Hi @snir911. Thanks for your PR.

I'm waiting for a cri-o member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Codecov Report

❌ Patch coverage is 46.34146% with 22 lines in your changes missing coverage. Please review.
✅ Project coverage is 63.90%. Comparing base (14e7ced) to head (3dd90b8).
⚠️ Report is 9 commits behind head on main.

@@            Coverage Diff             @@
##             main    #9499      +/-   ##
==========================================
+ Coverage   63.85%   63.90%   +0.04%     
==========================================
  Files         205      205              
  Lines       28699    28722      +23     
==========================================
+ Hits        18327    18355      +28     
+ Misses       8746     8743       -3     
+ Partials     1626     1624       -2     

@snir911, what happens when the ContainerCreateTimeout is set to, let's say, 600 (10 minutes), but kubelet's runtimeRequestTimeout is lower than that?

What I think that would happen is that kubelet's runtimeRequestTimeout would be the value respected in this case, which makes me think it's at least worth it adding to the documentation that the value set here depends also on the kubelet's value.

That's right, I'll mention it, thanks @fidencio !

/ok-to-test

/release-note-edit

Added `container_create_timeout` option to control timeout duration of container creation

@bitoku: /release-note-edit must be used with a single release note block.

@saschagrunert @bitoku recent changes includes:

1. skipping the execution test for runtime_vm as i cannot intercept the create calls for the shim
2. modify log text to be persistent
3. rebase
   (current error seems unrelated )

Another look will be appreciated, thanks

@snir911

skipping the execution test for runtime_vm as i cannot intercept the create calls for the shim

I thought this is needed especially for runtime_vm. It doesn't make sense to disable the test for vm.
Is it just a test infra issue, or code?

It doesn't make sense to disable the test for vm. Is it just a test infra issue, or code?

@bitoku You’re correct. However, at the moment I have no idea how to simulate the hanging CreateContainer call in this test infra. When containerd-shim-v2 is used, the CreateContainer call is performed over ttrpc, so I can’t intercept it with a simple wrapper like we do in the runtime_oci case.

If it is possible, it will probably require a more complex test scenario, so it might make sense to implement it separately.

@snir911
Alright, can you add more explanation why we can't test it in the test code?
Then I'm good to merge this one.

Alright, can you add more explanation why we can't test it in the test code?
Then I'm good to merge this one.

@bitoku done, BTW how the two pending checks can be triggered?

They seem running. let me wait for the tests to be green.

/lgtm

@snir911 Thank you for your contribution and patience!

/retest