[dragonsh]

LXC existed before Docker and indeed as I said Docker initially built on top of LXC. So LXD is not an afterthought as you tried to put it, it’s way before Docker and k8s. Docker and k8s became popular given marketing money put on them.

Also rootless container has been a feature of LXC since 1.0 in 2013-14, which could not be incorporated in Docker as they tried to re-invent the wheels by writing their own libcontainer which eventually resulted in many vulnerabilities which even impacted k8s even in 2019.

Still today unless one use a managed version of k8s or use managed service by major cloud provider the infrastructure will be insecure with k8s given most of the Docker images still not tested as rootless containers. Also for a small team it’s pretty hard to have secure self-hosted k8s infrastructure given sheer complexity and moving parts.