cgroup type interfaces are not very portable, havent really looked at the interfaces. You could use a tun/tap interface and a userspace network stack (eg NetBSD rump kernel is portable).

I don't understand, binary/lib usually doesn't share across platforms.

Right. You could have a container which has universal dylibs and static libs for x86_64/i386 compiled for Darwin in one directory and ELF shared objects and static libraries compiled for x86_64/i386 for Linux, logic to detect the platform and the main application binaries compiled for multiple platforms. And why not throw Windows in there too?

This would create a universal container, assuming all major OSes acquire facilities for process control groups, namespaces and chroot.

Disk space is no longer a consideration. The containers can be as big as we want - why not make them run natively everywhere?

Why bother? I'd be far simpler, and more resource efficient, to run whatever the user prefers of Xen/Virtualbox/Vmware or "bare" Linux as the base and not have to create monstrous franken-containers.

Well, speaking from personal experience, I develop on Mac OS X and deploy to Linux. It would be helpful to be able to run the same container on both for testing purposes.