I've found docker is as of a monstrous pet.
Docker is a monster that you have to treat as a pet. You've still got to pet it through stages of updating, monitoring, snapshots and networking. When the internal system breaks it's no different to a server collapsing.
Snapshots are a haircut for the monster, useful but can make things worse.
Not in my experience, super easy to setup a K3s cluster in a single rack. Certainly less hassle than VMWare was or XEN ever was.
I find the same with Systemd and Docker.
Some can tame the beast, for me it's always a fight until one of us holds down the power button.