Docker is a popular front end single application virtualization engine based on OS level virtualization LXC (Linux Containers), but what is exciting here,

• Portable - single file (I believe)
• Low overhead - should run inside of my Ubuntu KVM
• Has become cross-platform (in a sense) 
• Works with the vanilla Linux kernel (no patching).

Unlike LXC containers Docker containers do no behave like lightweight VMs and cannot be treated as such. Docker containers are restricted to a single application by design. The Docker base OS template is pared down to a single app environment and does not have a proper init or support things like services, daemons, syslog, cron or running multiple applications. (from http://www.flockport.com/lxc-vs-docker/ - this can be explained and worded better?)

References

LXC vs Docker - http://www.flockport.com/lxc-vs-docker/

Discusses security - https://blog.docker.com/2013/08/containers-docker-how-secure-are-they/

...