Sure thing. I am working on something similar for a different LXC-based deployment layer. One of the biggest challenges is keeping the payload (ie. container) naieve of the actual hardware (ie. virtualized interface to the outside world), both in terms of kernel driver requirements and in terms of network topologies. Then, for any nontrivial deployment, you also have to hand over information about services to which it may wish to connect, which may not be appropriate to hardcode. If you would like to thrash this out with me I'd be keen.