It provides just as much addition as running redis in a docker container. As for the "libcontainer explicitly doesn't claim security as a feature" do you have a source for this I'm curious ? Running things in containers provide isolation and should provide an extra layer of security (I no expert so prove me I'm wrong :) ). In the future it can provide resources isolation (CPU, memory ...). Also, at scale, I don't know anyone who is ready to setup namespaces and stuff manually.