paravirtualized VM instead of DOCKER
There is a huge problem on docker userspace virtualizaion, isolation is not possible and the underlying host is exposed on many ways, it would be perfect to have simple paravirtiualization with dockerfile for similar to creating docker images
Actually, Aporeto is already working on this for Rkt, which can be used under Kubernetes. See the comments for more information.
It's such a good idea, someone's already working on it -- not for Docker, but for CoreOS / Rkt. The interface to rkt is similar to that of Docker; and it can already be used under Kubernetes.
You can get a summary of the idea here:
And the prototype can be found here: