Both. The hardware virtualization related settings are configured out side of OCI spec but the runtime accept OCI spec and plays with it accordingly. As for image format, Kata runs unchanged docker images.

The most important challenge that Docker faced was where it wanted to position itself, IWO, as a solid stable building block for container infrastructure, or as a all-in-one-alike container solution. Now that Docker has made its decision to push Swarm mode, it is getting better for productions. There are instabilities here and there but it will come around sooner or later.

well, checkout hypercontainer (https://hypercontainer.io/) that runs on Linux, uses VMs and performs like containers.

No killing yourself necessary, really ;)

except when it comes to a many-level-image, AUFS performance degrades dramatically

Another funny thing is that Docker just got slapped in the face "Docker in Production: A History of Failure" (https://news.ycombinator.com/item?id=12872304).

I wouldn't consider that a slap in the face. It's a rant, it's not the first about Docker and it won't be the last. Docker seems to be doing just fine despite that and many posts like it. Though the author has some good points it's riddled with statements that range from dubious to factually false.

Interesting! A relevant topic ("Hyper is Docker Done the Right Way" by TheNewStack) came up in HN first page as well.

Is it how Docker should have been designed to embrace production in the first place?

https://news.ycombinator.com/item?id=12873089

It pulls images from Docker Hub when you type `hyper pull`.

It supports volumes so that you can save persistent data in a volume.