Can someone explain why the docker universal forwarder container requires docker.sock to be mounted? Is there a specific reason it requires this? Is there a way to get around this? From everything that I read, it's pretty much recommended that you don't do this unless absolutely necessary and you are absolutely sure you can trust the security of the container that is mounting it. Since there's always some degree of not trusting anything anymore, I find it hard to find anything that meets those requirements.
So bottom line: Do you have to mount the docker socket? Does the forwarder become useless or even function without it?
↧