The usual way to deploy such things is actually to create 1 VM for that application, install podman, and then run all those tons of containers in that VM. Because you cannot trust software vendors to not do or require stupid shit like requiring the docker socket, mounting overly broad volumes from the hosts filesystem, provide working and non-stupid compose/helm/...-files and things like that. Often the support contract also requires a specific version of a specific OS, a specific kubernetes distro or something like puppet/chef/... for deployment. Since for the multitude of software vendors and requirements, we couldn't easily fulfill all those at the same time on the same kubernetes cluster or infra, we just split it up into VMs.