I find myself wondering if these containers are nestable.
That is, the whole reason we need any virtualisation is applications (whole working systems) expect something which strongly resembles a single Linux box. Virtualisation provides that illusion, while isolating the application.
In the old days, it was enough to use 'processes' and 'directories' :-)
But applications grew, and did cleverer things like configure their own firewalls and virtual networks, and decided they really depend on a thing which looks strongly like a single Linux box.
Pretty soon, someone is going to decide that these containers are really neat, that you can put Apache in one, DNS in another, SMTP in another, etc., and build whole working systems like that.
Then someone else is going to want to take that working system, and run _that_ in a container... Will it work? Will the containers nest?