I don't know how others feel, but to me docker is definitely less complex internally than a VM. For one, I'm running a single kernel/set of drivers rather than two.
But operationally yeah I agree, the stricter separation could make it easier to use a VM to get stuff done.
Just to clarify a bit. A VM is already a container.
When you run docker inside a VM it’s another level of abstraction.
Yes, one can run docker containers on bare metal, however the isolation is poor and so is the security guarantees.
In terms of excess abstraction, with VMs or bare metal you just need to learn the essentials that you need to know anyways like for example linux networking and security. With docker there is additionally container networking.
But operationally yeah I agree, the stricter separation could make it easier to use a VM to get stuff done.