I'm not disagreeing that abstraction can be useful, but the overhead of a VM is unnecessary if utilizing the full potential of containers. Afterall, the Linux Kernel is acting as the hypervisor already, so might as well trust it enough to properly sandbox containers too and use the right functionality to do so. I also think that running a virtualization layer adds quite a bit of complexity, so while it is cool that projects and companies have made it work and integrated it with a container solution, eliminating the VM layer altogether seems more ideal IMO.