consider a treat model where the contents of the virtual instance is extremely hostile. Both on memory access abuse, cpu instructions exploits and network. Not to mention attempts to abuse convenience features such as mounting host filesystem inside etc.
there are many containerd alternatives, but they all seem to sacrifice security/isolation for performance. Docker and such are not even a contender as they value integration and convenience above all.
Kata containers seems like the best bet, and they even advertise security, but they also fail to work without virtualization and network poking holes on the host. And their recommended way to install containerd is inside an unsecured containerd instance running k8s. which is odd as any exploit on their controller would not be isolated from the host.
The best bet you have to run this type of payload as far as I know would be QEMU usermode emulation (ideally with para/mismatch architecture) with user-mode-network port-forward into the virtualized instance.
But then you lose all the convenience of OCI.
Is there any way to have both?
