes the entries ($1) one by one."
      systemctl list-units --state=running | \
        sed -rn '/Kubernetes.transient.mount/s,(run-\S+).+(/var/lib/kubelet/pods/.+),\1 \2,p' | \
        xargs -r -l1 sh -c 'test -d $2 || echo $1' -- | \
        xargs -r -tl1 systemctl stop |& wc -l
      echo "$(cgroup_count)"
    owner: root
    group: root
    mode: '0755'
- name: hanging-cgroup-release.service
  copy:
    dest: '/etc/systemd/system/hanging-cgroup-release.service'
    content: |
      [Unit]
      Description=hanging-cgroup-release service
      After=network.target

      [Service]
      ExecStart=/opt/hanging-cgroup-release.sh

      [Install]
      WantedBy=multi-user.target
    owner: root
    group: root
    mode: '0644'
- name: start-cgroup-service
  systemd:
    name: hanging-cgroup-release.service
    enabled: yes
- name: hanging-cgroup-release.timer
  copy:
    dest: '/etc/systemd/system/hanging-cgroup-release.timer'
    content: |
      [Unit]
      Description=10min Timer Target
      Requires=hanging-cgroup-release.service
      After=network.target

      [Timer]
      Unit=hanging-cgroup-release.service
      OnCalendar=*:0/10

      [Install]
      WantedBy=multi-user.target
    owner: root
    group: root
    mode: '0644'
- name: start-cgroup-timer
  systemd:
    name: hanging-cgroup-release.timer
    enabled: yes