You expect people to read a book to find out your perspective? Do you have cliff notes on why using isolation mode doesn’t provide a security boundary?
Containers provide resource isolation using a shared kernel but are not intended to be used in hostile multitenancy scenarios.
A key feature of OS virtualisation is the strong segmentation boundary between
1. Guests
2. Guests and the hypervisor.
For this reason, VMs are seen to provide a stronger security boundary than containers and are used in preference where that aspect is critical owing to environment, multi-tenancy, business context.
So again, what about isolation mode? I don’t know what this is called in the linux world but in windows this feature does exactly this. Still a shared kernel but a far cry from what your explaining.
https://info.aquasec.com/container-security-book