As an alternative to bind mounting /var/lib/docker.sock to use the Docker daemon running on the host, add a command-line option to start another docker daemon inside the container.
This will allow running containers which allocate ports or other resources already allocated by the containers already running on the host.
Even though this approach is probably less efficient than relying on host Docker daemon, it will also reduce the attack vector to the host in case malicious containers are run inside goagent-docker.
As an alternative to bind mounting
/var/lib/docker.sockto use the Docker daemon running on the host, add a command-line option to start anotherdocker daemoninside the container.This will allow running containers which allocate ports or other resources already allocated by the containers already running on the host.
Even though this approach is probably less efficient than relying on host Docker daemon, it will also reduce the attack vector to the host in case malicious containers are run inside goagent-docker.
See also https://at.projects.genivi.org/jira/browse/TOOL-68