nerdctl icon indicating copy to clipboard operation
nerdctl copied to clipboard
verified publisher icon containerd

Docker compatible events stream

Open mharwani opened this issue 1 year ago • 1 comments

What is the problem you're trying to solve

I'd like to start the discussion on supporting Docker compatible events with nerdctl events command. The events stream returned by nerdctl is significantly different from docker events. Example, for a container start event:

$ nerdctl events --format '{{json .}}'
{"Timestamp":"2024-03-05T18:21:13.926302522Z","Namespace":"default","Topic":"/tasks/start","Event":"{\"container_id\":\"51885cadba61b9640f0ea80eb716b2f2e2bc60b42595db07bd8759e06b270fdb\",\"pid\":49760}"}

$ docker events --format '{{json .}}'
{"status":"start","id":"84f2374dda918b45b0d775409f17cbd2eb4ccf6f58b32b80493e9bac3bd240d2","from":"alpine","Type":"container","Action":"start","Actor":{"ID":"84f2374dda918b45b0d775409f17cbd2eb4ccf6f58b32b80493e9bac3bd240d2","Attributes":{"image":"alpine","name":"sweet_noyce"}},"scope":"local","time":1709663022,"timeNano":1709663022762686221}

Some of the events are not reported (eg: networking and volume related events) because they are not integrated with containerd. This breaks certain tools that rely on event notifications.

Describe the solution you'd like

I'd like to have a docker compatible option, or have it be the default mode:

$ nerdctl events --format '{{json .}}' --mode "dockercompat"

Additional context

The events command in nerdctl simply reports events emitted by containerd. However, I think as a CLI, nerdctl should have the ability to report its own events for features such as network and volume management. Additionally, having its own set of events would make it easier for nerdctl to output a Docker compatible events stream.

mharwani avatar Mar 05 '24 18:03 mharwani

I have an approach in mind that I'd like to review with the community:

The CLI will publish all Docker compatible events to containerd with "dockercompat" topic prefix, eg: /dockercompat/container/start. Allows us to easily filter "dockercompat" and "native" events. Looking at the Docker API spec, there are certain events that cannot be published during CLI actions:

  • containers: destory, die, exec_die
  • networks: disconnect

These events are reported when a container process stops and exits. I think using an OCI-hook to publish them would be suitable here.

Let me know if you have suggestions. I'm happy to take this issue. Thanks!

mharwani avatar Mar 05 '24 18:03 mharwani