Great article! And it sounds like music to my ears. In fact everything you describe is exactly what we offer at Boxfuse (https://boxfuse.com). Except that we take it one step further: we generate a minimal image (5 MB for a whole AMI for a Go app for example, in a couple of seconds) on the fly. This reduces image size, attack surface and launch times. On top of that it removes the need to deal with the complexity of dealing with containers and having to solve every problem you had at the instance layer again at the container layer.