[Reventlov]

Being able to run rootful stuff in rootless containers is nice for CI where you need for example to install a bunch of stuff or mount things. There are stuff that requires being root, and you might not want to give a real root access to your CI.

[sgsag33]

I would do that up front with a tailered CI job image I would reuse instead of creating it each time again?!

[Taywee]

Yes, there are other ways to do it, but adding another tool as an option is good, too. Being able to nest containers makes composeability a little bit better, too. For instance, if I want an image that effectively has multiple base images, instead, I can just run both base images in containers inside of the parent container. You can bundle a lot of related containers into an arbitrary app container. It's a natural expression of programming composition into a containerization context, in my opinion.

Containers being nestable components makes a lot of natural wants much more natural to express.