You can tear down the host server, then recreate it with not much more than a `git clone` and `docker run`.
2. Precise test environment. I can mirror my entire production environment onto my laptop. No internet connection required! You can be on a train, on a plane, on the beach, in a log cabin in the woods, and have a complete testing environment available.
Docker is not a security technology. You still need to run each service on a separate host kernel, if you want them to be properly isolated.
This is a simple bind-mount and isn't special at all.
mount("/foo", "/container/foo", "none", MS_BIND);