Because all of the containers may not be of the same operating system? Networking on containers is also a bit different.
There are also reasons for having some more isolation between guest OSes.
On my ESXi box at home I have:
* A VM that hosts my NAS shares. This does nothing other than host the NAS shares, as I want to be sure no silly experiment of mine interferes with that.
* A general-purpose VM, where I do run some containers out of (UniFi controller, Plex, etc)
* A VM running Windows Server for my Domain Controller
* A secondary vSwtich with isolated no uplink to the rest of the network. This is my mini malware testing lab.
* A VM running pfSense that I'll sometimes use to allow selective access out of the isolated vSwtich out to the internet, but not to the rest of the network.
I have many use-cases where containers are simply unsuitable.
I'm using FreeBSD, but these apply just as well to Linux. I wanted to run ZoneMinder, which is not available for FreeBSD, so I simply spun up a CentOS VM and installed it.
On the flip side, I wanted to run Home Assistant, Node-RED, and some related utility programs. All of these are happy to run on FreeBSD, so they can live happily in a Jail (FreeBSD's equivalent to a container).
Some people virtualize their router by dedicating a NIC to the appropriate VM. I don't know if this would even be possible in a container.
I run proxmox on my 16 thread ryzen and would love more cores.
I currently run 4 linux vms for my kubernetes cluster and a
4 core macOS vm with passthrough for my gtx 1080i. I have 64 gb of memory so the only thing stopping me from running my windows 10 and arch desktop vms at the same time is more cores.
Not everything runs great on containers. My internal firewall is a pfSense, BSD based which doesn't run on a linux kernel.
Atleast 3 VMs need patched kernels or more recent kernels/regular kernel updates than the host provides.
Additionally VMs provide a bit more isolation than a simple container (atleast unless you do unpriv'd container).
I do have containers too, about 20 of them, half of them unpriv'd, all of them LXC. Docker is not suitable for my use case at all and frankly I don't think you should suggest someone should switch to Docker without knowing their use cases.
There are also reasons for having some more isolation between guest OSes.
On my ESXi box at home I have:
* A VM that hosts my NAS shares. This does nothing other than host the NAS shares, as I want to be sure no silly experiment of mine interferes with that.
* A general-purpose VM, where I do run some containers out of (UniFi controller, Plex, etc)
* A VM running Windows Server for my Domain Controller
* A secondary vSwtich with isolated no uplink to the rest of the network. This is my mini malware testing lab.
* A VM running pfSense that I'll sometimes use to allow selective access out of the isolated vSwtich out to the internet, but not to the rest of the network.
Can't do all that with containers.