I am still not following. Where was OP talking about wanting to nest containers?
Slightly off-topic, on the topic of nesting containers: Have you run gVisor successfully in such a setup? I seem to remember using gVisor to run the child container is not that easy and gVisor might still need some syscalls(?) that the parent container might not allow. I might be misremembering, though.
