Investigate integrating an OCI-compatible low-level container runtime

Right now we use something that's close to a low-level container runtime in itzo, supporting namespaces, capabilities, etc.

However, for better conformance and reduced maintenance overhead, it might makes sense to use an existing OCI-compatible runtime like runc, crun or something similar. This would help us get very close to 100% conformance, and itzo could be leaner.