Sensu-Client inside Docker container

It depends on what checks you want to run. A lot of system-level checks work fine if you run sensu container with --net=host and --privileged flags.--net=host not just allows you to see the same hostname and IP as host system, but also all the tcp connections and interface metric will match for container and host.

--privileged gives container full access to system metrics like hdd, memory, cpu.

Tricky thing is checking external process metrics, as docker isolates it even from privileged container, but you can share host's root filesystem as docker volume ( -v /:/host) and patch check to use chroot or use /host/proc instead of /proc.

Long story short, some checks will just work, for others you need to patch or develop your own way, but sensu in docker is one possible way.

an unprivileged docker container cannot check processes outside of it's container because docker uses kernel namespaces to isolate it from all other processes running on the host. This is by design: docker security documentation

If you would like to run a super privileged docker container that has this namespace disabled you can run:

docker run -it --rm --privileged --pid=host alpine /bin/sh

Doing so removes an important security layer that docker provides and should be avoided if possible. Once in the container, try running ps auxf and you will see all processes on the host.

I don't think this is possible right now. If the processes in the host instance are running inside docker, you can mount the socket and get the status from the sensu container