Currently, docker containers that run within each Type-1 VM runs in privelegd mode. This isnt' ideal from a Defense-in-Depth perspective. The plan is to implement the following guidance such that each application-level container runs in it's own non-root user namespace.
Run the Docker daemon as a non-root user (Rootless mode)
Run the Docker daemon as a non-root user (Rootless mode)
How to Run Docker in Rootless Mode
How to run Docker containers on Linux without root privileges.
