What is the recommended approach to the provisioning of HAT container (from a security and cost perspective)?
1. Multiple containers (Dockers) sharing the Linux kernel in a VM (Linux Container - Shared Kernels), or
2. Single container (Docker) with isolated Linux kernel in a VM (Container per VM - Duplicated Kernels)