Ok I'm genuinely considering doing a small alpine VM for each of my services, instead of a docker container. The goal is to reduce the probability of some application being compromised and the malicious actor breaking out of the podman container.

Is this overkill? Unhelpful? Wasteful?